$ rpki-client -vvf rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/78D1DAC8E45E11E681F82341C4F9AE02.roa File: 78D1DAC8E45E11E681F82341C4F9AE02.roa (raw, json) Hash identifier: 3cA1gK1HrSbV3DLfw85sASZb6DlZUxl8/X1gxVVvHLY= Subject key identifier: 91:46:69:C5:C9:A8:7C:B8:6A:8C:38:BB:A7:96:A5:DC:A4:61:45:F6 Certificate issuer: /CN=A9145519/serialNumber=7D6A330F0D01249427C7FC9DDDDCF4A828760B06 Certificate serial: 1B24 Authority key identifier: 7D:6A:33:0F:0D:01:24:94:27:C7:FC:9D:DD:DC:F4:A8:28:76:0B:06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWozDw0BJJQnx_yd3dz0qCh2CwY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/78D1DAC8E45E11E681F82341C4F9AE02.roa Signing time: Mon 20 Nov 2023 16:54:00 +0000 ROA not before: Mon 20 Nov 2023 16:54:00 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 132167 IP address blocks: 43.224.84.0/22 maxlen: 22 43.224.84.0/24 maxlen: 24 43.224.85.0/24 maxlen: 24 43.224.86.0/24 maxlen: 24 103.242.96.0/22 maxlen: 22 103.242.97.0/24 maxlen: 24 103.242.98.0/24 maxlen: 24 103.242.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/fWozDw0BJJQnx_yd3dz0qCh2CwY.crl rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/fWozDw0BJJQnx_yd3dz0qCh2CwY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWozDw0BJJQnx_yd3dz0qCh2CwY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6948 (0x1b24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9145519/serialNumber=7D6A330F0D01249427C7FC9DDDDCF4A828760B06 Validity Not Before: Nov 20 16:54:00 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=655b8f28-9f9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:8b:0e:5e:62:ff:b1:b0:09:99:17:64:d7:0a: cd:39:97:18:15:04:f5:03:81:cf:29:0a:e7:ce:cf: b3:d5:45:90:97:29:12:95:3b:73:b0:2a:50:81:87: 2f:8c:12:de:ef:36:0b:c6:ff:b6:2d:d2:c0:64:49: 19:4c:b8:d9:6c:e1:e7:9b:52:fc:8e:f8:97:86:52: 58:d8:d7:d3:69:7e:1f:93:a1:bc:47:cf:83:26:d8: d7:ad:b7:c0:09:93:03:28:ed:77:a4:6f:b7:84:fc: 1f:01:3b:b0:c5:e0:67:e1:55:31:09:6a:20:03:a1: 0e:0a:99:d8:0a:35:f3:d5:76:97:f4:65:20:92:2d: aa:27:17:33:e3:2c:3a:9b:9a:39:93:a7:79:57:aa: 35:51:65:e5:df:64:17:e6:9f:33:2c:2b:4a:91:ac: 14:07:02:81:43:6c:3e:e9:26:02:aa:26:a7:1a:e3: 3e:39:19:8d:4d:e2:e3:b6:20:d1:22:48:b2:21:55: 6c:80:36:1a:91:51:dc:c0:20:74:31:62:13:21:8c: 3b:3f:d0:73:d7:5a:79:4a:9c:42:92:a0:a8:e0:09: 97:b6:19:c8:74:2e:10:70:ab:3c:8c:28:2b:6b:85: 54:db:3d:fa:4b:b9:d2:d5:42:79:c1:a1:61:66:9e: e9:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:46:69:C5:C9:A8:7C:B8:6A:8C:38:BB:A7:96:A5:DC:A4:61:45:F6 X509v3 Authority Key Identifier: keyid:7D:6A:33:0F:0D:01:24:94:27:C7:FC:9D:DD:DC:F4:A8:28:76:0B:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/fWozDw0BJJQnx_yd3dz0qCh2CwY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWozDw0BJJQnx_yd3dz0qCh2CwY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/78D1DAC8E45E11E681F82341C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.84.0/22 103.242.96.0/22 Signature Algorithm: sha256WithRSAEncryption 2e:f6:7d:b5:58:95:ad:ca:67:90:a9:35:d0:f6:1f:34:49:a9: 8d:39:77:d3:db:6b:9f:ae:ca:b0:b6:54:a4:97:24:cd:87:0f: 0c:ea:16:26:22:b0:28:18:3f:5a:cd:47:db:18:5c:5c:1e:3c: c3:17:f9:1d:99:44:44:32:01:ae:be:da:29:b3:e1:1f:7d:d2: 3e:ad:51:b5:72:9e:30:07:fb:19:b9:c2:15:96:87:47:4d:78: 70:df:cb:f5:ca:40:bd:b8:63:27:db:ec:5f:78:43:82:73:76: da:26:ab:9c:57:e0:4c:34:86:30:d3:e1:e6:6e:c7:12:c8:93: 95:d4:f7:36:8c:b9:1d:6f:10:fe:3b:ed:9f:32:69:b0:98:15: a4:33:7b:dc:a7:c4:d7:23:7c:f2:e1:2a:a2:f9:64:10:f8:9d: bf:a4:2e:54:47:37:1b:7d:ca:a8:11:67:73:83:ed:e9:9a:9e: 91:4d:83:0e:54:f7:ec:c3:51:21:81:63:c0:4f:f1:6d:3b:52: 23:50:03:2c:6c:b4:cf:5e:50:9a:32:08:a1:f4:f7:21:36:a0: 99:c3:11:ea:f3:51:1a:f8:97:c2:40:67:59:7c:23:2e:a3:a8: c9:b8:6b:77:e6:56:bf:49:f5:85:fc:4d:70:fd:6d:58:44:ad: 1f:84:14:af -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICGyQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU1MTkxMTAvBgNVBAUTKDdENkEzMzBGMEQwMTI0OTQyN0M3RkM5RERERENGNEE4 Mjg3NjBCMDYwHhcNMjMxMTIwMTY1NDAwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTViOGYyOC05ZjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzIsOXmL/sbAJmRdk1wrNOZcYFQT1A4HPKQrnzs+z1UWQlykSlTtzsCpQgYcv jBLe7zYLxv+2LdLAZEkZTLjZbOHnm1L8jviXhlJY2NfTaX4fk6G8R8+DJtjXrbfA CZMDKO13pG+3hPwfATuwxeBn4VUxCWogA6EOCpnYCjXz1XaX9GUgki2qJxcz4yw6 m5o5k6d5V6o1UWXl32QX5p8zLCtKkawUBwKBQ2w+6SYCqianGuM+ORmNTeLjtiDR IkiyIVVsgDYakVHcwCB0MWITIYw7P9Bz11p5SpxCkqCo4AmXthnIdC4QcKs8jCgr a4VU2z36S7nS1UJ5waFhZp7pfwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJFGacXJ qHy4aow4u6eWpdykYUX2MB8GA1UdIwQYMBaAFH1qMw8NASSUJ8f8nd3c9KgodgsG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTUxOS9BRDA4QUYyNkU0 NUMxMUU2OENFREZBM0VDNEY5QUUwMi9mV296RHcwQkpKUW54X3lkM2R6MHFDaDJD d1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZXb3pEdzBCSkpRbnhfeWQzZHowcUNoMkN3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDU1MTkvQUQwOEFGMjZFNDVDMTFFNjhDRURGQTNFQzRGOUFFMDIvNzhEMURBQzhF NDVFMTFFNjgxRjgyMzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr4FQDBAJn8mAwDQYJKoZIhvcNAQELBQADggEBAC72fbVY la3KZ5CpNdD2HzRJqY05d9Pba5+uyrC2VKSXJM2HDwzqFiYisCgYP1rNR9sYXFwe PMMX+R2ZREQyAa6+2imz4R990j6tUbVynjAH+xm5whWWh0dNeHDfy/XKQL24Yyfb 7F94Q4Jzdtomq5xX4Ew0hjDT4eZuxxLIk5XU9zaMuR1vEP477Z8yabCYFaQze9yn xNcjfPLhKqL5ZBD4nb+kLlRHNxt9yqgRZ3OD7emanpFNgw5U9+zDUSGBY8BP8W07 UiNQAyxstM9eUJoyCKH09yE2oJnDEerzURr4l8JAZ1l8Iy6jqMm4a3fmVr9J9YX8 TXD9bVhErR+EFK8= -----END CERTIFICATE-----Generated at Wed May 8 17:47:00 2024 by rpki-client on console-ams.rpki-client.org