$ rpki-client -vvf rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/846D5AAA9F8A11ECB8E03812C4F9AE02.roa File: 846D5AAA9F8A11ECB8E03812C4F9AE02.roa (raw, json) Hash identifier: 7PdKUXE5Xitd5DLRaHPfMoA74Y6LX1GUgGaOxCGqnLQ= Subject key identifier: 90:F0:7D:26:F7:25:6A:EF:27:43:C2:02:77:72:F5:FC:B9:2D:EC:53 Certificate issuer: /CN=A9164390/serialNumber=C6433C49E63CD92035B307E8F79637608FEADBF5 Certificate serial: 1B55 Authority key identifier: C6:43:3C:49:E6:3C:D9:20:35:B3:07:E8:F7:96:37:60:8F:EA:DB:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xkM8SeY82SA1swfo95Y3YI_q2_U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/846D5AAA9F8A11ECB8E03812C4F9AE02.roa Signing time: Tue 18 Jul 2023 16:33:19 +0000 ROA not before: Tue 18 Jul 2023 16:33:19 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 38201 IP address blocks: 43.255.148.0/22 maxlen: 22 43.255.148.0/24 maxlen: 24 103.239.160.0/22 maxlen: 22 103.239.160.0/23 maxlen: 23 103.239.160.0/24 maxlen: 24 103.239.161.0/24 maxlen: 24 103.239.162.0/23 maxlen: 23 175.176.144.0/22 maxlen: 22 175.176.147.0/24 maxlen: 24 202.134.24.0/21 maxlen: 21 202.134.24.0/22 maxlen: 22 202.134.24.0/24 maxlen: 24 202.134.25.0/24 maxlen: 24 202.134.26.0/24 maxlen: 24 202.134.27.0/24 maxlen: 24 202.134.28.0/22 maxlen: 22 202.134.29.0/24 maxlen: 24 202.134.30.0/24 maxlen: 24 202.134.31.0/24 maxlen: 24 2400:6400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/xkM8SeY82SA1swfo95Y3YI_q2_U.crl rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/xkM8SeY82SA1swfo95Y3YI_q2_U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xkM8SeY82SA1swfo95Y3YI_q2_U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 16:41:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6997 (0x1b55) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9164390/serialNumber=C6433C49E63CD92035B307E8F79637608FEADBF5 Validity Not Before: Jul 18 16:33:19 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=64b6becf-3948 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:20:5f:6b:78:7d:10:66:8a:6c:48:95:7e:55: aa:25:e4:0c:2c:76:d1:e2:50:e4:5c:cb:c1:cd:43: 2e:79:a0:92:8c:f9:e5:d1:97:a2:83:2c:82:c0:7e: e5:c7:d6:cb:4f:60:75:e5:ae:8a:39:54:e7:57:11: 66:ac:db:a2:92:5c:90:65:f2:5c:29:25:a3:d5:47: 26:e3:f0:5a:10:86:3a:71:1a:d7:6c:52:cf:6e:f5: aa:41:18:ad:a5:2b:2d:db:8e:84:07:4d:10:d6:e9: 27:94:c1:99:a1:0d:db:c9:eb:aa:13:08:aa:df:ee: 30:60:45:ec:a9:c1:7c:83:be:99:27:24:7f:d0:4b: 7e:29:00:a7:da:dd:9e:4d:1a:e1:24:85:6f:14:90: 85:d2:e9:71:4f:b9:06:7d:df:35:69:35:86:45:62: af:10:f6:8b:89:33:6b:9e:d5:96:76:ab:9f:14:70: 1e:76:34:a8:70:c4:7b:85:f9:77:05:df:b9:92:3b: 3a:28:bf:5d:18:e5:a8:46:74:6b:73:69:2a:0c:4e: 43:38:8f:34:b3:80:a1:e8:87:81:3e:c6:56:86:c4: 4e:28:c0:96:d2:06:0e:b3:12:0d:16:bd:66:ce:8d: 42:b0:2f:a3:68:74:e2:08:d5:6a:ad:69:ba:3d:79: a3:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:F0:7D:26:F7:25:6A:EF:27:43:C2:02:77:72:F5:FC:B9:2D:EC:53 X509v3 Authority Key Identifier: keyid:C6:43:3C:49:E6:3C:D9:20:35:B3:07:E8:F7:96:37:60:8F:EA:DB:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/xkM8SeY82SA1swfo95Y3YI_q2_U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xkM8SeY82SA1swfo95Y3YI_q2_U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/846D5AAA9F8A11ECB8E03812C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.148.0/22 103.239.160.0/22 175.176.144.0/22 202.134.24.0/21 IPv6: 2400:6400::/32 Signature Algorithm: sha256WithRSAEncryption 08:30:83:99:08:12:40:ee:5f:90:de:fb:cd:1c:00:e7:12:ca: 82:65:d5:3f:a0:7c:7b:7a:c8:03:1b:52:71:ff:cf:cb:a1:17: 88:93:e3:e2:5f:b1:a8:4d:91:f7:a6:fa:89:82:9a:f9:14:c7: 7b:44:93:ef:b8:90:18:04:e0:a8:9e:25:63:b1:3c:a7:80:6e: aa:de:d6:23:0a:0e:e1:c5:d5:a3:bd:ca:7e:50:c1:59:d6:57: 1a:a5:ed:cf:87:a5:74:6e:62:e5:f8:c4:af:ac:e7:3c:19:79: eb:42:3a:5c:5a:53:fd:88:aa:e3:c0:d8:3e:4d:70:7a:89:df: 8d:e4:0f:65:86:0a:9b:68:f8:41:31:07:a5:eb:5b:db:44:f5: 12:e9:58:65:20:ba:30:02:72:f1:15:2a:d3:d2:3e:33:0d:a7: d2:54:a4:75:53:ab:67:d4:bd:25:68:f8:f6:fc:09:ef:48:51: b1:ac:4b:42:5f:f7:99:0c:83:bc:d9:ef:10:d9:9e:93:f2:db: 2c:ef:2d:cc:e4:e7:0b:49:39:15:fd:70:55:f8:45:fb:c5:74: ae:a2:df:89:82:aa:41:6b:e0:6f:d1:93:27:1a:9e:9c:68:9b: 9c:2a:0a:79:5e:14:b1:dd:5e:19:05:ce:13:de:77:73:ca:32: c1:9c:bf:11 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICG1UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjQzOTAxMTAvBgNVBAUTKEM2NDMzQzQ5RTYzQ0Q5MjAzNUIzMDdFOEY3OTYzNzYw OEZFQURCRjUwHhcNMjMwNzE4MTYzMzE5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGI2YmVjZi0zOTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqCBfa3h9EGaKbEiVflWqJeQMLHbR4lDkXMvBzUMueaCSjPnl0ZeigyyCwH7l x9bLT2B15a6KOVTnVxFmrNuiklyQZfJcKSWj1Ucm4/BaEIY6cRrXbFLPbvWqQRit pSst246EB00Q1uknlMGZoQ3byeuqEwiq3+4wYEXsqcF8g76ZJyR/0Et+KQCn2t2e TRrhJIVvFJCF0ulxT7kGfd81aTWGRWKvEPaLiTNrntWWdqufFHAedjSocMR7hfl3 Bd+5kjs6KL9dGOWoRnRrc2kqDE5DOI80s4Ch6IeBPsZWhsROKMCW0gYOsxINFr1m zo1CsC+jaHTiCNVqrWm6PXmj0QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFJDwfSb3 JWrvJ0PCAndy9fy5LexTMB8GA1UdIwQYMBaAFMZDPEnmPNkgNbMH6PeWN2CP6tv1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDM5MC8wRTkzNTRGQ0RD NUMxMUU2OEU5MTVFMzJDNEY5QUUwMi94a004U2VZODJTQTFzd2ZvOTVZM1lJX3Ey X1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hrTThTZVk4MlNBMXN3Zm85NVkzWUlfcTJfVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjQzOTAvMEU5MzU0RkNEQzVDMTFFNjhFOTE1RTMyQzRGOUFFMDIvODQ2RDVBQUE5 RjhBMTFFQ0I4RTAzODEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr/5QDBAJn76ADBAKvsJADBAPKhhgwDQQCAAIwBwMFACQA ZAAwDQYJKoZIhvcNAQELBQADggEBAAgwg5kIEkDuX5De+80cAOcSyoJl1T+gfHt6 yAMbUnH/z8uhF4iT4+JfsahNkfem+omCmvkUx3tEk++4kBgE4KieJWOxPKeAbqre 1iMKDuHF1aO9yn5QwVnWVxql7c+HpXRuYuX4xK+s5zwZeetCOlxaU/2IquPA2D5N cHqJ343kD2WGCpto+EExB6XrW9tE9RLpWGUgujACcvEVKtPSPjMNp9JUpHVTq2fU vSVo+Pb8Ce9IUbGsS0Jf95kMg7zZ7xDZnpPy2yzvLczk5wtJORX9cFX4RfvFdK6i 34mCqkFr4G/Rkycanpxom5wqCnleFLHdXhkFzhPed3PKMsGcvxE= -----END CERTIFICATE-----Generated at Tue May 14 19:10:16 2024 by rpki-client on console-ams.rpki-client.org