$ rpki-client -vvf rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/3869DF8A1C6011EEAF58FB61C4F9AE02.roa File: 3869DF8A1C6011EEAF58FB61C4F9AE02.roa (raw, json) Hash identifier: geXCKkNOBHVSbSaCvK7PvfsBCFg+zCxNd+kygTAhRgQ= Subject key identifier: 70:1D:F3:7D:63:BF:E0:8E:95:EC:01:F1:42:BC:C0:60:06:94:44:2D Certificate issuer: /CN=A9174880/serialNumber=4F2FD3F00B58F134A9A8E3E7DDA8D8D20AC03527 Certificate serial: 3402 Authority key identifier: 4F:2F:D3:F0:0B:58:F1:34:A9:A8:E3:E7:DD:A8:D8:D2:0A:C0:35:27 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ty_T8AtY8TSpqOPn3ajY0grANSc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/3869DF8A1C6011EEAF58FB61C4F9AE02.roa Signing time: Sat 20 Jan 2024 14:30:09 +0000 ROA not before: Sat 20 Jan 2024 14:30:09 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 132040 IP address blocks: 103.23.16.0/22 maxlen: 24 110.173.160.0/20 maxlen: 24 202.8.44.0/22 maxlen: 24 218.100.21.0/24 maxlen: 24 218.100.23.0/24 maxlen: 24 218.100.26.0/24 maxlen: 24 2001:4410::/32 maxlen: 40 2001:4410:1000::/45 maxlen: 48 2001:4410:2000::/43 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/Ty_T8AtY8TSpqOPn3ajY0grANSc.crl rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/Ty_T8AtY8TSpqOPn3ajY0grANSc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ty_T8AtY8TSpqOPn3ajY0grANSc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:16:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13314 (0x3402) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9174880/serialNumber=4F2FD3F00B58F134A9A8E3E7DDA8D8D20AC03527 Validity Not Before: Jan 20 14:30:09 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65abd8f1-d5f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:5e:93:80:77:f4:3d:c2:f0:5d:28:d5:73:09: 11:5a:fa:51:9c:65:44:00:1f:d5:47:a9:97:ec:b7: cf:63:fb:e4:e3:b1:7b:15:a5:ef:9a:39:39:a4:66: 8d:1c:56:af:98:7f:46:63:11:2d:5b:29:6d:45:4f: b2:09:47:d1:80:6f:a5:5f:29:bd:e5:16:8b:3c:dc: a9:ef:63:11:4e:0e:81:d6:87:fb:df:9f:9f:25:aa: 99:cf:3c:0d:5b:ec:11:04:ec:d5:dd:4e:c4:30:47: 70:b3:b0:e6:24:ac:19:74:e7:44:c7:91:69:e8:b6: 83:23:f6:b3:0b:ad:7b:3b:10:6b:cf:5a:d5:70:1f: 20:f9:67:b8:93:57:c3:2d:5e:9a:06:5a:8d:16:fd: 31:53:92:6b:03:1c:71:c1:3f:62:7a:b8:69:1a:ff: 69:94:e3:2f:9e:e9:93:61:11:67:2c:ae:2f:9a:79: d4:1b:be:ae:f3:19:cc:57:cf:50:a7:cb:46:a2:ae: 6a:1b:53:b8:4a:f0:f0:0b:b9:ec:20:74:df:b5:9b: ea:89:0b:2d:49:31:b4:74:46:7d:10:e2:c5:0c:c3: 76:f1:d0:85:51:3f:32:87:61:77:31:b3:f0:c8:5a: 98:22:ae:2b:1e:ea:23:ed:42:97:ae:b4:46:b3:f9: f8:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:1D:F3:7D:63:BF:E0:8E:95:EC:01:F1:42:BC:C0:60:06:94:44:2D X509v3 Authority Key Identifier: keyid:4F:2F:D3:F0:0B:58:F1:34:A9:A8:E3:E7:DD:A8:D8:D2:0A:C0:35:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/Ty_T8AtY8TSpqOPn3ajY0grANSc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ty_T8AtY8TSpqOPn3ajY0grANSc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174880/69F04BA81D6A11E2BB7014A808B02CD2/3869DF8A1C6011EEAF58FB61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.23.16.0/22 110.173.160.0/20 202.8.44.0/22 218.100.21.0/24 218.100.23.0/24 218.100.26.0/24 IPv6: 2001:4410::/32 Signature Algorithm: sha256WithRSAEncryption a5:56:89:28:a2:ef:f9:ee:3a:fd:62:e5:8e:cd:34:8b:6f:bc: 04:74:6f:08:e9:29:5c:c9:81:95:43:77:40:c9:3d:4b:a2:10: c4:01:45:ce:e1:3a:6e:df:59:ae:bc:45:8d:f0:8b:8d:ec:02: b0:03:a1:53:65:7b:9e:a5:78:2f:8f:ad:ad:4b:99:8d:25:9a: b0:f2:b2:97:5c:c6:94:e1:ae:32:db:18:bf:6c:22:91:a3:55: 31:59:fc:ba:db:50:a8:6e:70:ae:e1:e6:54:fa:63:64:49:80: 9a:95:09:f7:20:57:54:e1:6f:40:4e:da:98:77:b5:ba:c7:6b: 4d:d8:5d:fa:f8:f0:11:6b:be:13:79:55:ea:ad:5a:66:d2:61: 25:26:56:e1:98:e8:d9:a1:ad:17:76:5c:6e:a9:b1:47:ee:5c: 75:c8:5b:d9:c4:34:e3:0e:ed:26:36:94:46:d2:b0:6c:31:d1: 80:da:1d:fc:a7:a5:90:3b:14:97:3b:5e:c6:04:8a:42:fd:a0: f4:d3:28:5f:78:cd:24:b1:7f:68:26:66:cc:6d:46:8f:1e:ac: 8c:5e:0b:ae:b6:f2:26:ac:21:9a:15:ac:93:64:da:af:82:c7: c6:c7:ec:92:c9:a9:51:30:d4:8c:e6:ad:f2:60:a9:67:de:6c: 72:cd:19:f2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgICNAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzQ4ODAxMTAvBgNVBAUTKDRGMkZEM0YwMEI1OEYxMzRBOUE4RTNFN0REQThEOEQy MEFDMDM1MjcwHhcNMjQwMTIwMTQzMDA5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWFiZDhmMS1kNWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA516TgHf0PcLwXSjVcwkRWvpRnGVEAB/VR6mX7LfPY/vk47F7FaXvmjk5pGaN HFavmH9GYxEtWyltRU+yCUfRgG+lXym95RaLPNyp72MRTg6B1of735+fJaqZzzwN W+wRBOzV3U7EMEdws7DmJKwZdOdEx5Fp6LaDI/azC617OxBrz1rVcB8g+We4k1fD LV6aBlqNFv0xU5JrAxxxwT9ierhpGv9plOMvnumTYRFnLK4vmnnUG76u8xnMV89Q p8tGoq5qG1O4SvDwC7nsIHTftZvqiQstSTG0dEZ9EOLFDMN28dCFUT8yh2F3MbPw yFqYIq4rHuoj7UKXrrRGs/n4yQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFHAd831j v+COlewB8UK8wGAGlEQtMB8GA1UdIwQYMBaAFE8v0/ALWPE0qajj592o2NIKwDUn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDg4MC82OUYwNEJBODFE NkExMUUyQkI3MDE0QTgwOEIwMkNEMi9UeV9UOEF0WThUU3BxT1BuM2FqWTBnckFO U2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1R5X1Q4QXRZOFRTcHFPUG4zYWpZMGdyQU5TYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzQ4ODAvNjlGMDRCQTgxRDZBMTFFMkJCNzAxNEE4MDhCMDJDRDIvMzg2OURGOEEx QzYwMTFFRUFGNThGQjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E PTA7MCoEAgABMCQDBAJnFxADBARuraADBALKCCwDBADaZBUDBADaZBcDBADaZBow DQQCAAIwBwMFACABRBAwDQYJKoZIhvcNAQELBQADggEBAKVWiSii7/nuOv1i5Y7N NItvvAR0bwjpKVzJgZVDd0DJPUuiEMQBRc7hOm7fWa68RY3wi43sArADoVNle56l eC+Pra1LmY0lmrDyspdcxpThrjLbGL9sIpGjVTFZ/LrbUKhucK7h5lT6Y2RJgJqV CfcgV1Thb0BO2ph3tbrHa03YXfr48BFrvhN5VeqtWmbSYSUmVuGY6NmhrRd2XG6p sUfuXHXIW9nENOMO7SY2lEbSsGwx0YDaHfynpZA7FJc7XsYEikL9oPTTKF94zSSx f2gmZsxtRo8erIxeC6628iasIZoVrJNk2q+Cx8bH7JLJqVEw1IzmrfJgqWfebHLN GfI= -----END CERTIFICATE-----Generated at Fri Nov 22 16:49:22 2024 by rpki-client on console-ams.rpki-client.org