$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa File: 2CD5AAF8060311EBBE15EA18C4F9AE02.roa (raw, json) Hash identifier: BqyKJHH4McjxtDDPvHPE+BPfxKk7brStlMSUEfddudM= Subject key identifier: D4:30:02:DA:57:8A:0D:95:A7:A6:57:B1:E1:97:EB:71:AA:FE:20:97 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0A58 Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa Signing time: Thu 18 May 2023 21:01:44 +0000 ROA not before: Thu 18 May 2023 21:01:44 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 135386 IP address blocks: 45.248.68.0/22 maxlen: 22 45.248.68.0/24 maxlen: 24 45.248.69.0/24 maxlen: 24 45.248.70.0/24 maxlen: 24 45.248.71.0/24 maxlen: 24 103.9.192.0/22 maxlen: 24 103.73.96.0/22 maxlen: 24 103.216.216.0/22 maxlen: 24 2404:f880::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 May 2023 20:16:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2648 (0xa58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: May 18 21:01:44 2023 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=64669238-15ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:ae:98:e0:4b:8f:ec:2a:4a:42:df:c8:c6:ed: 0b:1a:6b:2b:53:08:a7:fa:7f:45:ab:16:25:3a:68: 93:8c:26:80:20:56:87:c0:ef:46:20:d2:a9:d9:12: cf:74:44:32:87:a5:ff:96:d4:b7:e7:87:fe:d4:dd: 2b:c3:3e:e1:0a:f4:2f:ab:f5:0a:a5:ce:9c:f6:78: 99:7c:11:31:0a:0c:65:08:93:9f:20:7e:2b:f7:d2: b6:29:59:86:8d:05:3c:8e:28:e3:e5:6f:9c:2b:19: 4a:b8:cd:fc:43:a5:2c:f8:f2:6e:7d:2d:64:e6:93: e7:ad:57:37:17:e5:7b:5c:20:59:7e:a3:94:9a:d2: ca:aa:e5:31:94:89:b7:b4:39:e0:c3:c6:c3:b2:3e: dd:9e:0a:31:fc:ec:61:c0:aa:78:59:68:68:6f:27: 63:fd:59:4b:e8:20:1b:04:97:71:28:06:29:58:73: cf:ca:64:19:ef:01:78:52:cc:94:8e:ec:48:84:e8: e5:16:9c:96:82:9a:b1:49:34:ef:4b:cd:c5:ac:75: f4:4d:c7:e9:e8:df:ab:d6:03:5c:a5:2f:93:e2:0d: 1d:4a:05:79:c8:9d:0f:4e:b7:f0:82:91:6d:f7:87: 6f:95:6d:b9:20:d1:51:34:35:e0:30:01:81:c8:26: 09:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:30:02:DA:57:8A:0D:95:A7:A6:57:B1:E1:97:EB:71:AA:FE:20:97 X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.248.68.0/22 103.9.192.0/22 103.73.96.0/22 103.216.216.0/22 IPv6: 2404:f880::/32 Signature Algorithm: sha256WithRSAEncryption 7f:c3:f4:1c:e8:12:9a:94:23:1c:cb:be:b7:a7:de:90:76:54: 5a:36:6c:59:61:4b:88:b6:48:e9:25:b9:73:31:44:62:a8:11: 96:ce:89:c0:ca:cd:19:c2:38:30:46:2a:8d:96:f8:c6:6a:41: 38:10:30:38:33:01:29:ae:cc:20:dc:da:22:80:f5:b4:38:d5: 0d:cd:09:9d:f6:13:0a:a7:97:04:b0:99:d7:df:31:cf:fc:db: 37:ae:f4:6a:8c:db:09:ee:fa:88:b8:d3:fc:d3:97:7c:b1:6e: 98:ea:1d:db:d1:71:ac:a8:d7:46:c3:f6:19:68:4a:45:2b:7a: c5:30:83:16:0e:e5:3a:df:2f:79:06:8d:ca:6c:81:de:d2:cd: af:62:8f:e0:4a:d1:4a:91:ed:24:d9:ad:52:e4:64:0a:af:b6: de:05:a7:35:9d:30:79:de:95:1e:b2:b9:22:15:f8:8f:36:6d: e1:ee:b3:c9:79:0c:31:9c:e4:fb:fa:ea:64:b0:2d:f2:4c:ac: 84:13:f2:f7:c1:26:2e:e4:da:1c:e2:0b:f4:8e:53:ed:95:b1: 76:0d:6f:77:e4:4c:78:03:11:7e:a5:25:93:83:55:af:a9:02: dd:ae:96:8f:10:be:90:0f:01:75:57:1d:5f:47:2d:27:33:18: 84:20:93:d9 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICClgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjMwNTE4MjEwMTQ0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NDY2OTIzOC0xNWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5a6Y4EuP7CpKQt/Ixu0LGmsrUwin+n9FqxYlOmiTjCaAIFaHwO9GINKp2RLP dEQyh6X/ltS354f+1N0rwz7hCvQvq/UKpc6c9niZfBExCgxlCJOfIH4r99K2KVmG jQU8jijj5W+cKxlKuM38Q6Us+PJufS1k5pPnrVc3F+V7XCBZfqOUmtLKquUxlIm3 tDngw8bDsj7dngox/OxhwKp4WWhobydj/VlL6CAbBJdxKAYpWHPPymQZ7wF4UsyU juxIhOjlFpyWgpqxSTTvS83FrHX0Tcfp6N+r1gNcpS+T4g0dSgV5yJ0PTrfwgpFt 94dvlW25INFRNDXgMAGByCYJCwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFNQwAtpX ig2Vp6ZXseGX63Gq/iCXMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEFFMjIvQjE3ODQzOUUxQkJGMTFFQUI2QTc0RjcxQzRGOUFFMDIvMkNENUFBRjgw NjAzMTFFQkJFMTVFQTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIt+EQDBAJnCcADBAJnSWADBAJn2NgwDQQCAAIwBwMFACQE +IAwDQYJKoZIhvcNAQELBQADggEBAH/D9BzoEpqUIxzLvren3pB2VFo2bFlhS4i2 SOkluXMxRGKoEZbOicDKzRnCODBGKo2W+MZqQTgQMDgzASmuzCDc2iKA9bQ41Q3N CZ32EwqnlwSwmdffMc/82zeu9GqM2wnu+oi40/zTl3yxbpjqHdvRcayo10bD9hlo SkUresUwgxYO5TrfL3kGjcpsgd7Sza9ij+BK0UqR7STZrVLkZAqvtt4FpzWdMHne lR6yuSIV+I82beHus8l5DDGc5Pv66mSwLfJMrIQT8vfBJi7k2hziC/SOU+2VsXYN b3fkTHgDEX6lJZODVa+pAt2ulo8QvpAPAXVXHV9HLSczGIQgk9k= -----END CERTIFICATE-----Generated at Thu May 18 21:29:03 2023 by rpki-client on console-fra.rpki-client.org