$ rpki-client -vvf rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/0B6054BA851E11EA86E0DF24C4F9AE02.roa File: 0B6054BA851E11EA86E0DF24C4F9AE02.roa (raw, json) Hash identifier: MgTUngCCzikGCV51wBox1XfJC+wHmw6xDYqUAEuxnEk= Subject key identifier: 44:0A:E7:BA:2F:AD:57:17:8C:DF:12:00:E5:4D:BC:23:C6:78:EC:46 Certificate issuer: /CN=A916B0A3/serialNumber=DA8DBC3B099742D3ABD2A895DD1339893B9A8F5F Certificate serial: 0B06 Authority key identifier: DA:8D:BC:3B:09:97:42:D3:AB:D2:A8:95:DD:13:39:89:3B:9A:8F:5F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2o28OwmXQtOr0qiV3RM5iTuaj18.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/0B6054BA851E11EA86E0DF24C4F9AE02.roa Signing time: Mon 14 Oct 2024 15:52:39 +0000 ROA not before: Mon 14 Oct 2024 15:52:39 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 55785 IP address blocks: 43.252.68.0/22 maxlen: 22 103.247.152.0/22 maxlen: 22 2403:4d00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.crl rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2o28OwmXQtOr0qiV3RM5iTuaj18.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:41:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2822 (0xb06) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B0A3/serialNumber=DA8DBC3B099742D3ABD2A895DD1339893B9A8F5F Validity Not Before: Oct 14 15:52:39 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=670d3e47-be59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:d7:69:08:ac:38:e0:e4:0e:78:fc:77:36:6c: 80:1a:9e:6c:56:6c:f1:9d:db:28:1e:44:27:b9:c5: b0:44:d7:56:25:65:c8:dd:6d:84:2c:3d:60:b5:6a: 99:9a:95:86:c1:38:0d:cc:c3:7b:ab:29:4f:63:e3: c2:90:04:a7:66:7a:e3:0d:07:d5:5d:0f:b1:3e:77: ef:5c:51:e0:02:57:e0:21:18:a2:b6:8b:c8:90:47: 32:cf:ba:ff:10:b3:80:97:1f:3a:96:cd:c0:0a:2f: d8:cb:e4:de:fa:df:a2:29:7e:99:89:ef:80:20:89: 33:8d:f4:29:e7:af:2e:0e:01:65:9a:e3:b2:4a:7d: 30:71:1d:40:73:c1:59:19:56:be:b3:f0:0b:f1:6a: 9f:0b:74:74:4f:01:ff:6e:c8:de:79:b9:a1:ad:5e: 8c:37:53:00:06:69:d5:6f:a0:5a:99:da:e1:e1:3d: 43:bb:6f:94:92:63:02:1a:c9:77:09:26:1c:cd:3f: 6d:55:39:97:58:f9:48:7d:ac:29:d6:37:4f:c3:0d: 16:c3:59:6d:6a:b5:8d:a6:62:66:2b:85:68:d5:b9: 00:20:db:c3:07:ec:5a:f0:2c:2f:b8:34:51:88:a6: 5c:1b:4a:49:0b:9f:e2:b5:40:9c:43:f0:43:a7:db: 21:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:0A:E7:BA:2F:AD:57:17:8C:DF:12:00:E5:4D:BC:23:C6:78:EC:46 X509v3 Authority Key Identifier: keyid:DA:8D:BC:3B:09:97:42:D3:AB:D2:A8:95:DD:13:39:89:3B:9A:8F:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2o28OwmXQtOr0qiV3RM5iTuaj18.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/0B6054BA851E11EA86E0DF24C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.68.0/22 103.247.152.0/22 IPv6: 2403:4d00::/32 Signature Algorithm: sha256WithRSAEncryption 5f:dd:35:11:f0:c1:d5:18:22:bb:be:70:da:c3:c6:4d:c2:d8: 57:32:a1:db:3d:9b:19:4f:34:2e:54:9b:ff:d9:68:58:ea:0a: 3a:c7:af:c1:65:e0:ab:f8:be:ad:9c:a4:90:44:c7:34:e4:60: 1b:f1:86:26:14:4f:3b:b2:a1:99:aa:15:0f:07:c6:7d:d3:44: 7c:96:3d:84:8b:43:85:5c:03:b5:fb:df:e8:c0:49:04:25:be: 6f:e5:29:45:2a:dd:fd:9b:29:0f:d9:42:2a:3c:75:f0:5d:cc: 65:37:88:f3:9c:d6:33:a5:de:f9:15:36:cf:82:b8:4b:8c:04: 06:d3:25:99:1f:4a:db:76:71:10:55:ed:62:a7:e2:ca:87:f1: 0a:2d:f7:51:e3:e4:68:ab:fb:d9:6c:65:46:55:c7:17:ab:2f: 4a:3c:91:7c:68:65:91:0d:36:c1:ba:50:f2:c3:ce:97:9b:85: f2:17:4c:d2:ea:06:fa:54:bb:52:ee:32:53:0e:80:62:71:1d: 42:3b:38:35:0d:0a:6a:4d:5a:22:38:80:30:8a:78:4b:ab:f4: 0d:29:ff:18:b7:9c:ca:0b:bf:88:84:14:ff:1b:80:68:21:65: f2:15:ba:c0:1c:3d:ed:86:1f:6d:93:d0:1a:3e:63:b2:f8:d4: c5:9a:54:96 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICCwYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkIwQTMxMTAvBgNVBAUTKERBOERCQzNCMDk5NzQyRDNBQkQyQTg5NUREMTMzOTg5 M0I5QThGNUYwHhcNMjQxMDE0MTU1MjM5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzBkM2U0Ny1iZTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqNdpCKw44OQOePx3NmyAGp5sVmzxndsoHkQnucWwRNdWJWXI3W2ELD1gtWqZ mpWGwTgNzMN7qylPY+PCkASnZnrjDQfVXQ+xPnfvXFHgAlfgIRiitovIkEcyz7r/ ELOAlx86ls3ACi/Yy+Te+t+iKX6Zie+AIIkzjfQp568uDgFlmuOySn0wcR1Ac8FZ GVa+s/AL8WqfC3R0TwH/bsjeebmhrV6MN1MABmnVb6Bamdrh4T1Du2+UkmMCGsl3 CSYczT9tVTmXWPlIfawp1jdPww0Ww1ltarWNpmJmK4Vo1bkAINvDB+xa8CwvuDRR iKZcG0pJC5/itUCcQ/BDp9shKQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEQK57ov rVcXjN8SAOVNvCPGeOxGMB8GA1UdIwQYMBaAFNqNvDsJl0LTq9Kold0TOYk7mo9f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjBBMy83MUFERTFGRUQ4 MjgxMUU0QUE3QzhBNDdDNEY5QUUwMi8ybzI4T3dtWFF0T3IwcWlWM1JNNWlUdWFq MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJvMjhPd21YUXRPcjBxaVYzUk01aVR1YWoxOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkIwQTMvNzFBREUxRkVEODI4MTFFNEFBN0M4QTQ3QzRGOUFFMDIvMEI2MDU0QkE4 NTFFMTFFQTg2RTBERjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIr/EQDBAJn95gwDQQCAAIwBwMFACQDTQAwDQYJKoZIhvcN AQELBQADggEBAF/dNRHwwdUYIru+cNrDxk3C2Fcyods9mxlPNC5Um//ZaFjqCjrH r8Fl4Kv4vq2cpJBExzTkYBvxhiYUTzuyoZmqFQ8Hxn3TRHyWPYSLQ4VcA7X73+jA SQQlvm/lKUUq3f2bKQ/ZQio8dfBdzGU3iPOc1jOl3vkVNs+CuEuMBAbTJZkfStt2 cRBV7WKn4sqH8Qot91Hj5Gir+9lsZUZVxxerL0o8kXxoZZENNsG6UPLDzpebhfIX TNLqBvpUu1LuMlMOgGJxHUI7ODUNCmpNWiI4gDCKeEur9A0p/xi3nMoLv4iEFP8b gGghZfIVusAcPe2GH22T0Bo+Y7L41MWaVJY= -----END CERTIFICATE-----Generated at Fri Nov 22 17:55:48 2024 by rpki-client on console-fra.rpki-client.org