$ rpki-client -vvf rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/3522CF4E168811EF8040817EC4F9AE02.roa File: 3522CF4E168811EF8040817EC4F9AE02.roa (raw, json) Hash identifier: bEx+57BQwSmXNBcGQeSfgjX5vb+zZEaNP/mDVmKg8PE= Subject key identifier: 65:7C:8F:06:BD:9E:B3:C1:28:9B:94:02:B9:55:1A:DB:A8:0C:D4:BF Certificate issuer: /CN=A9139555/serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Certificate serial: 01E7 Authority key identifier: 43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/3522CF4E168811EF8040817EC4F9AE02.roa Signing time: Fri 31 May 2024 05:02:16 +0000 ROA not before: Fri 31 May 2024 05:02:16 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 45269 IP address blocks: 43.225.144.0/22 maxlen: 23 103.31.112.0/22 maxlen: 23 180.148.176.0/22 maxlen: 23 202.14.147.0/24 maxlen: 24 203.176.184.0/22 maxlen: 23 2406:c200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 487 (0x1e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139555/serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Validity Not Before: May 31 05:02:16 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=665959d8-1b87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d8:de:2f:ea:b7:78:9f:9b:24:ac:16:10:12: da:fa:9d:4d:f9:1c:4d:34:79:c7:41:e1:47:80:32: 69:70:25:da:e6:dc:77:63:4d:9b:f3:ec:3b:2b:04: 98:a2:ad:fe:72:39:e9:ef:bd:f3:d2:55:7e:e1:ec: 10:97:93:ca:49:ad:87:f0:1d:d6:64:2c:9f:16:5b: b4:f7:8d:f7:87:a6:2d:e0:59:a0:9e:fc:40:f9:61: 88:37:71:6b:55:72:ca:3e:d8:d3:e3:6f:14:63:85: cf:f9:17:f7:75:d3:d3:dc:d8:f2:d5:31:d2:31:58: 61:8a:ee:99:ce:1b:f3:50:92:35:d4:d4:3b:29:a2: 6c:75:22:c6:07:29:63:23:79:4d:2f:b4:b7:4e:01: 0d:81:c4:66:f7:63:7a:ed:5c:80:15:d4:19:dd:11: e2:c1:aa:46:34:ea:69:77:26:c2:73:57:28:cf:94: cb:ca:50:32:98:cc:44:e5:39:68:8d:e7:b8:e8:62: 2c:fa:9c:a6:e3:63:d8:40:43:a5:9f:51:c3:a4:97: 87:1f:7e:50:c7:47:c0:c8:6c:c0:17:db:85:a0:48: 5e:13:12:d1:57:13:96:eb:e2:ad:cb:51:aa:6f:f9: 18:61:ee:97:5c:de:3c:b4:33:bc:7c:5d:35:34:fc: ca:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:7C:8F:06:BD:9E:B3:C1:28:9B:94:02:B9:55:1A:DB:A8:0C:D4:BF X509v3 Authority Key Identifier: keyid:43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/3522CF4E168811EF8040817EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.144.0/22 103.31.112.0/22 180.148.176.0/22 202.14.147.0/24 203.176.184.0/22 IPv6: 2406:c200::/32 Signature Algorithm: sha256WithRSAEncryption 2d:7b:3f:9d:29:c0:75:36:2b:54:eb:70:85:b3:97:a9:b6:84: 44:42:7a:2d:82:3d:22:71:ea:a6:03:f6:09:01:06:38:1a:88: 12:36:41:cc:65:35:6e:41:a0:0a:7e:2f:93:25:89:74:30:a1: c2:fd:13:9a:3d:06:21:04:17:bf:d2:cc:eb:f0:32:03:fd:7c: 46:c7:af:ba:e1:83:71:86:5c:66:ec:c0:cb:7d:69:df:3c:f5: 26:8f:0a:9d:20:08:1d:17:21:1e:c5:f5:0f:8c:e6:67:00:4f: e8:cc:2e:20:eb:7b:fe:a8:06:9b:11:a2:a5:32:0d:bb:17:9f: 26:ff:7b:6d:b0:78:0c:f2:37:52:51:5c:6f:c3:cb:60:0d:67: 4b:52:6a:f4:53:7c:45:60:f9:ab:25:e0:4d:16:26:f0:26:f1: 72:79:e3:80:a4:2a:7b:24:4a:d6:47:ee:9e:90:03:d5:b9:75: 73:7d:24:71:96:0d:e1:30:a0:3a:70:ec:99:71:7c:23:15:bc: 2f:f6:bc:31:6c:78:4b:62:5b:3a:2d:b1:d2:26:16:d4:55:f9: e9:a5:40:2a:1f:c0:32:0f:1f:4e:30:42:6e:83:05:e2:32:63: 7c:16:f5:b0:b5:71:6d:97:8a:63:e3:4d:55:50:b6:d8:30:49: b4:46:d4:76 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICAecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk1NTUxMTAvBgNVBAUTKDQzNjVEMTc5RDVCNzNFOEE5N0VERTA1MDVGMjlFRjAw QzJENjNFRjkwHhcNMjQwNTMxMDUwMjE2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjU5NTlkOC0xYjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0tjeL+q3eJ+bJKwWEBLa+p1N+RxNNHnHQeFHgDJpcCXa5tx3Y02b8+w7KwSY oq3+cjnp773z0lV+4ewQl5PKSa2H8B3WZCyfFlu09433h6Yt4FmgnvxA+WGIN3Fr VXLKPtjT428UY4XP+Rf3ddPT3Njy1THSMVhhiu6ZzhvzUJI11NQ7KaJsdSLGBylj I3lNL7S3TgENgcRm92N67VyAFdQZ3RHiwapGNOppdybCc1coz5TLylAymMxE5Tlo jee46GIs+pym42PYQEOln1HDpJeHH35Qx0fAyGzAF9uFoEheExLRVxOW6+Kty1Gq b/kYYe6XXN48tDO8fF01NPzKHQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFGV8jwa9 nrPBKJuUArlVGtuoDNS/MB8GA1UdIwQYMBaAFENl0XnVtz6Kl+3gUF8p7wDC1j75 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTU1NS9EQzdEMTQ1QTAy MkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1BvcVg3ZUJRWHludkFNTFdQ dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1EyWFJlZFczUG9xWDdlQlFYeW52QU1MV1B2ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mzk1NTUvREM3RDE0NUEwMjJEMTFFRDlENjQ2QjU3QzRGOUFFMDIvMzUyMkNGNEUx Njg4MTFFRjgwNDA4MTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr4ZADBAJnH3ADBAK0lLADBADKDpMDBALLsLgwDQQCAAIw BwMFACQGwgAwDQYJKoZIhvcNAQELBQADggEBAC17P50pwHU2K1TrcIWzl6m2hERC ei2CPSJx6qYD9gkBBjgaiBI2QcxlNW5BoAp+L5MliXQwocL9E5o9BiEEF7/SzOvw MgP9fEbHr7rhg3GGXGbswMt9ad889SaPCp0gCB0XIR7F9Q+M5mcAT+jMLiDre/6o BpsRoqUyDbsXnyb/e22weAzyN1JRXG/Dy2ANZ0tSavRTfEVg+asl4E0WJvAm8XJ5 44CkKnskStZH7p6QA9W5dXN9JHGWDeEwoDpw7JlxfCMVvC/2vDFseEtiWzotsdIm FtRV+emlQCofwDIPH04wQm6DBeIyY3wW9bC1cW2XimPjTVVQttgwSbRG1HY= -----END CERTIFICATE-----Generated at Sat Nov 23 02:33:34 2024 by rpki-client on console-fra.rpki-client.org