$ rpki-client -vvf rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/57A84138605911EE8ABC9318C4F9AE02.roa File: 57A84138605911EE8ABC9318C4F9AE02.roa (raw, json) Hash identifier: WUKkOVjUPJeB8A93G+CWAsXxkjWP1idr48nPvgJFAq8= Subject key identifier: 2D:4A:42:BD:51:8D:54:91:20:6F:75:13:36:47:16:ED:BF:C7:55:2A Certificate issuer: /CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E Certificate serial: 1146 Authority key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/57A84138605911EE8ABC9318C4F9AE02.roa Signing time: Sat 30 Dec 2023 17:54:55 +0000 ROA not before: Sat 30 Dec 2023 17:54:55 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 137074 IP address blocks: 43.224.188.0/22 maxlen: 24 43.226.4.0/22 maxlen: 24 103.18.64.0/22 maxlen: 24 103.43.212.0/22 maxlen: 24 103.104.16.0/22 maxlen: 24 116.89.246.0/23 maxlen: 24 203.28.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 17:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4422 (0x1146) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E Validity Not Before: Dec 30 17:54:55 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=6590596f-4c49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b8:86:df:45:5a:c2:5e:74:d7:42:2d:b2:e7: 26:a3:da:a5:69:b3:f9:ae:5e:b5:fe:33:24:f9:97: e5:e5:2d:40:d4:ab:c4:08:83:f3:7d:f0:42:cd:99: a5:49:03:a7:29:25:23:28:eb:40:5c:34:0f:9c:3c: ae:c3:75:b1:9c:d2:44:9b:f1:ee:e6:5d:5e:8c:24: 06:b0:f0:7f:8f:92:c6:c8:33:5c:4d:9b:40:f2:1b: fe:d5:1a:d3:e0:f2:5e:82:21:76:d4:ee:85:5d:16: 01:5f:31:b0:fe:37:44:a8:e8:4c:7e:a7:39:f7:73: a3:8e:08:54:66:54:ea:77:94:12:82:af:50:11:68: 29:3c:6b:96:eb:f2:d7:45:aa:0f:90:3f:71:50:b2: 13:b0:cc:e6:82:2a:a6:39:a6:57:d7:32:06:88:e6: ee:d5:1e:3a:83:98:ed:47:9d:96:d1:47:39:3d:1b: e0:c1:51:2a:39:fe:99:36:20:94:19:27:10:78:37: fb:4d:15:97:95:18:76:82:15:1c:23:8c:f9:f7:ff: 46:c0:af:bd:99:d6:14:88:17:20:4e:66:c0:4c:fb: 07:a4:04:e1:94:37:27:79:5c:c2:16:0d:47:aa:6b: fc:f5:d3:98:3c:c2:63:e5:1e:2d:0d:59:2b:a5:51: 51:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:4A:42:BD:51:8D:54:91:20:6F:75:13:36:47:16:ED:BF:C7:55:2A X509v3 Authority Key Identifier: keyid:BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/57A84138605911EE8ABC9318C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.188.0/22 43.226.4.0/22 103.18.64.0/22 103.43.212.0/22 103.104.16.0/22 116.89.246.0/23 203.28.64.0/22 Signature Algorithm: sha256WithRSAEncryption 77:d3:44:cb:66:ec:7c:de:d3:34:93:31:eb:4b:a4:a2:b1:ce: 42:2d:b6:0d:eb:81:ba:21:b5:42:9f:68:db:6d:f0:08:f7:8b: 1a:f8:96:15:07:57:32:b5:c5:80:cb:ee:4f:bb:9b:fe:d7:1b: 06:25:fc:da:b3:be:65:41:57:16:83:c4:d5:63:ad:6d:18:8e: ba:fe:61:28:a7:c6:80:42:fd:34:79:01:1e:52:48:6e:70:3e: 69:b4:30:f1:7b:10:94:b4:2c:97:f1:48:9e:75:bc:48:a2:34: bc:db:67:28:3d:52:33:cf:1b:ba:05:fe:f1:25:94:30:70:56: 23:17:84:7f:61:0f:f0:0c:08:9d:34:30:51:33:08:b2:29:c3: 8b:ff:b7:90:88:18:42:5a:4e:ec:f8:e4:b1:17:97:20:71:64: 47:06:c2:39:75:9d:0c:be:ad:f0:e4:ad:ee:69:4b:77:37:e1: 60:be:c5:0f:57:6b:3b:60:49:3f:8b:ca:89:ed:68:04:4f:6a: ac:7b:2f:92:92:59:45:81:0e:d3:49:a5:c3:29:bb:af:eb:7c: 72:6d:da:e1:20:45:3a:09:4d:d3:0a:fe:c0:0f:2d:2e:e1:60: d4:f5:89:85:29:e7:97:72:62:ad:87:49:ba:ba:d7:2e:97:7e: a2:f2:31:ee -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgICEUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMyOTYxRjcyMjQy QkY2MEQ1MUUwHhcNMjMxMjMwMTc1NDU1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTkwNTk2Zi00YzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr7iG30Vawl5010Itsucmo9qlabP5rl61/jMk+Zfl5S1A1KvECIPzffBCzZml SQOnKSUjKOtAXDQPnDyuw3WxnNJEm/Hu5l1ejCQGsPB/j5LGyDNcTZtA8hv+1RrT 4PJegiF21O6FXRYBXzGw/jdEqOhMfqc593OjjghUZlTqd5QSgq9QEWgpPGuW6/LX RaoPkD9xULITsMzmgiqmOaZX1zIGiObu1R46g5jtR52W0Uc5PRvgwVEqOf6ZNiCU GScQeDf7TRWXlRh2ghUcI4z59/9GwK+9mdYUiBcgTmbATPsHpAThlDcneVzCFg1H qmv89dOYPMJj5R4tDVkrpVFR7wIDAQABo4ICuTCCArUwHQYDVR0OBBYEFC1KQr1R jVSRIG91EzZHFu2/x1UqMB8GA1UdIwQYMBaAFLxTbAD4X1kEHZxMKWH3IkK/YNUe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDg2MC9CNDAxQzk4MkU5 NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBoZldRUWRuRXdwWWZjaVFyOWcx UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZGTnNBUGhmV1FRZG5Fd3BZZmNpUXI5ZzFSNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjQ4NjAvQjQwMUM5ODJFOTcwMTFFOEIwMzU5MzU5QzRGOUFFMDIvNTdBODQxMzg2 MDU5MTFFRThBQkM5MzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E NDAyMDAEAgABMCoDBAIr4LwDBAIr4gQDBAJnEkADBAJnK9QDBAJnaBADBAF0WfYD BALLHEAwDQYJKoZIhvcNAQELBQADggEBAHfTRMtm7Hze0zSTMetLpKKxzkIttg3r gbohtUKfaNtt8Aj3ixr4lhUHVzK1xYDL7k+7m/7XGwYl/NqzvmVBVxaDxNVjrW0Y jrr+YSinxoBC/TR5AR5SSG5wPmm0MPF7EJS0LJfxSJ51vEiiNLzbZyg9UjPPG7oF /vEllDBwViMXhH9hD/AMCJ00MFEzCLIpw4v/t5CIGEJaTuz45LEXlyBxZEcGwjl1 nQy+rfDkre5pS3c34WC+xQ9XaztgST+LyontaARPaqx7L5KSWUWBDtNJpcMpu6/r fHJt2uEgRToJTdMK/sAPLS7hYNT1iYUp55dyYq2HSbq61y6XfqLyMe4= -----END CERTIFICATE-----Generated at Sun Nov 24 18:24:14 2024 by rpki-client on console-ams.rpki-client.org