$ rpki-client -vvf rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/149AB4BE7CE911EEB9A02D83C4F9AE02.roa File: 149AB4BE7CE911EEB9A02D83C4F9AE02.roa (raw, json) Hash identifier: E2NZXpYraOPVv0cpnUWbQpkzMNGT1LYi52LyYrBbmwA= Subject key identifier: 62:BE:61:5A:87:C8:E5:DD:90:A6:B0:69:8F:A4:0E:B5:A8:D5:19:18 Certificate issuer: /CN=A915177C/serialNumber=2293BD4C5E4F9A2965358CB018DF3E4EEE4DF1CF Certificate serial: 2F3E Authority key identifier: 22:93:BD:4C:5E:4F:9A:29:65:35:8C:B0:18:DF:3E:4E:EE:4D:F1:CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IpO9TF5PmillNYywGN8-Tu5N8c8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/149AB4BE7CE911EEB9A02D83C4F9AE02.roa Signing time: Tue 02 Jul 2024 16:02:10 +0000 ROA not before: Tue 02 Jul 2024 16:02:10 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 32590 IP address blocks: 45.121.184.0/22 maxlen: 24 103.10.124.0/23 maxlen: 24 103.28.54.0/23 maxlen: 24 2404:3fc0::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/IpO9TF5PmillNYywGN8-Tu5N8c8.crl rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/IpO9TF5PmillNYywGN8-Tu5N8c8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IpO9TF5PmillNYywGN8-Tu5N8c8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:22:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12094 (0x2f3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915177C/serialNumber=2293BD4C5E4F9A2965358CB018DF3E4EEE4DF1CF Validity Not Before: Jul 2 16:02:10 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66842482-8ba8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e6:68:b7:5e:80:38:99:bf:1b:c9:fb:bb:24: 1b:e1:bb:bd:f2:cb:0e:81:99:fa:c2:ef:04:72:50: 1c:d4:02:f9:d6:56:52:b6:5b:8a:04:6c:c2:09:9f: 6c:28:ca:ef:d6:f1:aa:70:4d:f7:58:77:df:51:de: 87:ba:e3:58:fa:d5:11:dd:ff:e8:5b:43:26:c6:e8: 85:41:de:a3:38:07:9d:b2:3c:42:e3:b6:f4:46:cf: 30:53:27:aa:1f:4e:f7:38:07:ba:08:1c:af:b7:13: b0:58:57:9e:8e:b5:d8:7b:75:c1:92:f9:91:cd:1e: 15:06:cb:cf:3b:cf:1d:5f:a1:b3:ea:1b:69:27:d8: b2:11:ae:58:38:f7:a4:30:a4:d5:25:ad:95:66:9c: b9:d6:3f:68:e8:9c:b1:b0:63:81:f3:6e:d0:33:94: cf:71:62:56:44:9e:74:ae:c9:d0:9f:fc:d8:25:c8: 1b:ba:24:9a:4e:17:08:3e:c0:9c:00:48:ac:b6:94: ef:cb:83:69:49:ad:8c:11:dd:06:a1:c1:94:d7:78: ee:f8:75:f8:c6:5f:52:42:37:aa:61:3a:fa:9f:b2: be:9e:59:3a:21:db:bc:ee:05:18:be:9f:fc:1c:93: 20:59:82:c4:cf:81:fe:15:ca:66:b3:9f:e7:50:d6: 5d:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:BE:61:5A:87:C8:E5:DD:90:A6:B0:69:8F:A4:0E:B5:A8:D5:19:18 X509v3 Authority Key Identifier: keyid:22:93:BD:4C:5E:4F:9A:29:65:35:8C:B0:18:DF:3E:4E:EE:4D:F1:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/IpO9TF5PmillNYywGN8-Tu5N8c8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IpO9TF5PmillNYywGN8-Tu5N8c8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915177C/924CDCC0143011E3A0B19F2A5911EA32/149AB4BE7CE911EEB9A02D83C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.121.184.0/22 103.10.124.0/23 103.28.54.0/23 IPv6: 2404:3fc0::/40 Signature Algorithm: sha256WithRSAEncryption 7e:61:3c:2c:e6:48:16:fe:c7:de:85:61:33:3e:84:06:d0:4a: b7:b5:88:9a:1d:16:89:9e:89:1d:0a:80:9e:5a:b9:33:19:60: 72:36:6b:4a:e4:48:7a:ca:f3:03:f1:7c:e7:82:19:43:55:5e: 77:34:fd:c7:64:41:3f:52:af:c2:b4:dd:06:1c:5a:04:b6:10: d4:55:1e:93:f6:f3:c2:90:ef:95:e9:11:b7:6f:7b:ef:57:a5: 9d:45:f0:23:23:59:a1:8f:24:23:45:21:b7:70:18:09:7c:3f: 6e:51:f1:9f:48:de:d3:a6:19:61:94:27:fc:a3:b7:30:fd:8e: 39:22:7e:79:4b:ea:a8:1d:fd:fa:9d:24:1f:37:5a:cb:6d:79: 58:b3:fa:7c:ad:89:24:53:fe:40:49:a6:37:2c:41:66:03:c3: 12:9e:f3:aa:2e:d0:96:8d:e1:ff:f6:d0:db:2f:09:20:17:60: b0:da:b8:ac:cf:0e:b8:e1:0d:a8:fc:73:26:7c:0d:f4:52:31: a2:dc:4d:49:f7:a2:79:6b:dc:d1:7c:44:fa:cf:87:99:73:dd: cd:ed:99:24:7e:02:9c:e3:ce:62:a9:f0:6c:19:7f:5f:37:aa: a6:f9:11:e8:9f:cb:68:db:c3:78:9d:25:55:40:78:ee:7c:bb: d9:84:cc:64 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICLz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTE3N0MxMTAvBgNVBAUTKDIyOTNCRDRDNUU0RjlBMjk2NTM1OENCMDE4REYzRTRF RUU0REYxQ0YwHhcNMjQwNzAyMTYwMjEwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02Njg0MjQ4Mi04YmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz+Zot16AOJm/G8n7uyQb4bu98ssOgZn6wu8EclAc1AL51lZStluKBGzCCZ9s KMrv1vGqcE33WHffUd6HuuNY+tUR3f/oW0MmxuiFQd6jOAedsjxC47b0Rs8wUyeq H073OAe6CByvtxOwWFeejrXYe3XBkvmRzR4VBsvPO88dX6Gz6htpJ9iyEa5YOPek MKTVJa2VZpy51j9o6JyxsGOB827QM5TPcWJWRJ50rsnQn/zYJcgbuiSaThcIPsCc AEistpTvy4NpSa2MEd0GocGU13ju+HX4xl9SQjeqYTr6n7K+nlk6Idu87gUYvp/8 HJMgWYLEz4H+Fcpms5/nUNZdKQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFGK+YVqH yOXdkKawaY+kDrWo1RkYMB8GA1UdIwQYMBaAFCKTvUxeT5opZTWMsBjfPk7uTfHP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTc3Qy85MjRDRENDMDE0 MzAxMUUzQTBCMTlGMkE1OTExRUEzMi9JcE85VEY1UG1pbGxOWXl3R044LVR1NU44 YzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lwTzlURjVQbWlsbE5ZeXdHTjgtVHU1TjhjOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTE3N0MvOTI0Q0RDQzAxNDMwMTFFM0EwQjE5RjJBNTkxMUVBMzIvMTQ5QUI0QkU3 Q0U5MTFFRUI5QTAyRDgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMBgEAgABMBIDBAItebgDBAFnCnwDBAFnHDYwDgQCAAIwCAMGACQEP8AAMA0G CSqGSIb3DQEBCwUAA4IBAQB+YTws5kgW/sfehWEzPoQG0Eq3tYiaHRaJnokdCoCe WrkzGWByNmtK5Eh6yvMD8XznghlDVV53NP3HZEE/Uq/CtN0GHFoEthDUVR6T9vPC kO+V6RG3b3vvV6WdRfAjI1mhjyQjRSG3cBgJfD9uUfGfSN7TphlhlCf8o7cw/Y45 In55S+qoHf36nSQfN1rLbXlYs/p8rYkkU/5ASaY3LEFmA8MSnvOqLtCWjeH/9tDb LwkgF2Cw2riszw644Q2o/HMmfA30UjGi3E1J96J5a9zRfET6z4eZc93N7ZkkfgKc 485iqfBsGX9fN6qm+RHon8to28N4nSVVQHjufLvZhMxk -----END CERTIFICATE-----Generated at Fri Nov 22 16:49:19 2024 by rpki-client on console-ams.rpki-client.org