$ rpki-client -vvf rpki.apnic.net/member_repository/A916DC92/0F4D7B4609D811EA9FE8DB1EC4F9AE02/CE15A7B409D911EA80E56E21C4F9AE02.roa File: CE15A7B409D911EA80E56E21C4F9AE02.roa (raw, json) Hash identifier: gBEi2R13VWPv9ID88Yp79OfFGvAVYE/s6Ssf5W2fwwk= Subject key identifier: 64:71:A0:91:8D:97:C1:EA:DE:CB:BE:2B:1D:DC:B5:7D:1D:E1:1C:97 Certificate issuer: /CN=A916DC92/serialNumber=945D097F2263D14C36B7B65C2DC0C25F9EE77192 Certificate serial: 0BBB Authority key identifier: 94:5D:09:7F:22:63:D1:4C:36:B7:B6:5C:2D:C0:C2:5F:9E:E7:71:92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lF0JfyJj0Uw2t7ZcLcDCX57ncZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916DC92/0F4D7B4609D811EA9FE8DB1EC4F9AE02/CE15A7B409D911EA80E56E21C4F9AE02.roa Signing time: Tue 10 Sep 2024 19:57:28 +0000 ROA not before: Tue 10 Sep 2024 19:57:28 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 58682 IP address blocks: 43.224.112.0/22 maxlen: 24 43.228.208.0/22 maxlen: 24 103.15.40.0/22 maxlen: 24 103.124.224.0/22 maxlen: 24 103.230.16.0/22 maxlen: 24 103.249.0.0/22 maxlen: 24 2404:c900::/32 maxlen: 36 2404:c900::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916DC92/0F4D7B4609D811EA9FE8DB1EC4F9AE02/lF0JfyJj0Uw2t7ZcLcDCX57ncZI.crl rsync://rpki.apnic.net/member_repository/A916DC92/0F4D7B4609D811EA9FE8DB1EC4F9AE02/lF0JfyJj0Uw2t7ZcLcDCX57ncZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lF0JfyJj0Uw2t7ZcLcDCX57ncZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:33:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3003 (0xbbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916DC92/serialNumber=945D097F2263D14C36B7B65C2DC0C25F9EE77192 Validity Not Before: Sep 10 19:57:28 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66e0a4a7-3e2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8a:cb:31:1a:f1:6f:86:72:cc:b2:c9:9d:5e: e7:84:14:26:a8:5d:13:ae:db:5d:2c:d1:7e:ab:de: a1:de:0d:7d:5f:49:4e:f8:41:f0:5d:d2:66:b0:59: 7d:1f:7b:7c:f3:ab:0e:8a:b3:d7:1a:71:ff:5b:4e: 70:f8:c0:6f:67:06:47:3f:39:7a:41:61:8b:1d:df: ff:5e:60:81:5a:68:15:c9:ca:c9:89:76:da:80:fd: 7c:bd:6c:a2:72:ac:89:a3:8b:36:be:88:50:d2:53: ab:94:44:a7:7b:7d:0c:45:d2:b5:43:c5:7d:07:f7: 6d:e7:35:08:bc:4f:d3:af:f0:1e:38:00:3e:a8:77: e4:a5:64:c6:96:29:b7:0d:81:fe:81:15:df:38:2f: 22:08:43:1e:f6:88:4e:31:e1:4e:66:ec:c8:83:05: fa:55:a8:0e:2a:b7:2a:e2:8d:20:00:f6:34:8f:65: be:a3:91:3d:9e:ee:15:f0:73:d9:34:3a:41:68:c8: 8a:d5:46:e9:1e:ff:84:21:a6:86:86:0e:f2:ea:95: e3:12:34:ab:71:d3:bf:67:6c:d6:a5:0a:cf:20:e4: 90:1f:60:11:4a:3f:64:4f:66:02:1e:6d:bb:8a:1a: fd:65:59:15:69:db:ad:f7:34:f4:00:7d:39:06:06: 12:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:71:A0:91:8D:97:C1:EA:DE:CB:BE:2B:1D:DC:B5:7D:1D:E1:1C:97 X509v3 Authority Key Identifier: keyid:94:5D:09:7F:22:63:D1:4C:36:B7:B6:5C:2D:C0:C2:5F:9E:E7:71:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916DC92/0F4D7B4609D811EA9FE8DB1EC4F9AE02/lF0JfyJj0Uw2t7ZcLcDCX57ncZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lF0JfyJj0Uw2t7ZcLcDCX57ncZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DC92/0F4D7B4609D811EA9FE8DB1EC4F9AE02/CE15A7B409D911EA80E56E21C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.112.0/22 43.228.208.0/22 103.15.40.0/22 103.124.224.0/22 103.230.16.0/22 103.249.0.0/22 IPv6: 2404:c900::/32 Signature Algorithm: sha256WithRSAEncryption 54:26:8f:18:e6:e7:6d:27:21:11:8c:ff:c5:b7:f3:80:5e:34: 81:a3:b1:a9:75:73:31:a2:de:a3:8e:42:39:e9:41:f9:e9:bc: 25:78:fa:d7:8b:4f:ef:b1:fc:76:cb:77:4e:32:24:2f:f1:ec: ab:23:31:ac:7d:a6:8d:47:3a:d9:0b:e2:ba:d4:db:a6:35:45: ac:3a:5c:4a:6b:58:76:39:4e:9e:72:f0:ef:4c:1d:e2:4c:b0: 7f:33:81:fe:cb:a0:d1:60:26:34:f9:04:74:21:ea:e2:a5:cf: 56:f2:b2:53:a2:bc:90:71:22:c2:40:36:c0:5a:6e:3c:03:ac: 31:6d:7a:d7:80:4d:75:4a:e6:09:f7:a2:88:6c:e2:74:c3:14: 25:91:46:c8:87:b2:02:cf:bc:d2:f0:e1:ac:54:8c:bd:8e:3a: cc:aa:3f:63:17:3a:73:50:d8:cc:5c:a8:a6:9f:71:60:ea:bf: ef:7a:43:15:bd:fc:cf:4a:f4:49:9a:59:3c:49:b8:cb:af:4f: d9:22:86:0e:0b:9b:36:a3:f2:73:85:18:4f:f3:47:d1:ab:d0: 8e:c6:73:0a:d0:08:4b:a8:b4:20:41:70:ae:25:f2:72:7b:38: 06:84:67:d2:f8:c0:46:72:c9:5c:be:35:b5:b0:66:4f:b7:70: 04:e0:dc:35 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICC7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkRDOTIxMTAvBgNVBAUTKDk0NUQwOTdGMjI2M0QxNEMzNkI3QjY1QzJEQzBDMjVG OUVFNzcxOTIwHhcNMjQwOTEwMTk1NzI4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmUwYTRhNy0zZTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu4rLMRrxb4ZyzLLJnV7nhBQmqF0TrttdLNF+q96h3g19X0lO+EHwXdJmsFl9 H3t886sOirPXGnH/W05w+MBvZwZHPzl6QWGLHd//XmCBWmgVycrJiXbagP18vWyi cqyJo4s2vohQ0lOrlESne30MRdK1Q8V9B/dt5zUIvE/Tr/AeOAA+qHfkpWTGlim3 DYH+gRXfOC8iCEMe9ohOMeFOZuzIgwX6VagOKrcq4o0gAPY0j2W+o5E9nu4V8HPZ NDpBaMiK1UbpHv+EIaaGhg7y6pXjEjSrcdO/Z2zWpQrPIOSQH2ARSj9kT2YCHm27 ihr9ZVkVadut9zT0AH05BgYSuwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFGRxoJGN l8Hq3su+Kx3ctX0d4RyXMB8GA1UdIwQYMBaAFJRdCX8iY9FMNre2XC3Awl+e53GS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REM5Mi8wRjREN0I0NjA5 RDgxMUVBOUZFOERCMUVDNEY5QUUwMi9sRjBKZnlKajBVdzJ0N1pjTGNEQ1g1N25j WkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xGMEpmeUpqMFV3MnQ3WmNMY0RDWDU3bmNaSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkRDOTIvMEY0RDdCNDYwOUQ4MTFFQTlGRThEQjFFQzRGOUFFMDIvQ0UxNUE3QjQw OUQ5MTFFQTgwRTU2RTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBAIr4HADBAIr5NADBAJnDygDBAJnfOADBAJn5hADBAJn+QAw DQQCAAIwBwMFACQEyQAwDQYJKoZIhvcNAQELBQADggEBAFQmjxjm520nIRGM/8W3 84BeNIGjsal1czGi3qOOQjnpQfnpvCV4+teLT++x/HbLd04yJC/x7KsjMax9po1H OtkL4rrU26Y1Raw6XEprWHY5Tp5y8O9MHeJMsH8zgf7LoNFgJjT5BHQh6uKlz1by slOivJBxIsJANsBabjwDrDFteteATXVK5gn3oohs4nTDFCWRRsiHsgLPvNLw4axU jL2OOsyqP2MXOnNQ2MxcqKafcWDqv+96QxW9/M9K9EmaWTxJuMuvT9kihg4Lmzaj 8nOFGE/zR9Gr0I7GcwrQCEuotCBBcK4l8nJ7OAaEZ9L4wEZyyVy+NbWwZk+3cATg 3DU= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:04 2024 by rpki-client on console-ams.rpki-client.org