$ rpki-client -vvf rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/35FC192C272C11ED9E64C718C4F9AE02.roa File: 35FC192C272C11ED9E64C718C4F9AE02.roa (raw, json) Hash identifier: of9zh63P1E28Fw1JXMf3Mift2nJvEjjB8iXijpwTEOw= Subject key identifier: 98:1E:13:FA:30:18:2B:92:1E:69:5C:4F:C9:54:60:6E:DB:4F:31:AD Certificate issuer: /CN=A917D7F2/serialNumber=942D541DFE7982F6E01E6BCC976DC0CB8414E838 Certificate serial: 3438 Authority key identifier: 94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/35FC192C272C11ED9E64C718C4F9AE02.roa Signing time: Thu 28 Nov 2024 15:00:43 +0000 ROA not before: Thu 28 Nov 2024 15:00:43 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 18119 IP address blocks: 43.255.24.0/22 maxlen: 22 103.29.246.0/23 maxlen: 23 103.239.8.0/22 maxlen: 22 114.110.32.0/21 maxlen: 21 202.21.136.0/23 maxlen: 23 202.49.249.0/24 maxlen: 24 202.61.2.0/23 maxlen: 23 2001:4428::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 14:36:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13368 (0x3438) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D7F2 Validity Not Before: Nov 28 15:00:43 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=6748859b-744f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:12:3d:40:4d:88:f6:ea:cc:b9:bf:53:b2:2c: 5a:2f:7a:0a:80:d5:ac:1f:e3:28:00:72:3f:fb:2f: 6d:36:6c:a7:57:71:88:b0:2d:07:36:17:ca:94:ef: b5:68:e5:af:a7:ca:32:99:50:ab:0b:0e:9a:ef:2e: a3:83:56:81:a7:53:69:ed:74:b8:4c:3e:8e:83:66: de:01:3f:97:f8:c8:8b:3b:78:89:71:43:13:54:47: 3e:a3:60:ca:ee:3a:10:89:a9:ed:b0:28:cc:10:42: ad:5a:ed:ce:06:d6:d7:7d:07:86:58:33:e6:24:eb: bf:36:b3:99:9e:6c:6a:33:6a:1d:c2:f9:13:ec:f1: 90:00:85:e2:4b:e5:5f:1b:24:b2:f4:c7:ab:43:92: 47:22:26:67:8d:a2:4f:d6:14:0c:f3:6a:3c:4d:6c: a3:58:c8:08:02:6c:bf:c6:e1:3f:73:64:2a:5a:5c: c9:8e:d2:f6:21:e0:5d:bb:fa:e5:3b:c1:ed:8f:4d: b5:9c:f1:32:4e:fe:03:4d:a4:e4:1a:87:d9:8a:7c: c8:5c:75:09:08:26:d4:6e:8a:74:bd:6f:ab:6b:2d: 05:48:c9:31:0a:54:5b:ee:8a:d4:c6:08:b6:c0:d2: ce:79:73:d8:bf:5f:77:32:ac:0a:f9:19:59:64:6e: 26:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:1E:13:FA:30:18:2B:92:1E:69:5C:4F:C9:54:60:6E:DB:4F:31:AD X509v3 Authority Key Identifier: keyid:94:2D:54:1D:FE:79:82:F6:E0:1E:6B:CC:97:6D:C0:CB:84:14:E8:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lC1UHf55gvbgHmvMl23Ay4QU6Dg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D7F2/F028903C1D8C11E2B19D5FEA08B02CD2/35FC192C272C11ED9E64C718C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.255.24.0/22 103.29.246.0/23 103.239.8.0/22 114.110.32.0/21 202.21.136.0/23 202.49.249.0/24 202.61.2.0/23 IPv6: 2001:4428::/32 Signature Algorithm: sha256WithRSAEncryption 8e:11:94:91:56:86:ad:df:f3:2f:a8:d2:55:86:82:35:18:b3: 7b:fa:c6:9f:e7:83:4e:f7:fc:ec:1b:74:7c:5c:67:e2:93:03: 3b:67:77:7e:86:67:66:10:50:d9:c0:75:38:34:90:59:67:2f: 4c:ec:2f:f8:75:29:b8:1c:3f:78:a9:4c:a0:27:9e:37:e5:34: bb:34:8a:f2:37:49:34:f2:59:12:86:19:cc:7a:80:ee:91:18: 1a:f8:97:2e:2a:26:c6:93:6e:77:40:13:bc:83:c2:13:92:35: 2f:89:79:5c:5c:78:67:bc:42:f1:10:4a:f5:00:3f:6a:ef:c1: d6:20:75:0b:92:56:c6:61:9e:c9:17:3c:ac:3b:be:79:0a:9a: fc:14:80:d2:61:c1:28:f0:76:5c:c9:23:1b:18:db:45:3a:ab: cc:6a:92:7d:6c:43:b7:f4:55:b0:56:e9:c6:32:d6:46:81:95: d4:6d:a9:10:4d:1a:eb:39:aa:95:ea:ae:57:8e:d9:09:23:d0: 06:22:46:0f:36:0b:86:87:b5:e2:84:ef:e3:7d:b5:34:64:79: b9:9c:53:4d:1b:e2:9f:70:ec:20:7a:83:d0:41:53:42:2d:1e: 83:24:74:30:b4:6d:06:b0:6a:b1:3f:ca:b6:33:2b:6d:ab:42: 3a:ce:0c:12 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICNDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q3RjIxMTAvBgNVBAUTKDk0MkQ1NDFERkU3OTgyRjZFMDFFNkJDQzk3NkRDMENC ODQxNEU4MzgwHhcNMjQxMTI4MTUwMDQzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzQ4ODU5Yi03NDRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5RI9QE2I9urMub9TsixaL3oKgNWsH+MoAHI/+y9tNmynV3GIsC0HNhfKlO+1 aOWvp8oymVCrCw6a7y6jg1aBp1Np7XS4TD6Og2beAT+X+MiLO3iJcUMTVEc+o2DK 7joQiantsCjMEEKtWu3OBtbXfQeGWDPmJOu/NrOZnmxqM2odwvkT7PGQAIXiS+Vf GySy9MerQ5JHIiZnjaJP1hQM82o8TWyjWMgIAmy/xuE/c2QqWlzJjtL2IeBdu/rl O8Htj021nPEyTv4DTaTkGofZinzIXHUJCCbUbop0vW+ray0FSMkxClRb7orUxgi2 wNLOeXPYv193MqwK+RlZZG4m/wIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFJgeE/ow GCuSHmlcT8lUYG7bTzGtMB8GA1UdIwQYMBaAFJQtVB3+eYL24B5rzJdtwMuEFOg4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDdGMi9GMDI4OTAzQzFE OEMxMUUyQjE5RDVGRUEwOEIwMkNEMi9sQzFVSGY1NWd2YmdIbXZNbDIzQXk0UVU2 RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xDMVVIZjU1Z3ZiZ0htdk1sMjNBeTRRVTZEZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0Q3RjIvRjAyODkwM0MxRDhDMTFFMkIxOUQ1RkVBMDhCMDJDRDIvMzVGQzE5MkMy NzJDMTFFRDlFNjRDNzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMDAEAgABMCoDBAIr/xgDBAFnHfYDBAJn7wgDBANybiADBAHKFYgDBADKMfkD BAHKPQIwDQQCAAIwBwMFACABRCgwDQYJKoZIhvcNAQELBQADggEBAI4RlJFWhq3f 8y+o0lWGgjUYs3v6xp/ng073/OwbdHxcZ+KTAztnd36GZ2YQUNnAdTg0kFlnL0zs L/h1KbgcP3ipTKAnnjflNLs0ivI3STTyWRKGGcx6gO6RGBr4ly4qJsaTbndAE7yD whOSNS+JeVxceGe8QvEQSvUAP2rvwdYgdQuSVsZhnskXPKw7vnkKmvwUgNJhwSjw dlzJIxsY20U6q8xqkn1sQ7f0VbBW6cYy1kaBldRtqRBNGus5qpXqrleO2Qkj0AYi Rg82C4aHteKE7+N9tTRkebmcU00b4p9w7CB6g9BBU0ItHoMkdDC0bQawarE/yrYz K22rQjrODBI= -----END CERTIFICATE-----Generated at Thu Mar 13 21:49:23 2025 by rpki-client