$ rpki-client -vvf rpki.apnic.net/member_repository/A915C948/BB976832552C11EEAB049F69C4F9AE02/BED765785B0411EE94E4143EC4F9AE02.roa File: BED765785B0411EE94E4143EC4F9AE02.roa (raw, json) Hash identifier: bBHd4ZIAZef4AfDXAu4XRADCz+qZD69oZQ/Y1l+q350= Subject key identifier: 87:E0:EF:C7:24:8A:89:DF:63:58:60:C7:AB:D2:C8:32:B4:EF:25:52 Certificate issuer: /CN=A915C948/serialNumber=E2B7A2FCC2D7CCB993D532CFABB27FADB248DD17 Certificate serial: 3C Authority key identifier: E2:B7:A2:FC:C2:D7:CC:B9:93:D5:32:CF:AB:B2:7F:AD:B2:48:DD:17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4rei_MLXzLmT1TLPq7J_rbJI3Rc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915C948/BB976832552C11EEAB049F69C4F9AE02/BED765785B0411EE94E4143EC4F9AE02.roa Signing time: Fri 05 Jan 2024 12:12:26 +0000 ROA not before: Fri 05 Jan 2024 12:12:26 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 151803 IP address blocks: 103.218.120.0/23 maxlen: 24 2001:df2:ec40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915C948/BB976832552C11EEAB049F69C4F9AE02/4rei_MLXzLmT1TLPq7J_rbJI3Rc.crl rsync://rpki.apnic.net/member_repository/A915C948/BB976832552C11EEAB049F69C4F9AE02/4rei_MLXzLmT1TLPq7J_rbJI3Rc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4rei_MLXzLmT1TLPq7J_rbJI3Rc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 07:27:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60 (0x3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915C948/serialNumber=E2B7A2FCC2D7CCB993D532CFABB27FADB248DD17 Validity Not Before: Jan 5 12:12:26 2024 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=6597f22a-38a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:c6:b2:28:68:f3:ce:be:b0:bd:28:c8:e7:76: 3f:eb:cd:fe:4b:bf:5b:24:22:5c:79:b7:4f:8d:62: 58:0e:29:14:0b:51:65:13:83:b4:c4:41:68:b5:c6: 7b:2a:95:d4:2c:4b:1a:15:9b:c8:1e:06:72:24:35: fb:a9:90:de:82:36:e4:8c:f0:c9:71:02:46:cf:93: b0:2d:8d:f9:b5:fa:c1:2a:ab:0f:e9:28:81:17:cf: 77:2a:34:3a:54:34:01:37:25:fc:af:fc:e6:f7:cc: 2e:8e:16:e8:4b:8a:f5:48:89:27:89:e1:de:30:3f: a0:d5:66:9b:48:69:a5:f2:47:3f:6b:a4:c1:46:5f: 89:d1:10:08:ef:f8:76:43:0b:d2:ae:45:46:0c:e8: 2c:5b:90:5a:2b:12:38:73:05:ba:c4:cb:3f:70:ca: 63:87:0a:9d:06:48:e3:f7:dc:eb:6b:57:0b:95:1d: 1e:dd:47:81:9b:c8:8c:00:e2:55:28:d5:0d:d2:77: 40:23:a6:10:08:d9:f6:65:7b:5b:b7:54:56:19:9b: c6:74:6a:d9:ce:2f:14:f1:6a:bb:af:87:69:c6:04: e8:4f:31:68:25:bc:e3:06:fa:aa:22:63:8b:f9:72: 34:6e:c9:ce:6e:8e:41:6b:a1:2f:64:21:1b:8c:97: 97:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:E0:EF:C7:24:8A:89:DF:63:58:60:C7:AB:D2:C8:32:B4:EF:25:52 X509v3 Authority Key Identifier: keyid:E2:B7:A2:FC:C2:D7:CC:B9:93:D5:32:CF:AB:B2:7F:AD:B2:48:DD:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915C948/BB976832552C11EEAB049F69C4F9AE02/4rei_MLXzLmT1TLPq7J_rbJI3Rc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4rei_MLXzLmT1TLPq7J_rbJI3Rc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C948/BB976832552C11EEAB049F69C4F9AE02/BED765785B0411EE94E4143EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.218.120.0/23 IPv6: 2001:df2:ec40::/48 Signature Algorithm: sha256WithRSAEncryption 34:63:96:a1:6a:94:3e:f2:0e:36:21:95:17:9d:57:fd:a9:70: bc:54:b5:76:75:7f:fa:b8:30:d7:e9:db:8f:ed:43:da:af:04: b9:fc:c7:71:1a:b0:8a:2a:84:70:b2:89:e4:41:d3:66:be:09: 1f:da:4d:ac:6e:de:5e:85:6b:f0:a6:28:96:96:ea:11:41:ea: 19:59:f4:95:72:b4:e8:5b:5d:9a:ec:eb:ec:cf:58:f0:2a:6e: 61:5a:19:bd:33:32:0d:41:a2:6f:f5:2c:6e:83:b1:5e:fa:b0: 5e:3e:97:fc:32:b1:95:58:c5:02:bc:a2:93:85:61:81:01:29: 5a:dc:05:44:83:8a:18:f8:8c:e9:f4:e0:7c:bf:05:50:01:69: f6:60:c6:5d:07:c5:ba:f1:a9:22:72:3e:e9:fe:f8:35:d7:ad: ff:78:44:c5:d0:0b:3b:8b:1f:fa:a6:25:52:3b:60:e0:25:d8: 62:7d:c6:13:5b:20:0a:15:5b:a5:6f:33:33:7a:38:6c:76:b6: da:00:8b:75:f0:f8:9c:e8:9d:a3:6c:04:73:c3:76:27:30:6b: 46:28:c5:e8:ed:40:9f:60:b7:12:8a:ed:b7:60:d1:39:94:62: a0:41:37:82:a0:cb:dd:25:ce:c9:ae:f6:b8:d0:8c:f4:f4:fa: 24:11:38:e5 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 Qzk0ODExMC8GA1UEBRMoRTJCN0EyRkNDMkQ3Q0NCOTkzRDUzMkNGQUJCMjdGQURC MjQ4REQxNzAeFw0yNDAxMDUxMjEyMjZaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY1OTdmMjJhLTM4YTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCjxrIoaPPOvrC9KMjndj/rzf5Lv1skIlx5t0+NYlgOKRQLUWUTg7TEQWi1xnsq ldQsSxoVm8geBnIkNfupkN6CNuSM8MlxAkbPk7Atjfm1+sEqqw/pKIEXz3cqNDpU NAE3Jfyv/Ob3zC6OFuhLivVIiSeJ4d4wP6DVZptIaaXyRz9rpMFGX4nREAjv+HZD C9KuRUYM6CxbkForEjhzBbrEyz9wymOHCp0GSOP33OtrVwuVHR7dR4GbyIwA4lUo 1Q3Sd0AjphAI2fZle1u3VFYZm8Z0atnOLxTxaruvh2nGBOhPMWglvOMG+qoiY4v5 cjRuyc5ujkFroS9kIRuMl5c9AgMBAAGjggKmMIICojAdBgNVHQ4EFgQUh+DvxySK id9jWGDHq9LIMrTvJVIwHwYDVR0jBBgwFoAU4rei/MLXzLmT1TLPq7J/rbJI3Rcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVDOTQ4L0JCOTc2ODMyNTUy QzExRUVBQjA0OUY2OUM0RjlBRTAyLzRyZWlfTUxYekxtVDFUTFBxN0pfcmJKSTNS Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNHJlaV9NTFh6TG1UMVRMUHE3Sl9yYkpJM1JjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 Qzk0OC9CQjk3NjgzMjU1MkMxMUVFQUIwNDlGNjlDNEY5QUUwMi9CRUQ3NjU3ODVC MDQxMUVFOTRFNDE0M0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAWfaeDAPBAIAAjAJAwcAIAEN8uxAMA0GCSqGSIb3DQEBCwUA A4IBAQA0Y5ahapQ+8g42IZUXnVf9qXC8VLV2dX/6uDDX6duP7UParwS5/MdxGrCK KoRwsonkQdNmvgkf2k2sbt5ehWvwpiiWluoRQeoZWfSVcrToW12a7Ovsz1jwKm5h Whm9MzINQaJv9Sxug7Fe+rBePpf8MrGVWMUCvKKThWGBASla3AVEg4oY+Izp9OB8 vwVQAWn2YMZdB8W68akicj7p/vg1163/eETF0As7ix/6piVSO2DgJdhifcYTWyAK FVulbzMzejhsdrbaAIt18Pic6J2jbARzw3YnMGtGKMXo7UCfYLcSiu23YNE5lGKg QTeCoMvdJc7Jrva40Iz09PokETjl -----END CERTIFICATE-----Generated at Fri May 31 10:01:45 2024 by rpki-client on console-ams.rpki-client.org