$ rpki-client -vvf rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/2CAD3A66595911EA80344709C4F9AE02.roa File: 2CAD3A66595911EA80344709C4F9AE02.roa (raw, json) Hash identifier: SZfy2lzYI9darSjsTQEqARyS5q602BqtO3JRbHOsq3g= Subject key identifier: 73:85:84:27:6E:FF:4A:54:3A:DD:D0:3E:6E:54:CF:AC:1F:56:47:6B Certificate issuer: /CN=A914DD78/serialNumber=D3C66C26A9FD1B9E7C455BDDB35159688D0140FE Certificate serial: 0A6B Authority key identifier: D3:C6:6C:26:A9:FD:1B:9E:7C:45:5B:DD:B3:51:59:68:8D:01:40:FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/08ZsJqn9G558RVvds1FZaI0BQP4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/2CAD3A66595911EA80344709C4F9AE02.roa Signing time: Thu 02 May 2024 20:39:24 +0000 ROA not before: Thu 02 May 2024 20:39:24 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 58869 IP address blocks: 103.248.128.0/22 maxlen: 22 103.248.128.0/24 maxlen: 24 2001:df5::/48 maxlen: 48 2403:5f40:1::/48 maxlen: 48 2403:5f40:4::/48 maxlen: 48 2403:5f40:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/08ZsJqn9G558RVvds1FZaI0BQP4.crl rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/08ZsJqn9G558RVvds1FZaI0BQP4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/08ZsJqn9G558RVvds1FZaI0BQP4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 20:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2667 (0xa6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914DD78/serialNumber=D3C66C26A9FD1B9E7C455BDDB35159688D0140FE Validity Not Before: May 2 20:39:24 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6633f9fc-c274 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:fb:35:44:0e:5c:72:72:8d:7e:17:e9:e6:67: ad:74:7a:2c:62:1e:04:9d:b6:96:90:a4:1d:72:a6: 1b:55:a2:ea:2e:ac:4d:16:d0:84:7c:a4:6e:7c:5a: 29:5a:7d:99:66:65:00:2e:18:42:ba:d9:4c:eb:57: 01:4b:71:a5:dc:c9:72:7e:ed:4b:61:60:7a:ae:1f: 34:ef:f6:21:f4:cb:4c:35:77:10:0c:eb:1b:03:7a: 9c:5c:f5:20:eb:6c:cc:ad:4a:1c:4a:1f:0c:99:81: ea:fd:1d:08:1b:41:07:c7:d4:22:4f:ba:44:18:e0: 92:da:fc:21:19:0a:e9:1c:4b:58:fa:63:50:ff:bb: f1:80:03:d2:a8:6b:39:4b:06:4d:c1:5b:f6:92:33: e5:c6:ad:f2:71:73:e9:40:eb:39:60:98:16:bb:ee: 53:de:ef:16:88:d1:eb:e3:68:9d:f2:b3:95:e2:bd: b0:73:55:ca:be:6c:5e:ee:f2:bd:4a:e0:99:5b:2b: 71:75:12:2f:93:34:f8:3f:a4:24:7e:9e:c0:37:db: 74:6d:07:34:2f:d6:bc:3e:c0:07:a0:1a:f7:34:2e: 43:b5:99:51:bc:93:15:c4:f4:92:b0:10:a5:ad:36: 73:fb:13:56:e9:af:02:f1:56:df:62:98:e5:41:27: 54:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:85:84:27:6E:FF:4A:54:3A:DD:D0:3E:6E:54:CF:AC:1F:56:47:6B X509v3 Authority Key Identifier: keyid:D3:C6:6C:26:A9:FD:1B:9E:7C:45:5B:DD:B3:51:59:68:8D:01:40:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/08ZsJqn9G558RVvds1FZaI0BQP4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/08ZsJqn9G558RVvds1FZaI0BQP4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DD78/D4E9649C42F811EAB460E93FC4F9AE02/2CAD3A66595911EA80344709C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.248.128.0/22 IPv6: 2001:df5::/48 2403:5f40:1::/48 2403:5f40:4::/48 2403:5f40:a::/48 Signature Algorithm: sha256WithRSAEncryption 32:b5:35:08:67:61:c6:ca:7d:51:87:43:e1:97:d8:92:f8:89: aa:4d:48:49:70:29:41:9b:46:c3:58:b3:3f:e8:64:26:9b:a9: 6d:9e:f7:0b:62:3a:39:8f:eb:f0:67:fc:b0:8f:95:0b:45:1b: 03:ed:40:22:ae:cd:46:5a:46:86:34:12:03:98:e3:37:04:82: ef:a2:70:58:3f:40:74:d7:fd:c1:85:a0:55:0d:53:d7:e4:c8: 36:2b:44:46:50:e0:0b:bd:c6:33:e9:af:40:91:f6:88:c5:7b: 47:94:c7:99:60:9a:12:fa:b3:a0:14:85:7e:87:2b:b2:04:c6: ca:28:4d:9b:66:eb:0c:9e:e1:c2:87:45:10:20:14:64:32:e4: 8b:58:77:18:b2:07:e1:00:0d:e2:36:93:24:0b:df:75:92:81: a3:3b:c2:e2:98:c9:07:a5:8e:2e:f4:d8:9d:d5:0e:64:10:54: bd:47:6a:de:73:b1:f5:96:19:f1:20:94:c9:ce:86:b9:d2:ee: 8d:e1:49:69:f8:97:fa:c6:78:a5:42:48:0f:f7:9f:83:40:e7: b8:4b:a9:4f:6d:a9:69:a8:46:c5:cf:14:7b:0f:3b:fb:c8:e5: fa:d5:9a:20:e6:2a:c4:b3:8a:2b:73:d7:ed:b0:43:43:d9:9f: c5:0b:8a:e6 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgICCmswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NERENzgxMTAvBgNVBAUTKEQzQzY2QzI2QTlGRDFCOUU3QzQ1NUJEREIzNTE1OTY4 OEQwMTQwRkUwHhcNMjQwNTAyMjAzOTI0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjMzZjlmYy1jMjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0/s1RA5ccnKNfhfp5metdHosYh4EnbaWkKQdcqYbVaLqLqxNFtCEfKRufFop Wn2ZZmUALhhCutlM61cBS3Gl3Mlyfu1LYWB6rh807/Yh9MtMNXcQDOsbA3qcXPUg 62zMrUocSh8MmYHq/R0IG0EHx9QiT7pEGOCS2vwhGQrpHEtY+mNQ/7vxgAPSqGs5 SwZNwVv2kjPlxq3ycXPpQOs5YJgWu+5T3u8WiNHr42id8rOV4r2wc1XKvmxe7vK9 SuCZWytxdRIvkzT4P6Qkfp7AN9t0bQc0L9a8PsAHoBr3NC5DtZlRvJMVxPSSsBCl rTZz+xNW6a8C8VbfYpjlQSdU6QIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFHOFhCdu /0pUOt3QPm5Uz6wfVkdrMB8GA1UdIwQYMBaAFNPGbCap/RuefEVb3bNRWWiNAUD+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REQ3OC9ENEU5NjQ5QzQy RjgxMUVBQjQ2MEU5M0ZDNEY5QUUwMi8wOFpzSnFuOUc1NThSVnZkczFGWmFJMEJR UDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA4WnNKcW45RzU1OFJWdmRzMUZaYUkwQlFQNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NERENzgvRDRFOTY0OUM0MkY4MTFFQUI0NjBFOTNGQzRGOUFFMDIvMkNBRDNBNjY1 OTU5MTFFQTgwMzQ0NzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E PDA6MAwEAgABMAYDBAJn+IAwKgQCAAIwJAMHACABDfUAAAMHACQDX0AAAQMHACQD X0AABAMHACQDX0AACjANBgkqhkiG9w0BAQsFAAOCAQEAMrU1CGdhxsp9UYdD4ZfY kviJqk1ISXApQZtGw1izP+hkJpupbZ73C2I6OY/r8Gf8sI+VC0UbA+1AIq7NRlpG hjQSA5jjNwSC76JwWD9AdNf9wYWgVQ1T1+TINitERlDgC73GM+mvQJH2iMV7R5TH mWCaEvqzoBSFfocrsgTGyihNm2brDJ7hwodFECAUZDLki1h3GLIH4QAN4jaTJAvf dZKBozvC4pjJB6WOLvTYndUOZBBUvUdq3nOx9ZYZ8SCUyc6GudLujeFJafiX+sZ4 pUJID/efg0DnuEupT22paahGxc8Uew87+8jl+tWaIOYqxLOKK3PX7bBDQ9mfxQuK 5g== -----END CERTIFICATE-----Generated at Thu May 16 22:34:45 2024 by rpki-client on console-ams.rpki-client.org