$ rpki-client -vvf rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa File: D7120558A7ED11EA95BED565C4F9AE02.roa (raw, json) Hash identifier: JhvRyVbWyK5Qve0PsD+khkWj+V/HppUjAk+12roWi1I= Subject key identifier: 94:EA:EE:E2:49:A5:7D:7F:96:F0:2D:8D:80:27:03:8E:31:71:50:34 Certificate issuer: /CN=A9161A58/serialNumber=B4669D30D210E4907CD2888BE74B89A6DD3CB6C8 Certificate serial: 0755 Authority key identifier: B4:66:9D:30:D2:10:E4:90:7C:D2:88:8B:E7:4B:89:A6:DD:3C:B6:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa Signing time: Tue 17 Jan 2023 09:09:53 +0000 ROA not before: Tue 17 Jan 2023 09:09:53 +0000 ROA not after: Sun 30 Jul 2023 00:00:00 +0000 asID: 135386 IP address blocks: 43.230.204.0/22 maxlen: 22 43.230.204.0/24 maxlen: 24 43.230.205.0/24 maxlen: 24 43.230.206.0/24 maxlen: 24 43.230.207.0/24 maxlen: 24 103.50.16.0/22 maxlen: 22 103.56.44.0/22 maxlen: 22 103.56.44.0/24 maxlen: 24 103.56.45.0/24 maxlen: 24 103.56.46.0/24 maxlen: 24 103.56.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/tGadMNIQ5JB80oiL50uJpt08tsg.crl rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/tGadMNIQ5JB80oiL50uJpt08tsg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Mar 2023 22:29:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1877 (0x755) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161A58/serialNumber=B4669D30D210E4907CD2888BE74B89A6DD3CB6C8 Validity Not Before: Jan 17 09:09:53 2023 GMT Not After : Jul 30 00:00:00 2023 GMT Subject: CN=63c665e1-71e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:d4:c1:2d:5f:43:5d:bd:eb:d2:59:95:02:0c: be:ac:b9:d9:c6:62:3c:f2:08:20:fb:8d:ce:39:14: c2:5d:1d:63:7d:92:07:b7:01:37:c3:e5:c1:a4:fd: 92:b3:23:36:38:c1:73:4c:c0:9d:7a:e4:e0:79:77: fa:03:a1:bb:01:4c:40:db:87:6b:42:17:35:7b:4f: 1e:b3:0d:47:33:c9:1d:b5:9c:ef:0e:c6:cb:f6:7f: 00:67:7e:bb:b1:44:33:e9:58:8e:61:7b:82:91:5a: 98:19:3d:bf:1d:e1:5e:c0:f2:b1:0b:73:67:2b:7d: 4b:cc:89:ca:38:28:2e:86:f2:08:92:e6:a1:4e:0f: 1f:ed:25:ba:51:64:ea:13:da:24:4b:91:d5:3c:de: f6:6e:94:82:0d:98:ef:c5:1f:26:cd:4b:6e:e8:bc: 2d:f8:6a:23:d1:03:e6:53:f7:be:08:d0:61:2f:ee: 34:cf:58:7e:30:c6:9f:67:1c:6d:10:14:17:7d:be: 12:c4:9f:b4:d0:3c:95:f9:1f:7a:b4:dd:91:fa:eb: a0:87:1d:93:5b:93:99:be:73:90:e0:4f:ad:9e:0f: 44:9d:51:37:a0:0e:8c:03:6b:ba:bb:ba:5c:d1:f8: f7:c4:8e:dc:b1:b6:eb:a4:b1:79:82:9e:93:b3:9f: 25:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:EA:EE:E2:49:A5:7D:7F:96:F0:2D:8D:80:27:03:8E:31:71:50:34 X509v3 Authority Key Identifier: keyid:B4:66:9D:30:D2:10:E4:90:7C:D2:88:8B:E7:4B:89:A6:DD:3C:B6:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/tGadMNIQ5JB80oiL50uJpt08tsg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tGadMNIQ5JB80oiL50uJpt08tsg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161A58/B389304EA7EC11EA80485864C4F9AE02/D7120558A7ED11EA95BED565C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.204.0/22 103.50.16.0/22 103.56.44.0/22 Signature Algorithm: sha256WithRSAEncryption 38:61:2e:6b:b8:51:6a:2b:c4:05:50:7f:3b:f1:df:a9:58:d3: 58:8f:8e:f7:73:3c:bf:b3:08:3f:cf:aa:9e:b8:10:50:a8:1d: 68:d6:e5:15:56:79:b6:50:a2:8e:11:15:e4:85:9e:ff:41:b6: 75:aa:da:b7:0b:2e:30:86:e0:00:96:76:c4:33:3e:fe:46:21: 4e:98:d6:3b:a7:90:09:49:90:c2:a6:03:06:04:56:42:57:a1: f5:f2:12:ca:bd:61:04:c8:ee:ee:6e:28:bc:4e:5d:53:f8:4a: d9:0c:ff:e9:ac:71:1f:a0:08:b6:04:26:79:39:ff:79:40:9f: c8:f2:71:42:40:08:20:34:9d:e2:e8:03:98:6b:c6:5e:4f:b6: 19:02:92:ec:3a:28:8c:5f:c0:c4:6d:4b:8b:1e:38:98:10:8f: 00:ea:bc:0b:b4:80:ab:c9:e2:51:40:cd:0a:75:74:20:3d:f8: 2b:49:a9:d5:77:54:3d:8e:8a:22:33:59:05:8b:12:af:63:4c: fc:93:af:ae:a5:8a:9d:ad:9e:04:a2:fa:cd:1a:df:92:57:ef: 6b:20:c8:39:d3:69:9e:6e:37:c4:32:b9:e6:cf:54:1a:f3:84: b6:cf:06:c4:35:6a:bc:b2:b4:44:ad:77:8e:a6:78:60:3a:7a: dc:f4:7e:cc -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICB1UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjFBNTgxMTAvBgNVBAUTKEI0NjY5RDMwRDIxMEU0OTA3Q0QyODg4QkU3NEI4OUE2 REQzQ0I2QzgwHhcNMjMwMTE3MDkwOTUzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02M2M2NjVlMS03MWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7tTBLV9DXb3r0lmVAgy+rLnZxmI88ggg+43OORTCXR1jfZIHtwE3w+XBpP2S syM2OMFzTMCdeuTgeXf6A6G7AUxA24drQhc1e08esw1HM8kdtZzvDsbL9n8AZ367 sUQz6ViOYXuCkVqYGT2/HeFewPKxC3NnK31LzInKOCguhvIIkuahTg8f7SW6UWTq E9okS5HVPN72bpSCDZjvxR8mzUtu6Lwt+Goj0QPmU/e+CNBhL+40z1h+MMafZxxt EBQXfb4SxJ+00DyV+R96tN2R+uughx2TW5OZvnOQ4E+tng9EnVE3oA6MA2u6u7pc 0fj3xI7csbbrpLF5gp6Ts58lkQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJTq7uJJ pX1/lvAtjYAnA44xcVA0MB8GA1UdIwQYMBaAFLRmnTDSEOSQfNKIi+dLiabdPLbI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUE1OC9CMzg5MzA0RUE3 RUMxMUVBODA0ODU4NjRDNEY5QUUwMi90R2FkTU5JUTVKQjgwb2lMNTB1SnB0MDh0 c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RHYWRNTklRNUpCODBvaUw1MHVKcHQwOHRzZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjFBNTgvQjM4OTMwNEVBN0VDMTFFQTgwNDg1ODY0QzRGOUFFMDIvRDcxMjA1NThB N0VEMTFFQTk1QkVENTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAIr5swDBAJnMhADBAJnOCwwDQYJKoZIhvcNAQELBQADggEB ADhhLmu4UWorxAVQfzvx36lY01iPjvdzPL+zCD/Pqp64EFCoHWjW5RVWebZQoo4R FeSFnv9BtnWq2rcLLjCG4ACWdsQzPv5GIU6Y1junkAlJkMKmAwYEVkJXofXyEsq9 YQTI7u5uKLxOXVP4StkM/+mscR+gCLYEJnk5/3lAn8jycUJACCA0neLoA5hrxl5P thkCkuw6KIxfwMRtS4seOJgQjwDqvAu0gKvJ4lFAzQp1dCA9+CtJqdV3VD2OiiIz WQWLEq9jTPyTr66lip2tngSi+s0a35JX72sgyDnTaZ5uN8QyuebPVBrzhLbPBsQ1 aryytEStd46meGA6etz0fsw= -----END CERTIFICATE-----Generated at Wed Mar 15 11:53:31 2023 by rpki-client on console-fra.rpki-client.org