$ rpki-client -vvf rpki.apnic.net/member_repository/A917647E/0D10B804D63111EA9A5A583BC4F9AE02/FD18A8AAD97B11EAB138A00FC4F9AE02.roa File: FD18A8AAD97B11EAB138A00FC4F9AE02.roa (raw, json) Hash identifier: Mn7ItdYnGzk2vxLqw1AVtuZYDQiItp3zXBAlKbNDtKc= Subject key identifier: 61:10:44:91:9C:E9:49:27:F4:E2:38:5D:95:A7:E6:1A:69:00:28:99 Certificate issuer: /CN=A917647E/serialNumber=FDD2507822183CE80759419D56540606A2486B4B Certificate serial: 0774 Authority key identifier: FD:D2:50:78:22:18:3C:E8:07:59:41:9D:56:54:06:06:A2:48:6B:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_dJQeCIYPOgHWUGdVlQGBqJIa0s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917647E/0D10B804D63111EA9A5A583BC4F9AE02/FD18A8AAD97B11EAB138A00FC4F9AE02.roa Signing time: Fri 10 May 2024 22:31:54 +0000 ROA not before: Fri 10 May 2024 22:31:54 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 132335 IP address blocks: 123.253.8.0/24 maxlen: 24 123.253.9.0/24 maxlen: 24 123.253.10.0/24 maxlen: 24 2400:ffc0:1::/48 maxlen: 48 2400:ffc0:4::/48 maxlen: 48 2400:ffc0:5::/48 maxlen: 48 2400:ffc0:6::/48 maxlen: 48 2400:ffc0:13c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917647E/0D10B804D63111EA9A5A583BC4F9AE02/_dJQeCIYPOgHWUGdVlQGBqJIa0s.crl rsync://rpki.apnic.net/member_repository/A917647E/0D10B804D63111EA9A5A583BC4F9AE02/_dJQeCIYPOgHWUGdVlQGBqJIa0s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_dJQeCIYPOgHWUGdVlQGBqJIa0s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 17:11:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1908 (0x774) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917647E/serialNumber=FDD2507822183CE80759419D56540606A2486B4B Validity Not Before: May 10 22:31:54 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=663ea059-4cb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:94:75:a4:7e:be:c9:91:dc:a1:dc:52:97:a0: 70:ad:ea:8a:a4:0d:49:1c:06:b2:fb:b7:b9:e6:da: 89:eb:13:cd:bf:43:80:e7:e8:46:ff:ae:17:e6:34: 8e:f3:fe:a0:a8:34:4b:54:90:0b:d5:c7:68:94:9e: b4:53:52:52:99:f1:5b:8a:57:44:52:66:02:1d:f0: e1:6f:c9:fe:f3:bb:9c:e5:29:09:7f:df:92:6f:f7: d8:59:82:7b:d9:a9:22:7f:94:dd:99:5f:f7:c4:0c: d4:b4:63:72:78:f0:f3:99:9e:0c:42:67:4f:97:0c: a0:36:65:d9:6c:9a:b6:34:99:24:a1:f5:12:7a:15: dd:84:82:73:f3:01:14:ce:11:bd:f0:29:af:b8:80: 4d:2a:84:bb:de:94:f7:da:d0:fc:04:94:6c:f9:3c: 3e:9a:25:59:28:d1:a5:66:18:8f:8a:5a:6f:e1:0c: fe:b0:06:cb:f4:f6:0f:b3:ed:68:c0:db:ef:f6:75: 9c:06:3f:d1:ea:c2:dc:14:1d:e8:ee:85:6b:fc:e2: a3:8f:46:1c:c7:f0:91:b0:e0:74:af:99:73:e6:9c: c9:7c:cc:9c:d9:b6:18:93:e5:2f:4c:17:6d:25:71: df:23:8e:c4:b3:fc:26:a5:b9:f7:74:a3:ac:b9:27: e1:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:10:44:91:9C:E9:49:27:F4:E2:38:5D:95:A7:E6:1A:69:00:28:99 X509v3 Authority Key Identifier: keyid:FD:D2:50:78:22:18:3C:E8:07:59:41:9D:56:54:06:06:A2:48:6B:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917647E/0D10B804D63111EA9A5A583BC4F9AE02/_dJQeCIYPOgHWUGdVlQGBqJIa0s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_dJQeCIYPOgHWUGdVlQGBqJIa0s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917647E/0D10B804D63111EA9A5A583BC4F9AE02/FD18A8AAD97B11EAB138A00FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.253.8.0-123.253.10.255 IPv6: 2400:ffc0:1::/48 2400:ffc0:4::-2400:ffc0:6:ffff:ffff:ffff:ffff:ffff 2400:ffc0:13c::/48 Signature Algorithm: sha256WithRSAEncryption 86:6f:20:bf:70:ec:e5:04:0f:d2:2c:68:aa:76:c4:e1:7b:3d: df:d8:6f:6d:1e:99:31:3a:3e:e7:01:66:0c:9e:7f:f6:3e:ea: 60:1b:f8:ec:6c:df:83:4d:fc:07:a4:8c:7e:14:ee:1d:fc:79: 25:56:d1:db:70:39:b5:d5:62:f2:77:52:b1:52:26:cf:18:1c: 7e:fb:95:06:43:aa:ce:5a:19:7e:df:de:b8:60:f2:77:b1:21: a8:02:9f:7b:04:5a:83:77:a2:e2:7a:46:c8:68:89:a5:2e:cf: 1b:a6:80:17:f4:f0:c6:81:4d:23:95:e3:d4:0b:11:23:f6:b1: de:05:7a:9b:68:14:6c:fe:35:fc:fb:f7:98:5a:29:61:20:2c: 68:31:7a:56:9f:87:82:ea:c9:ee:e3:c6:4c:58:e6:b3:3f:db: 93:49:b4:89:08:a9:30:58:3e:dc:e5:50:d6:08:b6:aa:29:d8: 68:68:a8:50:34:c7:7a:20:9e:8e:8c:b2:e9:c8:bb:df:df:4b: cc:ca:f9:5b:d6:f8:e6:da:21:7c:92:91:f0:11:9b:78:3e:8d: 7f:2d:ed:b8:06:43:af:e3:88:06:74:e4:aa:2f:57:57:63:bc: f5:da:9c:d0:3d:cb:f0:09:35:e9:52:35:67:f3:a6:c2:28:6a: 11:a2:b5:cf -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgICB3QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzY0N0UxMTAvBgNVBAUTKEZERDI1MDc4MjIxODNDRTgwNzU5NDE5RDU2NTQwNjA2 QTI0ODZCNEIwHhcNMjQwNTEwMjIzMTU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjNlYTA1OS00Y2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA45R1pH6+yZHcodxSl6BwreqKpA1JHAay+7e55tqJ6xPNv0OA5+hG/64X5jSO 8/6gqDRLVJAL1cdolJ60U1JSmfFbildEUmYCHfDhb8n+87uc5SkJf9+Sb/fYWYJ7 2akif5TdmV/3xAzUtGNyePDzmZ4MQmdPlwygNmXZbJq2NJkkofUSehXdhIJz8wEU zhG98CmvuIBNKoS73pT32tD8BJRs+Tw+miVZKNGlZhiPilpv4Qz+sAbL9PYPs+1o wNvv9nWcBj/R6sLcFB3o7oVr/OKjj0Ycx/CRsOB0r5lz5pzJfMyc2bYYk+UvTBdt JXHfI47Es/wmpbn3dKOsuSfh5wIDAQABo4ICyzCCAscwHQYDVR0OBBYEFGEQRJGc 6Ukn9OI4XZWn5hppACiZMB8GA1UdIwQYMBaAFP3SUHgiGDzoB1lBnVZUBgaiSGtL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjQ3RS8wRDEwQjgwNEQ2 MzExMUVBOUE1QTU4M0JDNEY5QUUwMi9fZEpRZUNJWVBPZ0hXVUdkVmxRR0JxSklh MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19kSlFlQ0lZUE9nSFdVR2RWbFFHQnFKSWEwcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzY0N0UvMEQxMEI4MDRENjMxMTFFQTlBNUE1ODNCQzRGOUFFMDIvRkQxOEE4QUFE OTdCMTFFQUIxMzhBMDBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E RjBEMBQEAgABMA4wDAMEA3v9CAMEAHv9CjAsBAIAAjAmAwcAJAD/wAABMBIDBwIk AP/AAAQDBwAkAP/AAAYDBwAkAP/AATwwDQYJKoZIhvcNAQELBQADggEBAIZvIL9w 7OUED9IsaKp2xOF7Pd/Yb20emTE6PucBZgyef/Y+6mAb+Oxs34NN/AekjH4U7h38 eSVW0dtwObXVYvJ3UrFSJs8YHH77lQZDqs5aGX7f3rhg8nexIagCn3sEWoN3ouJ6 RshoiaUuzxumgBf08MaBTSOV49QLESP2sd4FeptoFGz+Nfz795haKWEgLGgxelaf h4Lqye7jxkxY5rM/25NJtIkIqTBYPtzlUNYItqop2GhoqFA0x3ogno6MsunIu9/f S8zK+VvW+ObaIXySkfARm3g+jX8t7bgGQ6/jiAZ05KovV1djvPXanNA9y/AJNelS NWfzpsIoahGitc8= -----END CERTIFICATE-----Generated at Sun Nov 24 22:11:59 2024 by rpki-client on console-fra.rpki-client.org