$ rpki-client -vvf rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/846D5AAA9F8A11ECB8E03812C4F9AE02.roa File: 846D5AAA9F8A11ECB8E03812C4F9AE02.roa (raw, json) Hash identifier: tHmXSemPBAEugdq+1SpWTBtqCV+h0O0Beyp/Z1zrfnk= Subject key identifier: FE:CB:44:76:5A:74:46:4E:CB:66:54:F6:3C:C7:B0:E7:CE:8D:E8:37 Certificate issuer: /CN=A9164390/serialNumber=C6433C49E63CD92035B307E8F79637608FEADBF5 Certificate serial: 1C12 Authority key identifier: C6:43:3C:49:E6:3C:D9:20:35:B3:07:E8:F7:96:37:60:8F:EA:DB:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xkM8SeY82SA1swfo95Y3YI_q2_U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/846D5AAA9F8A11ECB8E03812C4F9AE02.roa Signing time: Wed 10 Jul 2024 16:33:36 +0000 ROA not before: Wed 10 Jul 2024 16:33:36 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 38201 IP address blocks: 43.255.148.0/22 maxlen: 22 43.255.148.0/24 maxlen: 24 103.239.160.0/22 maxlen: 22 103.239.160.0/23 maxlen: 23 103.239.160.0/24 maxlen: 24 103.239.161.0/24 maxlen: 24 103.239.162.0/23 maxlen: 23 175.176.144.0/22 maxlen: 22 175.176.147.0/24 maxlen: 24 202.134.24.0/21 maxlen: 21 202.134.24.0/22 maxlen: 22 202.134.24.0/24 maxlen: 24 202.134.25.0/24 maxlen: 24 202.134.26.0/24 maxlen: 24 202.134.27.0/24 maxlen: 24 202.134.28.0/22 maxlen: 22 202.134.29.0/24 maxlen: 24 202.134.30.0/24 maxlen: 24 202.134.31.0/24 maxlen: 24 2400:6400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/xkM8SeY82SA1swfo95Y3YI_q2_U.crl rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/xkM8SeY82SA1swfo95Y3YI_q2_U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xkM8SeY82SA1swfo95Y3YI_q2_U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:12:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7186 (0x1c12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9164390/serialNumber=C6433C49E63CD92035B307E8F79637608FEADBF5 Validity Not Before: Jul 10 16:33:36 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=668eb7e0-4544 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:66:b3:90:43:d6:1c:40:18:a2:b0:da:8c:58: eb:0c:73:14:1c:11:e6:b3:61:bf:ce:3c:8d:a7:f7: e8:04:69:9e:61:0c:4f:85:b5:49:2e:dd:96:94:45: d6:67:16:c2:57:19:98:8b:30:7c:51:be:d6:9b:5d: 76:15:af:1a:de:01:68:93:a4:da:33:79:a6:bc:ac: b6:14:ef:a7:c2:59:53:20:45:34:f1:77:06:56:69: 25:32:95:65:99:5f:40:df:81:d6:a4:95:c6:b7:3a: 0c:0b:4d:dc:dd:a0:06:52:48:bb:93:fb:cd:ea:43: 01:e5:94:79:17:e9:f5:c7:19:38:73:03:98:34:5f: b7:ad:fb:b0:2b:c8:ca:93:7a:17:25:83:ff:b4:22: 00:12:90:95:07:f2:64:3d:7e:c7:47:60:b8:2a:d0: 29:f2:29:f2:a8:d7:0b:a6:de:40:e7:a9:e5:9f:fc: 64:92:e6:70:57:07:49:2f:c1:f6:61:24:36:0d:6f: cd:75:c1:34:10:45:fb:76:6a:fc:06:d8:e8:19:a6: 28:63:71:8f:0d:af:26:a6:2f:83:3f:58:d1:cb:c4: fb:13:a1:b5:82:cc:1c:71:8a:2d:af:bd:89:46:26: 4f:c2:0b:b7:cf:93:90:bf:c5:f8:c8:75:60:46:ad: 3a:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:CB:44:76:5A:74:46:4E:CB:66:54:F6:3C:C7:B0:E7:CE:8D:E8:37 X509v3 Authority Key Identifier: keyid:C6:43:3C:49:E6:3C:D9:20:35:B3:07:E8:F7:96:37:60:8F:EA:DB:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/xkM8SeY82SA1swfo95Y3YI_q2_U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xkM8SeY82SA1swfo95Y3YI_q2_U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164390/0E9354FCDC5C11E68E915E32C4F9AE02/846D5AAA9F8A11ECB8E03812C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.148.0/22 103.239.160.0/22 175.176.144.0/22 202.134.24.0/21 IPv6: 2400:6400::/32 Signature Algorithm: sha256WithRSAEncryption 11:d6:86:f9:6e:79:a1:d5:6e:e5:d9:5b:22:1f:eb:90:41:83: 1f:43:4f:8f:29:9b:bb:f6:c5:a0:5d:e2:43:3f:79:55:fe:ec: 89:4c:ff:20:17:6f:66:49:0f:2f:31:c9:3b:3b:da:36:6a:3c: 62:4c:a6:4d:20:1a:b8:6e:7c:e1:49:ef:bd:c7:c1:56:4a:ab: ce:49:d7:4e:a8:cd:72:ca:e7:58:08:69:09:ff:2a:35:36:70: c3:85:f9:b9:52:23:7f:81:98:cb:43:d6:74:6a:80:a1:53:1f: 56:0b:2e:76:21:e0:2d:c3:55:8b:24:8e:fc:25:05:86:00:5b: a6:61:27:27:e7:b5:6e:70:57:d4:8d:5a:a8:65:53:07:cb:bb: 1e:41:c5:2e:0e:48:01:50:06:1f:e1:8a:f9:d4:eb:99:cb:bd: bf:79:6f:58:88:53:35:5a:f6:f9:b6:8f:84:9a:5a:c3:f6:f2: 98:f8:74:21:f7:26:8e:9d:7f:ae:76:23:2b:ee:a3:de:2b:3a: b4:40:18:4d:62:a6:a2:ae:71:3b:e3:14:46:11:86:32:ec:cd: 0c:8f:8f:92:68:d3:1d:ba:2e:8d:0c:57:e7:b7:4d:60:14:0d: 0f:af:42:ed:be:a2:a0:82:ca:2c:6a:04:cb:6b:9f:62:1a:e8: ac:a5:61:ce -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICHBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjQzOTAxMTAvBgNVBAUTKEM2NDMzQzQ5RTYzQ0Q5MjAzNUIzMDdFOEY3OTYzNzYw OEZFQURCRjUwHhcNMjQwNzEwMTYzMzM2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjhlYjdlMC00NTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0GazkEPWHEAYorDajFjrDHMUHBHms2G/zjyNp/foBGmeYQxPhbVJLt2WlEXW ZxbCVxmYizB8Ub7Wm112Fa8a3gFok6TaM3mmvKy2FO+nwllTIEU08XcGVmklMpVl mV9A34HWpJXGtzoMC03c3aAGUki7k/vN6kMB5ZR5F+n1xxk4cwOYNF+3rfuwK8jK k3oXJYP/tCIAEpCVB/JkPX7HR2C4KtAp8inyqNcLpt5A56nln/xkkuZwVwdJL8H2 YSQ2DW/NdcE0EEX7dmr8BtjoGaYoY3GPDa8mpi+DP1jRy8T7E6G1gswccYotr72J RiZPwgu3z5OQv8X4yHVgRq06uQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFP7LRHZa dEZOy2ZU9jzHsOfOjeg3MB8GA1UdIwQYMBaAFMZDPEnmPNkgNbMH6PeWN2CP6tv1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDM5MC8wRTkzNTRGQ0RD NUMxMUU2OEU5MTVFMzJDNEY5QUUwMi94a004U2VZODJTQTFzd2ZvOTVZM1lJX3Ey X1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hrTThTZVk4MlNBMXN3Zm85NVkzWUlfcTJfVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjQzOTAvMEU5MzU0RkNEQzVDMTFFNjhFOTE1RTMyQzRGOUFFMDIvODQ2RDVBQUE5 RjhBMTFFQ0I4RTAzODEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAIr/5QDBAJn76ADBAKvsJADBAPKhhgwDQQCAAIwBwMFACQA ZAAwDQYJKoZIhvcNAQELBQADggEBABHWhvlueaHVbuXZWyIf65BBgx9DT48pm7v2 xaBd4kM/eVX+7IlM/yAXb2ZJDy8xyTs72jZqPGJMpk0gGrhufOFJ773HwVZKq85J 106ozXLK51gIaQn/KjU2cMOF+blSI3+BmMtD1nRqgKFTH1YLLnYh4C3DVYskjvwl BYYAW6ZhJyfntW5wV9SNWqhlUwfLux5BxS4OSAFQBh/hivnU65nLvb95b1iIUzVa 9vm2j4SaWsP28pj4dCH3Jo6df652Iyvuo94rOrRAGE1ipqKucTvjFEYRhjLszQyP j5Jo0x26Lo0MV+e3TWAUDQ+vQu2+oqCCyixqBMtrn2Ia6KylYc4= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:04 2024 by rpki-client on console-ams.rpki-client.org