$ rpki-client -vvf rpki.apnic.net/member_repository/A914B79F/DA6837F04E2911EE945C394FC4F9AE02/43CBDE7C4E2A11EE801FE54FC4F9AE02.roa File: 43CBDE7C4E2A11EE801FE54FC4F9AE02.roa (raw, json) Hash identifier: icLxxg2kl08UEmVFymHkZWK7smbTqhptrFZgNnZKSiE= Subject key identifier: AA:5F:67:3E:CF:7E:18:83:AF:93:FF:52:7C:9D:8C:38:4B:AA:1C:5E Certificate issuer: /CN=A914B79F/serialNumber=78E4290BCCC9991580B276DC0C2C97BFB08620D8 Certificate serial: 56 Authority key identifier: 78:E4:29:0B:CC:C9:99:15:80:B2:76:DC:0C:2C:97:BF:B0:86:20:D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eOQpC8zJmRWAsnbcDCyXv7CGINg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914B79F/DA6837F04E2911EE945C394FC4F9AE02/43CBDE7C4E2A11EE801FE54FC4F9AE02.roa Signing time: Thu 15 Feb 2024 06:48:48 +0000 ROA not before: Thu 15 Feb 2024 06:48:48 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 139900 IP address blocks: 103.146.206.0/24 maxlen: 24 103.146.207.0/24 maxlen: 24 2400:b020::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914B79F/DA6837F04E2911EE945C394FC4F9AE02/eOQpC8zJmRWAsnbcDCyXv7CGINg.crl rsync://rpki.apnic.net/member_repository/A914B79F/DA6837F04E2911EE945C394FC4F9AE02/eOQpC8zJmRWAsnbcDCyXv7CGINg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eOQpC8zJmRWAsnbcDCyXv7CGINg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 14 Jun 2024 07:17:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 86 (0x56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914B79F/serialNumber=78E4290BCCC9991580B276DC0C2C97BFB08620D8 Validity Not Before: Feb 15 06:48:48 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65cdb3d0-7e16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:f3:b9:7e:88:4c:d6:f0:01:b8:16:f3:66:b2: 54:41:79:9b:d0:01:5e:4f:14:73:55:22:0b:66:82: 77:e9:c2:e2:ec:74:85:9c:97:e0:a8:f6:d4:00:93: 06:68:5f:ba:6e:02:29:82:b3:c6:54:9a:e6:4e:e0: 9b:df:08:c1:1a:9c:d3:49:c5:4a:56:8b:28:e6:3f: 0f:bf:34:16:82:56:19:d3:8b:ce:48:9f:9e:4d:68: dd:04:54:c6:84:78:d3:0f:d8:d4:21:0e:f0:2e:7d: fa:1d:ad:be:cc:5d:ea:00:65:f0:b7:6b:b0:f1:71: d7:03:96:24:79:63:46:ec:1d:ac:e4:52:74:8e:4b: b0:a4:a9:e8:69:23:3c:9a:35:8c:44:76:f4:97:96: ce:a1:c7:51:e6:0d:b0:76:a6:5c:a5:9d:6e:a6:0b: d2:ac:52:c9:2a:65:38:ea:20:8a:1b:f0:e7:33:ee: ab:50:03:b3:30:a3:dd:3b:db:ba:01:5f:72:2c:d2: cd:13:ad:06:9d:b6:95:ab:4e:8b:33:1c:70:f5:1d: 21:54:1d:11:4b:47:6a:d1:3f:d1:4b:89:23:b7:77: 18:b6:52:9d:02:52:ba:a3:05:90:50:76:73:f3:19: 68:23:6a:19:51:e5:48:1d:c4:d8:bb:b5:44:b2:c9: 1b:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:5F:67:3E:CF:7E:18:83:AF:93:FF:52:7C:9D:8C:38:4B:AA:1C:5E X509v3 Authority Key Identifier: keyid:78:E4:29:0B:CC:C9:99:15:80:B2:76:DC:0C:2C:97:BF:B0:86:20:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914B79F/DA6837F04E2911EE945C394FC4F9AE02/eOQpC8zJmRWAsnbcDCyXv7CGINg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eOQpC8zJmRWAsnbcDCyXv7CGINg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914B79F/DA6837F04E2911EE945C394FC4F9AE02/43CBDE7C4E2A11EE801FE54FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.146.206.0/23 IPv6: 2400:b020::/32 Signature Algorithm: sha256WithRSAEncryption 4a:ce:6f:de:0b:f2:65:9d:08:8b:14:cb:c1:b2:9b:e6:fe:7d: e8:7d:f5:f1:04:68:c4:c5:04:b6:6a:2b:dd:ba:a8:3a:ba:6b: 86:9c:56:81:05:dd:a0:4e:1f:28:be:ad:fe:55:28:35:4e:f8: 01:79:d9:bf:3f:07:46:70:f5:f8:db:cf:21:d1:73:b7:ff:c2: 27:2a:32:ee:7f:ba:d7:68:26:e1:c1:6b:6a:c2:7e:27:ec:c6: 35:ee:cc:c0:ba:10:1c:25:b2:9c:6e:19:a1:a2:8e:69:4e:a2: fd:f2:86:33:72:1e:87:a8:c5:98:30:ba:16:63:71:ff:1d:33: 4b:6b:a9:a0:6b:4f:61:cf:54:3e:ff:78:d0:66:d9:2b:6d:2a: 67:4a:ba:8c:6a:b0:d8:c6:99:f8:e9:39:d4:d7:f6:c1:de:dc: df:26:0c:af:5f:7b:35:ed:e0:94:85:17:1d:4c:e6:2a:fa:df: 0f:ca:49:7b:72:5c:fc:78:28:85:0a:a3:33:05:50:7d:df:3a: 68:be:63:fe:9a:e9:af:5d:39:84:aa:a1:84:37:50:6c:81:3f: 4c:00:5d:3c:1b:31:b9:65:95:5a:56:b9:9b:49:12:25:35:4d: 35:30:ca:bc:aa:c4:e5:ee:1c:a7:76:e8:55:bd:b1:8a:5b:9e: 2d:de:09:2c -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBVjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 Qjc5RjExMC8GA1UEBRMoNzhFNDI5MEJDQ0M5OTkxNTgwQjI3NkRDMEMyQzk3QkZC MDg2MjBEODAeFw0yNDAyMTUwNjQ4NDhaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1Y2RiM2QwLTdlMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCc87l+iEzW8AG4FvNmslRBeZvQAV5PFHNVIgtmgnfpwuLsdIWcl+Co9tQAkwZo X7puAimCs8ZUmuZO4JvfCMEanNNJxUpWiyjmPw+/NBaCVhnTi85In55NaN0EVMaE eNMP2NQhDvAuffodrb7MXeoAZfC3a7DxcdcDliR5Y0bsHazkUnSOS7CkqehpIzya NYxEdvSXls6hx1HmDbB2plylnW6mC9KsUskqZTjqIIob8Ocz7qtQA7Mwo90727oB X3Is0s0TrQadtpWrToszHHD1HSFUHRFLR2rRP9FLiSO3dxi2Up0CUrqjBZBQdnPz GWgjahlR5UgdxNi7tUSyyRsbAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUql9nPs9+ GIOvk/9SfJ2MOEuqHF4wHwYDVR0jBBgwFoAUeOQpC8zJmRWAsnbcDCyXv7CGINgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRCNzlGL0RBNjgzN0YwNEUy OTExRUU5NDVDMzk0RkM0RjlBRTAyL2VPUXBDOHpKbVJXQXNuYmNEQ3lYdjdDR0lO Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZU9RcEM4ekptUldBc25iY0RDeVh2N0NHSU5nLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 Qjc5Ri9EQTY4MzdGMDRFMjkxMUVFOTQ1QzM5NEZDNEY5QUUwMi80M0NCREU3QzRF MkExMUVFODAxRkU1NEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEAWeSzjANBAIAAjAHAwUAJACwIDANBgkqhkiG9w0BAQsFAAOC AQEASs5v3gvyZZ0IixTLwbKb5v596H318QRoxMUEtmor3bqoOrprhpxWgQXdoE4f KL6t/lUoNU74AXnZvz8HRnD1+NvPIdFzt//CJyoy7n+612gm4cFrasJ+J+zGNe7M wLoQHCWynG4ZoaKOaU6i/fKGM3Ieh6jFmDC6FmNx/x0zS2upoGtPYc9UPv940GbZ K20qZ0q6jGqw2MaZ+Ok51Nf2wd7c3yYMr197Ne3glIUXHUzmKvrfD8pJe3Jc/Hgo hQqjMwVQfd86aL5j/prpr105hKqhhDdQbIE/TABdPBsxuWWVWla5m0kSJTVNNTDK vKrE5e4cp3boVb2xilueLd4JLA== -----END CERTIFICATE-----Generated at Fri Jun 7 09:40:17 2024 by rpki-client on console-ams.rpki-client.org