$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa File: 07FF4ABC5A1011EAA8B1B456C4F9AE02.roa (raw, json) Hash identifier: FYqToCqaU6AwNyi7R3y66aQZ00VTgMEkAOYM4wvRrOg= Subject key identifier: 62:50:7F:14:1B:17:A8:0A:09:57:38:5F:A2:5E:07:5F:5E:4B:8A:09 Certificate issuer: /CN=A9148B6A/serialNumber=A9712CCB7EEE024AEB88767B762E1093B140FF6E Certificate serial: 0EA6 Authority key identifier: A9:71:2C:CB:7E:EE:02:4A:EB:88:76:7B:76:2E:10:93:B1:40:FF:6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa Signing time: Tue 18 Jul 2023 18:15:20 +0000 ROA not before: Tue 18 Jul 2023 18:15:20 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 132298 IP address blocks: 103.237.36.0/22 maxlen: 24 160.202.144.0/22 maxlen: 24 2401:e7c0::/32 maxlen: 36 2401:e7c0::/48 maxlen: 48 2401:e7c0:3::/48 maxlen: 48 2401:e7c0:4::/48 maxlen: 48 2401:e7c0:f00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.crl rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3750 (0xea6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148B6A/serialNumber=A9712CCB7EEE024AEB88767B762E1093B140FF6E Validity Not Before: Jul 18 18:15:20 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=64b6d6b8-77e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:62:5b:a4:c2:c1:e8:df:84:e6:87:53:1f:e5: 33:65:75:64:c9:d7:68:07:92:07:ef:b5:99:8e:84: 01:ce:88:d5:60:23:b1:cc:b6:d5:e4:75:dc:89:20: 51:ba:b1:0d:e1:82:4c:6b:3b:00:d9:aa:80:e9:6c: 00:81:49:c3:ec:bf:51:6f:84:5c:55:81:13:ca:54: fb:06:cf:22:d8:d8:3c:88:a9:cf:42:a2:bb:37:59: 06:62:35:80:53:21:57:59:ba:6a:f9:91:cc:5c:59: 99:08:a4:ed:6e:95:9f:69:91:ba:44:e0:0e:70:10: f6:4f:4c:2a:fc:4a:11:cb:03:b5:46:88:dc:cc:11: 10:f4:59:f9:15:de:62:2b:cd:82:62:2e:9d:25:5c: 62:f8:ab:e8:a8:f2:6b:6c:2a:45:8b:ae:2f:54:c2: 6f:dc:6f:45:df:17:59:79:57:6c:ac:a7:ec:3a:2e: 4d:89:1c:92:4e:8a:71:e8:a1:a4:07:54:41:32:c4: 6f:01:08:d0:d1:69:c3:ac:b8:f4:ed:73:d2:dd:1a: 86:2b:e7:34:73:f4:a1:4d:06:db:a3:72:0c:0a:88: 3d:b3:8b:02:ed:22:36:1f:7f:96:f8:d3:fd:63:4e: 68:3b:1e:08:63:0d:e4:85:83:59:95:14:d4:55:d5: a2:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:50:7F:14:1B:17:A8:0A:09:57:38:5F:A2:5E:07:5F:5E:4B:8A:09 X509v3 Authority Key Identifier: keyid:A9:71:2C:CB:7E:EE:02:4A:EB:88:76:7B:76:2E:10:93:B1:40:FF:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/qXEsy37uAkrriHZ7di4Qk7FA_24.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qXEsy37uAkrriHZ7di4Qk7FA_24.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B6A/0875F4964C7411E997900F55C4F9AE02/07FF4ABC5A1011EAA8B1B456C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.237.36.0/22 160.202.144.0/22 IPv6: 2401:e7c0::/32 Signature Algorithm: sha256WithRSAEncryption 3f:4f:d6:94:ee:40:cd:f5:43:60:40:9f:f3:fd:81:60:5f:ec: a7:10:4e:31:2e:b5:e2:50:9b:f6:24:e3:f3:c5:b8:fb:6d:79: c6:10:c2:5b:20:73:f2:05:00:ca:f5:7d:72:7e:76:1a:24:56: ba:fd:5f:93:b1:6a:1f:99:b1:3b:6b:8b:c8:19:83:3b:06:2f: 07:d1:a6:4d:a4:90:1d:f7:c2:fd:4e:82:e3:6c:06:18:ee:f6: 25:ea:50:57:5d:89:8a:a7:e6:3f:6e:54:b7:da:93:a6:c8:e5: 84:43:f4:0e:4e:6a:b6:3c:9a:c5:ec:4c:21:bb:93:60:bb:4e: 9b:fe:a6:3c:01:de:31:20:2e:50:8e:c2:8b:b0:5d:bd:34:97: 14:d6:25:4a:fd:87:ca:72:0f:e5:a9:02:7d:11:8a:04:27:e5: a5:b1:f2:e1:97:9e:b0:0b:1e:b4:47:e8:d4:06:24:91:14:d5: 93:7e:bc:08:96:7a:d6:f3:3c:82:e4:27:f1:2c:9f:9a:2c:8c: 06:13:db:74:7e:0a:ac:c1:a9:88:90:8c:80:c4:4c:4c:53:3c: 88:a7:a4:bd:31:31:7c:63:67:9d:ae:be:8d:44:50:63:05:cb: aa:cb:98:59:d1:f5:e0:e3:0f:db:60:a3:c5:c7:98:6f:b5:8f: 4f:11:ea:56 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhCNkExMTAvBgNVBAUTKEE5NzEyQ0NCN0VFRTAyNEFFQjg4NzY3Qjc2MkUxMDkz QjE0MEZGNkUwHhcNMjMwNzE4MTgxNTIwWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGI2ZDZiOC03N2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArGJbpMLB6N+E5odTH+UzZXVkyddoB5IH77WZjoQBzojVYCOxzLbV5HXciSBR urEN4YJMazsA2aqA6WwAgUnD7L9Rb4RcVYETylT7Bs8i2Ng8iKnPQqK7N1kGYjWA UyFXWbpq+ZHMXFmZCKTtbpWfaZG6ROAOcBD2T0wq/EoRywO1RojczBEQ9Fn5Fd5i K82CYi6dJVxi+KvoqPJrbCpFi64vVMJv3G9F3xdZeVdsrKfsOi5NiRySTopx6KGk B1RBMsRvAQjQ0WnDrLj07XPS3RqGK+c0c/ShTQbbo3IMCog9s4sC7SI2H3+W+NP9 Y05oOx4IYw3khYNZlRTUVdWiywIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGJQfxQb F6gKCVc4X6JeB19eS4oJMB8GA1UdIwQYMBaAFKlxLMt+7gJK64h2e3YuEJOxQP9u MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEI2QS8wODc1RjQ5NjRD NzQxMUU5OTc5MDBGNTVDNEY5QUUwMi9xWEVzeTM3dUFrcnJpSFo3ZGk0UWs3RkFf MjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYRXN5Mzd1QWtycmlIWjdkaTRRazdGQV8yNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDhCNkEvMDg3NUY0OTY0Qzc0MTFFOTk3OTAwRjU1QzRGOUFFMDIvMDdGRjRBQkM1 QTEwMTFFQUE4QjFCNDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn7SQDBAKgypAwDQQCAAIwBwMFACQB58AwDQYJKoZIhvcN AQELBQADggEBAD9P1pTuQM31Q2BAn/P9gWBf7KcQTjEuteJQm/Yk4/PFuPttecYQ wlsgc/IFAMr1fXJ+dhokVrr9X5Oxah+ZsTtri8gZgzsGLwfRpk2kkB33wv1OguNs Bhju9iXqUFddiYqn5j9uVLfak6bI5YRD9A5OarY8msXsTCG7k2C7Tpv+pjwB3jEg LlCOwouwXb00lxTWJUr9h8pyD+WpAn0RigQn5aWx8uGXnrALHrRH6NQGJJEU1ZN+ vAiWetbzPILkJ/Esn5osjAYT23R+CqzBqYiQjIDETExTPIinpL0xMXxjZ52uvo1E UGMFy6rLmFnR9eDjD9tgo8XHmG+1j08R6lY= -----END CERTIFICATE-----Generated at Sat May 18 19:15:24 2024 by rpki-client on console-ams.rpki-client.org