$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa File: 2CD5AAF8060311EBBE15EA18C4F9AE02.roa (raw, json) Hash identifier: mW8L1FLDXuwnCDk5B3rFgpB45GljzNSPgwbjM/e2Wu0= Subject key identifier: DB:24:FF:F3:89:19:57:F3:38:E6:ED:8B:B7:5A:68:0C:68:F9:0C:E3 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0B08 Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa Signing time: Thu 18 Apr 2024 19:58:10 +0000 ROA not before: Thu 18 Apr 2024 19:58:10 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 135386 IP address blocks: 45.248.68.0/22 maxlen: 22 45.248.68.0/24 maxlen: 24 45.248.69.0/24 maxlen: 24 45.248.70.0/24 maxlen: 24 45.248.71.0/24 maxlen: 24 103.9.192.0/22 maxlen: 24 103.73.96.0/22 maxlen: 24 103.216.216.0/22 maxlen: 24 2404:f880::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 18:42:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2824 (0xb08) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: Apr 18 19:58:10 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=66217b52-87ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:81:d9:6b:d5:59:8a:b4:dd:8d:45:a2:ad:22: 6a:0e:b5:ae:6c:c0:64:a0:b6:a9:63:fb:c3:3e:1d: 71:71:1f:34:94:03:2d:76:73:0c:72:20:77:2a:f5: 11:ee:31:2e:d6:32:81:0d:90:22:e7:ec:8a:cd:6f: 77:2e:96:21:d4:1c:40:84:66:22:15:dc:8a:bb:a4: ab:38:f1:20:2d:0f:85:f7:71:c5:a4:9d:ef:0e:0a: 2c:2b:c4:0f:c2:ab:45:b9:46:71:5e:2d:f8:e4:1f: 2c:8a:5a:fd:39:a0:5f:d0:85:54:c2:4d:08:49:f2: c7:f0:18:0f:66:7f:62:4f:84:ce:a8:ec:b8:fc:d7: d3:1d:ee:f3:68:c0:1e:47:a5:75:57:db:a0:22:e7: c3:35:d7:7b:76:ba:e9:99:d9:8e:b0:17:d4:b4:44: f8:a4:c8:fb:8e:ab:6b:f8:71:3e:b5:97:51:2c:84: 1e:2d:9f:90:50:a9:d1:e9:c8:ce:e0:05:28:a9:90: 86:50:be:c4:fc:c8:9a:3a:d8:fb:e4:dc:01:aa:5e: 00:f9:41:1d:4c:0c:98:70:72:9a:22:ee:4a:b0:96: d0:a1:ca:4a:9e:80:60:61:4f:fe:5d:b3:49:e6:e9: 2f:ef:19:9b:64:c7:4f:92:61:e9:83:f9:88:55:57: c3:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:24:FF:F3:89:19:57:F3:38:E6:ED:8B:B7:5A:68:0C:68:F9:0C:E3 X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/2CD5AAF8060311EBBE15EA18C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.248.68.0/22 103.9.192.0/22 103.73.96.0/22 103.216.216.0/22 IPv6: 2404:f880::/32 Signature Algorithm: sha256WithRSAEncryption 09:7d:7f:89:53:e3:0e:83:fb:b2:85:f6:d5:6d:54:5a:94:17: c1:77:af:03:ff:3b:35:0b:2c:38:9f:03:a2:ea:dd:ac:fc:85: f8:0e:5b:61:9c:d7:d2:ea:5d:89:18:fe:fd:ab:5b:a5:ae:f6: 86:50:62:e1:08:c6:99:71:ad:5c:2f:bb:f3:66:5e:af:52:ef: dc:02:dc:32:89:21:6a:3d:0b:22:a7:7c:3f:8d:1d:b7:88:62: 0b:8d:0d:23:9a:21:63:94:14:15:d6:83:6a:0a:b2:fb:f8:8a: 10:95:96:50:08:10:53:58:ac:fb:38:d6:fc:fc:6e:79:d0:3c: 14:d4:2d:f9:35:c2:78:72:39:42:0d:80:7b:2a:22:30:34:d5: f3:fa:c1:eb:02:ad:5c:87:3c:57:f7:24:aa:15:f6:6c:ea:60: 9c:92:81:da:7b:23:4d:4d:be:08:65:08:42:93:fa:22:78:ca: eb:25:ad:3a:ce:2d:cf:68:f3:79:46:dd:c4:cd:95:98:e9:3f: b6:0f:0e:99:ff:9e:db:84:bb:d2:09:e2:60:80:b2:fc:6f:3c: e5:fd:10:a3:50:7e:36:06:56:a8:a8:05:a3:88:20:f9:9a:b4: 8a:cd:c2:29:2d:db:1e:23:7b:b5:16:47:cc:fc:49:0b:b0:b1: 78:e3:31:b0 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICCwgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjQwNDE4MTk1ODEwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjIxN2I1Mi04N2FiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyoHZa9VZirTdjUWirSJqDrWubMBkoLapY/vDPh1xcR80lAMtdnMMciB3KvUR 7jEu1jKBDZAi5+yKzW93LpYh1BxAhGYiFdyKu6SrOPEgLQ+F93HFpJ3vDgosK8QP wqtFuUZxXi345B8silr9OaBf0IVUwk0ISfLH8BgPZn9iT4TOqOy4/NfTHe7zaMAe R6V1V9ugIufDNdd7drrpmdmOsBfUtET4pMj7jqtr+HE+tZdRLIQeLZ+QUKnR6cjO 4AUoqZCGUL7E/MiaOtj75NwBql4A+UEdTAyYcHKaIu5KsJbQocpKnoBgYU/+XbNJ 5ukv7xmbZMdPkmHpg/mIVVfDEQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFNsk//OJ GVfzOObti7daaAxo+QzjMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEFFMjIvQjE3ODQzOUUxQkJGMTFFQUI2QTc0RjcxQzRGOUFFMDIvMkNENUFBRjgw NjAzMTFFQkJFMTVFQTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIt+EQDBAJnCcADBAJnSWADBAJn2NgwDQQCAAIwBwMFACQE +IAwDQYJKoZIhvcNAQELBQADggEBAAl9f4lT4w6D+7KF9tVtVFqUF8F3rwP/OzUL LDifA6Lq3az8hfgOW2Gc19LqXYkY/v2rW6Wu9oZQYuEIxplxrVwvu/NmXq9S79wC 3DKJIWo9CyKnfD+NHbeIYguNDSOaIWOUFBXWg2oKsvv4ihCVllAIEFNYrPs41vz8 bnnQPBTULfk1wnhyOUINgHsqIjA01fP6wesCrVyHPFf3JKoV9mzqYJySgdp7I01N vghlCEKT+iJ4yuslrTrOLc9o83lG3cTNlZjpP7YPDpn/ntuEu9IJ4mCAsvxvPOX9 EKNQfjYGVqioBaOIIPmatIrNwikt2x4je7UWR8z8SQuwsXjjMbA= -----END CERTIFICATE-----Generated at Wed Nov 20 20:07:23 2024 by rpki-client on console-fra.rpki-client.org