$ rpki-client -vvf rpki.apnic.net/member_repository/A9187465/B1AFB6FA0A5311E8AC7BEE2EC4F9AE02/7D2EA194B20711EA8B74F445C4F9AE02.roa File: 7D2EA194B20711EA8B74F445C4F9AE02.roa (raw, json) Hash identifier: mBC+S8sbLCZZz8GfGm6iJpoFGjL0QOywm004JclbsFQ= Subject key identifier: E2:69:24:15:3E:68:BE:C7:1F:F7:00:99:67:BD:2D:FB:39:94:AF:EE Certificate issuer: /CN=A9187465/serialNumber=880E6B4DCD6CEC53C8D03D740C88E9773B047B19 Certificate serial: 1536 Authority key identifier: 88:0E:6B:4D:CD:6C:EC:53:C8:D0:3D:74:0C:88:E9:77:3B:04:7B:19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iA5rTc1s7FPI0D10DIjpdzsEexk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9187465/B1AFB6FA0A5311E8AC7BEE2EC4F9AE02/7D2EA194B20711EA8B74F445C4F9AE02.roa Signing time: Tue 10 Oct 2023 17:24:33 +0000 ROA not before: Tue 10 Oct 2023 17:24:33 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 45102 IP address blocks: 43.242.168.0/22 maxlen: 24 103.38.56.0/22 maxlen: 24 2401:8680::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9187465/B1AFB6FA0A5311E8AC7BEE2EC4F9AE02/iA5rTc1s7FPI0D10DIjpdzsEexk.crl rsync://rpki.apnic.net/member_repository/A9187465/B1AFB6FA0A5311E8AC7BEE2EC4F9AE02/iA5rTc1s7FPI0D10DIjpdzsEexk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iA5rTc1s7FPI0D10DIjpdzsEexk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5430 (0x1536) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9187465/serialNumber=880E6B4DCD6CEC53C8D03D740C88E9773B047B19 Validity Not Before: Oct 10 17:24:33 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=652588d0-a29c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:f8:ba:c2:91:c0:75:1a:f9:cb:97:c4:6b:b1: d0:a2:16:02:94:b8:0f:51:86:6a:e7:51:8a:65:d6: 01:cc:04:ce:a7:8d:06:3d:17:83:18:b0:53:c8:7c: a6:ff:6b:cc:47:c3:c8:14:5f:dc:b8:a4:c8:32:fa: 61:26:c2:4b:2d:fe:ad:5d:c9:8b:e5:ea:96:9d:aa: 90:c0:48:b4:ce:49:36:a0:13:b7:08:b0:08:5e:e6: 85:99:a9:89:30:1f:32:48:91:f8:ee:9e:6f:1c:ae: 7a:6d:81:4b:13:0b:7f:79:4f:a8:ee:c2:9c:20:5a: 24:aa:15:ef:fd:43:26:28:f0:7d:e9:06:b2:fb:29: d0:a6:09:7a:de:b0:78:30:e0:0b:7a:71:eb:7d:83: f0:70:22:9e:7b:84:42:1f:29:2a:ca:44:94:b6:15: 50:c7:12:48:1c:50:b4:e2:05:dd:24:3c:c6:52:96: 5f:7f:31:6b:66:8b:f0:78:46:bf:74:15:69:c5:2c: 0c:66:49:9d:57:3b:21:b9:ba:59:b8:26:2e:f7:eb: e7:7c:52:9d:1b:ec:72:99:27:52:5d:c5:5e:3d:1d: c6:16:80:42:81:1d:e9:f7:10:2e:08:70:91:3d:e9: 85:f0:21:04:32:e6:78:2a:57:8e:e3:2e:51:be:1f: e2:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:69:24:15:3E:68:BE:C7:1F:F7:00:99:67:BD:2D:FB:39:94:AF:EE X509v3 Authority Key Identifier: keyid:88:0E:6B:4D:CD:6C:EC:53:C8:D0:3D:74:0C:88:E9:77:3B:04:7B:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9187465/B1AFB6FA0A5311E8AC7BEE2EC4F9AE02/iA5rTc1s7FPI0D10DIjpdzsEexk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iA5rTc1s7FPI0D10DIjpdzsEexk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9187465/B1AFB6FA0A5311E8AC7BEE2EC4F9AE02/7D2EA194B20711EA8B74F445C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.242.168.0/22 103.38.56.0/22 IPv6: 2401:8680::/32 Signature Algorithm: sha256WithRSAEncryption 26:39:ff:79:9e:20:0c:36:cc:26:4b:ef:d6:c0:cb:a9:aa:ac: f7:41:07:e7:cd:ca:3e:83:6a:4e:6b:68:c9:85:d1:50:fd:ce: 1d:1b:6d:31:56:f8:e5:46:3b:2a:36:04:d7:33:70:f6:5d:6f: 38:d7:8e:11:34:58:45:dc:bd:8b:14:11:e2:18:74:b3:10:19: 0f:3e:47:22:49:66:26:b2:d9:77:ac:62:9b:02:b3:88:e5:46: 40:7d:10:6a:44:0d:2b:bd:db:9f:1c:ad:5b:be:4e:55:16:77: 11:ee:51:b5:8f:84:c8:af:06:03:a9:ca:a3:06:7d:76:72:c3: 91:66:1f:a6:a1:38:96:93:62:7d:e7:b9:ca:95:c5:a4:f5:c2: 26:df:87:c1:bb:e1:4c:f9:4f:ad:60:d3:b1:83:50:33:2c:0d: 8f:32:a2:be:7a:7c:d6:18:28:0d:d6:00:c0:a7:87:cd:7a:97: f7:66:91:89:f2:c3:79:e0:20:8d:da:b7:8e:49:4b:cc:1e:77: dc:1d:c7:76:ab:8c:02:29:4a:32:9d:9a:09:f2:8d:13:8f:e1: bf:bb:d3:01:0c:58:67:e7:05:45:0e:ca:b3:39:e1:87:9b:ca: 33:d4:ca:d2:cc:22:79:01:6a:38:dd:93:da:ef:75:8b:0f:3f: 29:f9:fb:66 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICFTYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODc0NjUxMTAvBgNVBAUTKDg4MEU2QjREQ0Q2Q0VDNTNDOEQwM0Q3NDBDODhFOTc3 M0IwNDdCMTkwHhcNMjMxMDEwMTcyNDMzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTI1ODhkMC1hMjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwPi6wpHAdRr5y5fEa7HQohYClLgPUYZq51GKZdYBzATOp40GPReDGLBTyHym /2vMR8PIFF/cuKTIMvphJsJLLf6tXcmL5eqWnaqQwEi0zkk2oBO3CLAIXuaFmamJ MB8ySJH47p5vHK56bYFLEwt/eU+o7sKcIFokqhXv/UMmKPB96Qay+ynQpgl63rB4 MOALenHrfYPwcCKee4RCHykqykSUthVQxxJIHFC04gXdJDzGUpZffzFrZovweEa/ dBVpxSwMZkmdVzshubpZuCYu9+vnfFKdG+xymSdSXcVePR3GFoBCgR3p9xAuCHCR PemF8CEEMuZ4KleO4y5Rvh/i5wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOJpJBU+ aL7HH/cAmWe9Lfs5lK/uMB8GA1UdIwQYMBaAFIgOa03NbOxTyNA9dAyI6Xc7BHsZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzQ2NS9CMUFGQjZGQTBB NTMxMUU4QUM3QkVFMkVDNEY5QUUwMi9pQTVyVGMxczdGUEkwRDEwRElqcGR6c0Vl eGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lBNXJUYzFzN0ZQSTBEMTBESWpwZHpzRWV4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODc0NjUvQjFBRkI2RkEwQTUzMTFFOEFDN0JFRTJFQzRGOUFFMDIvN0QyRUExOTRC MjA3MTFFQThCNzRGNDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIr8qgDBAJnJjgwDQQCAAIwBwMFACQBhoAwDQYJKoZIhvcN AQELBQADggEBACY5/3meIAw2zCZL79bAy6mqrPdBB+fNyj6Dak5raMmF0VD9zh0b bTFW+OVGOyo2BNczcPZdbzjXjhE0WEXcvYsUEeIYdLMQGQ8+RyJJZiay2XesYpsC s4jlRkB9EGpEDSu9258crVu+TlUWdxHuUbWPhMivBgOpyqMGfXZyw5FmH6ahOJaT Yn3nucqVxaT1wibfh8G74Uz5T61g07GDUDMsDY8yor56fNYYKA3WAMCnh816l/dm kYnyw3ngII3at45JS8wed9wdx3arjAIpSjKdmgnyjROP4b+70wEMWGfnBUUOyrM5 4YebyjPUytLMInkBajjdk9rvdYsPPyn5+2Y= -----END CERTIFICATE-----Generated at Fri May 10 19:18:42 2024 by rpki-client on console-ams.rpki-client.org