$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa File: 3A58D9F499E611EAB3C00943C4F9AE02.roa (raw, json) Hash identifier: QLB059PUHE1UbeMH66LaVQjEVmCcXSDSbvOoBGw3o3I= Subject key identifier: EF:F2:0E:DF:28:E5:29:59:BC:B2:2F:CA:A0:27:31:75:ED:22:7C:C8 Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 088D Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa Signing time: Fri 08 Mar 2024 21:29:36 +0000 ROA not before: Fri 08 Mar 2024 21:29:36 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 134520 IP address blocks: 43.245.220.0/22 maxlen: 22 103.209.100.0/24 maxlen: 24 103.209.101.0/24 maxlen: 24 103.209.102.0/24 maxlen: 24 103.209.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:10:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2189 (0x88d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Mar 8 21:29:36 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65eb8340-c953 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:6b:bf:05:9b:9e:1b:48:75:1a:0e:01:39:7f: 05:d3:d8:76:53:0e:3f:a0:b5:92:45:b1:f7:e5:e6: dc:a7:85:ce:c9:bc:43:e2:2b:6b:54:e8:1a:cc:b8: 49:d0:fd:6d:b5:8a:f8:2b:14:f5:3c:47:a6:61:04: 1c:a6:1a:26:41:c7:f6:a8:99:f3:56:91:ec:d4:bf: 9e:97:bc:bd:81:8c:ea:d4:c0:2b:c1:44:1e:56:9f: 4f:da:09:d0:59:04:db:2b:59:e4:3f:ba:7d:f6:f8: b9:c2:34:78:e5:b7:f7:ed:2a:82:c5:07:db:64:fa: e5:5e:b0:66:ff:0b:af:63:7d:86:76:44:f0:07:3a: 55:74:84:00:d4:3a:56:09:ab:24:99:a1:5c:77:5d: 26:a1:36:67:42:00:a9:3f:58:4d:d3:2d:f2:2c:d9: 41:65:36:f8:ca:0e:7f:8a:f4:06:60:ad:31:39:3d: b9:30:50:cc:fe:54:9e:43:ca:cc:5c:96:e9:a1:ca: 60:54:90:eb:f4:ed:fd:95:e2:0c:c6:94:6d:85:09: 01:10:e7:d2:10:90:98:82:96:91:be:4e:83:c4:07: 00:db:66:9e:b9:88:92:07:b9:21:42:79:95:a9:cf: dd:0c:08:5c:3d:91:66:1e:e5:b1:bf:34:ad:ef:e5: 7e:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:F2:0E:DF:28:E5:29:59:BC:B2:2F:CA:A0:27:31:75:ED:22:7C:C8 X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.245.220.0/22 103.209.100.0/22 Signature Algorithm: sha256WithRSAEncryption 86:a7:61:47:95:ad:60:da:4e:fe:42:47:34:c1:e6:26:b2:40: a4:c0:7e:5e:81:87:66:da:01:5a:0a:36:66:70:1b:71:1c:de: 98:23:10:89:33:a3:23:2f:6d:39:9b:67:0f:5b:62:b1:e2:63: 98:d3:35:ac:dd:b2:65:41:58:78:fa:1f:99:6a:c8:00:ad:ec: d6:a6:a1:a3:cb:b9:c5:ee:3b:72:61:d0:01:f9:0c:ab:07:14: 4d:5d:7d:ea:f7:de:42:9f:16:80:c6:67:4d:60:e1:6b:3e:ff: c2:92:0d:12:ef:f2:e1:14:a2:8f:64:7b:74:1f:9b:e3:d4:9d: b6:47:7f:00:6f:af:f1:64:df:99:e6:48:bb:35:ba:61:ca:69: db:fb:23:ce:64:53:3e:89:6b:4b:cf:0a:96:94:bd:55:dc:d1: dc:ac:31:8e:f4:fe:0f:2f:85:35:7e:7e:e7:e2:bc:f6:21:d5: 9e:8b:c4:ab:d4:c8:8d:e0:dc:2f:70:9e:17:06:8a:d3:5f:24: 22:89:ef:8b:9f:d6:79:a8:55:f7:29:e2:85:d5:b3:6e:16:dd: 3e:8d:f3:df:97:03:bf:a3:2b:71:a5:6b:4a:8b:b0:95:01:bd: 33:fb:c2:57:54:87:f2:94:a2:ad:1e:2d:30:6a:97:db:04:24: e0:15:5e:06 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjQwMzA4MjEyOTM2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWViODM0MC1jOTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp2u/BZueG0h1Gg4BOX8F09h2Uw4/oLWSRbH35ebcp4XOybxD4itrVOgazLhJ 0P1ttYr4KxT1PEemYQQcphomQcf2qJnzVpHs1L+el7y9gYzq1MArwUQeVp9P2gnQ WQTbK1nkP7p99vi5wjR45bf37SqCxQfbZPrlXrBm/wuvY32GdkTwBzpVdIQA1DpW CaskmaFcd10moTZnQgCpP1hN0y3yLNlBZTb4yg5/ivQGYK0xOT25MFDM/lSeQ8rM XJbpocpgVJDr9O39leIMxpRthQkBEOfSEJCYgpaRvk6DxAcA22aeuYiSB7khQnmV qc/dDAhcPZFmHuWxvzSt7+V+9QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFO/yDt8o 5SlZvLIvyqAnMXXtInzIMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0E1OEQ5RjQ5 OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr9dwDBAJn0WQwDQYJKoZIhvcNAQELBQADggEBAIanYUeV rWDaTv5CRzTB5iayQKTAfl6Bh2baAVoKNmZwG3Ec3pgjEIkzoyMvbTmbZw9bYrHi Y5jTNazdsmVBWHj6H5lqyACt7NamoaPLucXuO3Jh0AH5DKsHFE1dfer33kKfFoDG Z01g4Ws+/8KSDRLv8uEUoo9ke3Qfm+PUnbZHfwBvr/Fk35nmSLs1umHKadv7I85k Uz6Ja0vPCpaUvVXc0dysMY70/g8vhTV+fufivPYh1Z6LxKvUyI3g3C9wnhcGitNf JCKJ74uf1nmoVfcp4oXVs24W3T6N89+XA7+jK3Gla0qLsJUBvTP7wldUh/KUoq0e LTBql9sEJOAVXgY= -----END CERTIFICATE-----Generated at Fri Nov 22 22:14:27 2024 by rpki-client on console-ams.rpki-client.org