$ rpki-client -vvf rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa File: 5A9BEA702D7611EB9827C368C4F9AE02.roa (raw, json) Hash identifier: 1nVtTiAWortZBzd4QG4txIX9Lgvh+1MD6y04ijBCbPs= Subject key identifier: FE:D5:F5:6A:F9:9A:61:CD:DD:1D:39:00:34:3A:98:AE:2D:02:A6:70 Certificate issuer: /CN=A915DAF1/serialNumber=BB9F42CFCE388EDC4B29EA65DEB6162B256D2102 Certificate serial: 059C Authority key identifier: BB:9F:42:CF:CE:38:8E:DC:4B:29:EA:65:DE:B6:16:2B:25:6D:21:02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa Signing time: Fri 03 Mar 2023 00:30:39 +0000 ROA not before: Fri 03 Mar 2023 00:30:39 +0000 ROA not after: Wed 29 May 2024 00:00:00 +0000 asID: 140224 IP address blocks: 103.148.186.0/24 maxlen: 24 103.148.187.0/24 maxlen: 24 2001:df2:e380::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/u59Cz844jtxLKepl3rYWKyVtIQI.crl rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/u59Cz844jtxLKepl3rYWKyVtIQI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 May 2023 00:51:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1436 (0x59c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915DAF1/serialNumber=BB9F42CFCE388EDC4B29EA65DEB6162B256D2102 Validity Not Before: Mar 3 00:30:39 2023 GMT Not After : May 29 00:00:00 2024 GMT Subject: CN=64013faf-b46c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:bb:b2:01:17:68:a8:1e:9b:38:a5:11:f2:7c: 69:b6:9c:b4:ef:b3:ec:8b:3c:6d:3a:99:e8:4e:4a: 97:82:a4:b8:fa:d8:e6:ca:8d:56:56:bd:64:af:af: 97:2e:2a:dd:0c:bd:9e:3e:f4:a9:6b:53:08:76:14: ff:48:e8:33:67:15:7b:2e:7f:bd:19:54:95:e2:d6: e2:f3:21:70:11:af:e0:30:0a:46:45:7a:0a:38:97: 48:1e:54:76:17:7c:f2:96:63:8d:44:ba:e6:1b:55: 20:49:a7:54:a3:3f:9e:7f:5c:34:cd:f9:34:aa:91: 8a:b5:f1:04:ba:00:b6:99:75:e6:bd:c0:b4:3e:20: 4a:b6:37:80:8b:42:bb:a0:66:8e:06:bd:f7:56:5c: 17:95:68:0e:b0:f9:43:32:2c:1f:3e:b6:a1:29:a7: 61:49:30:c6:6e:56:a3:bc:d5:ae:51:fb:97:1c:32: 66:27:26:64:30:98:9d:d5:09:09:8b:fd:a9:80:1b: 26:97:b5:e7:95:3e:50:36:00:e3:ea:14:ee:7c:1d: 6f:2a:34:6a:ec:14:84:f7:3f:2d:e5:6c:3f:2e:0e: ca:6f:d6:97:08:84:2c:4d:dc:1c:12:35:3b:1f:f4: 2f:e1:1b:1c:71:50:81:5f:2b:39:8c:27:0b:b8:bd: ea:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:D5:F5:6A:F9:9A:61:CD:DD:1D:39:00:34:3A:98:AE:2D:02:A6:70 X509v3 Authority Key Identifier: keyid:BB:9F:42:CF:CE:38:8E:DC:4B:29:EA:65:DE:B6:16:2B:25:6D:21:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/u59Cz844jtxLKepl3rYWKyVtIQI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.148.186.0/23 IPv6: 2001:df2:e380::/48 Signature Algorithm: sha256WithRSAEncryption 21:99:75:0a:d3:4b:51:e6:9b:ff:b9:10:d6:ef:95:92:e3:a2: fc:9f:c1:e7:8e:57:6f:47:16:45:05:76:9b:ed:18:e5:e2:13: d5:22:fb:96:f2:ad:f0:6a:b5:92:10:56:9e:cd:42:3e:64:98: d5:28:f1:9f:7e:e7:a1:e8:94:f0:f9:02:1a:3b:28:ad:1b:ea: 96:93:29:f2:f5:bf:3e:60:df:1a:14:54:07:88:d9:42:7f:dd: e6:52:88:87:66:f3:3b:02:d7:da:61:d4:a1:14:8b:66:d5:19: 3e:77:76:a9:0b:bb:d7:3a:06:34:01:66:41:43:76:76:4d:85: c1:d9:1a:81:65:9d:70:9a:d3:77:b3:ca:10:cd:d0:dd:52:b3: 38:b7:44:ee:d0:36:3c:0d:48:42:27:2b:2b:9c:33:31:36:43: 63:67:16:ea:b2:06:de:ba:3e:5d:fa:e0:2f:86:ac:c6:ce:9b: 5c:fd:68:6a:c6:b5:1c:5d:ac:d6:a5:ef:64:59:da:b2:ce:be: af:9f:5b:82:c0:df:70:05:e4:c6:44:31:10:e3:a8:c5:de:d5: 5f:97:71:21:57:ac:2c:4b:99:1a:af:5a:3d:e4:c6:40:fb:35: f3:ed:ab:1e:ae:56:af:d9:8c:41:97:5a:d4:54:47:f3:4e:d2: b5:19:33:da -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NURBRjExMTAvBgNVBAUTKEJCOUY0MkNGQ0UzODhFREM0QjI5RUE2NURFQjYxNjJC MjU2RDIxMDIwHhcNMjMwMzAzMDAzMDM5WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD VQQDEw02NDAxM2ZhZi1iNDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu7uyARdoqB6bOKUR8nxptpy077PsizxtOpnoTkqXgqS4+tjmyo1WVr1kr6+X LirdDL2ePvSpa1MIdhT/SOgzZxV7Ln+9GVSV4tbi8yFwEa/gMApGRXoKOJdIHlR2 F3zylmONRLrmG1UgSadUoz+ef1w0zfk0qpGKtfEEugC2mXXmvcC0PiBKtjeAi0K7 oGaOBr33VlwXlWgOsPlDMiwfPrahKadhSTDGblajvNWuUfuXHDJmJyZkMJid1QkJ i/2pgBsml7XnlT5QNgDj6hTufB1vKjRq7BSE9z8t5Ww/Lg7Kb9aXCIQsTdwcEjU7 H/Qv4RsccVCBXys5jCcLuL3qBwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFP7V9Wr5 mmHN3R05ADQ6mK4tAqZwMB8GA1UdIwQYMBaAFLufQs/OOI7cSynqZd62FislbSEC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1REFGMS8wQjJCOTBBNDJE NzUxMUVCOTM2RTM0NThDNEY5QUUwMi91NTlDejg0NGp0eExLZXBsM3JZV0t5VnRJ UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3U1OUN6ODQ0anR4TEtlcGwzcllXS3lWdElRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NURBRjEvMEIyQjkwQTQyRDc1MTFFQjkzNkUzNDU4QzRGOUFFMDIvNUE5QkVBNzAy RDc2MTFFQjk4MjdDMzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnlLowDwQCAAIwCQMHACABDfLjgDANBgkqhkiG9w0BAQsF AAOCAQEAIZl1CtNLUeab/7kQ1u+VkuOi/J/B545Xb0cWRQV2m+0Y5eIT1SL7lvKt 8Gq1khBWns1CPmSY1Sjxn37noeiU8PkCGjsorRvqlpMp8vW/PmDfGhRUB4jZQn/d 5lKIh2bzOwLX2mHUoRSLZtUZPnd2qQu71zoGNAFmQUN2dk2FwdkagWWdcJrTd7PK EM3Q3VKzOLdE7tA2PA1IQicrK5wzMTZDY2cW6rIG3ro+XfrgL4asxs6bXP1oasa1 HF2s1qXvZFnass6+r59bgsDfcAXkxkQxEOOoxd7VX5dxIVesLEuZGq9aPeTGQPs1 8+2rHq5Wr9mMQZda1FRH807StRkz2g== -----END CERTIFICATE-----Generated at Wed May 3 13:18:17 2023 by rpki-client on console-ams.rpki-client.org