$ rpki-client -vvf rpki.apnic.net/member_repository/A918B591/D233C6462F7111EBB6ED3E22C4F9AE02/D2E2417A2F7211EB80969C22C4F9AE02.roa File: D2E2417A2F7211EB80969C22C4F9AE02.roa (raw, json) Hash identifier: xD5zoFxi5V/haijCFX+sW8lJO7TZJGfn2t06N67wG1c= Subject key identifier: 84:C2:D4:69:52:BF:95:7D:CC:75:AF:FD:14:F2:A6:D4:F8:2A:81:F5 Certificate issuer: /CN=A918B591/serialNumber=E3B8EAB1AE916DF95A2D55AE7BB7BB79A50B4AE7 Certificate serial: 068D Authority key identifier: E3:B8:EA:B1:AE:91:6D:F9:5A:2D:55:AE:7B:B7:BB:79:A5:0B:4A:E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47jqsa6RbflaLVWue7e7eaULSuc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918B591/D233C6462F7111EBB6ED3E22C4F9AE02/D2E2417A2F7211EB80969C22C4F9AE02.roa Signing time: Fri 28 Jun 2024 23:28:37 +0000 ROA not before: Fri 28 Jun 2024 23:28:37 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 140710 IP address blocks: 103.152.12.0/23 maxlen: 23 2001:df3:ec80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918B591/D233C6462F7111EBB6ED3E22C4F9AE02/47jqsa6RbflaLVWue7e7eaULSuc.crl rsync://rpki.apnic.net/member_repository/A918B591/D233C6462F7111EBB6ED3E22C4F9AE02/47jqsa6RbflaLVWue7e7eaULSuc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47jqsa6RbflaLVWue7e7eaULSuc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1677 (0x68d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918B591/serialNumber=E3B8EAB1AE916DF95A2D55AE7BB7BB79A50B4AE7 Validity Not Before: Jun 28 23:28:37 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=667f4725-e2ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:03:c3:51:d5:b9:c5:1f:27:57:94:51:e3:1b: ba:4a:3e:e5:c5:33:7d:42:c6:ec:b2:dd:c0:86:c2: 37:b8:45:85:97:01:b2:7a:76:92:58:f9:68:9c:e2: 54:a6:98:69:dc:a3:95:89:13:17:41:a6:d9:49:01: ba:9d:53:35:98:10:96:39:72:c3:cd:7f:41:d2:1c: c7:08:56:8b:24:f2:1a:e5:df:42:7b:9e:02:a6:0e: 0b:4e:52:56:4c:cd:c6:d9:09:c9:81:df:7d:e7:43: b3:53:7a:f3:f2:d1:1a:61:cb:2e:11:2c:cf:f6:53: ec:93:d9:4f:ec:37:72:1c:65:eb:d3:07:5e:98:f4: 1d:83:6a:d5:4a:83:c5:ef:15:fa:37:96:c5:4e:30: d3:86:1b:14:72:ce:0d:3a:33:44:9e:5d:06:18:96: ce:4d:85:77:c9:e2:97:80:a5:42:aa:e5:fe:9c:25: 92:4d:ae:e7:6f:8c:8d:a3:3f:9b:7a:bf:43:dc:cd: 23:69:c6:08:bd:b6:5a:6a:40:86:9d:3a:10:60:bd: 7d:82:a2:74:c3:76:9a:f1:47:08:ef:a7:cd:48:7d: 65:fc:97:26:03:6f:ed:96:a9:12:42:44:d3:53:a6: 78:11:7d:b2:a1:7f:67:86:b1:98:b5:04:44:a3:05: 0f:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:C2:D4:69:52:BF:95:7D:CC:75:AF:FD:14:F2:A6:D4:F8:2A:81:F5 X509v3 Authority Key Identifier: keyid:E3:B8:EA:B1:AE:91:6D:F9:5A:2D:55:AE:7B:B7:BB:79:A5:0B:4A:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918B591/D233C6462F7111EBB6ED3E22C4F9AE02/47jqsa6RbflaLVWue7e7eaULSuc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47jqsa6RbflaLVWue7e7eaULSuc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918B591/D233C6462F7111EBB6ED3E22C4F9AE02/D2E2417A2F7211EB80969C22C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.152.12.0/23 IPv6: 2001:df3:ec80::/48 Signature Algorithm: sha256WithRSAEncryption 5e:91:9f:a9:1f:54:4a:61:20:e5:26:dd:34:70:c5:00:41:67: c7:96:0b:1d:67:b2:fa:dc:d5:11:fb:69:34:66:81:76:55:77: de:a8:01:c5:ec:6b:22:f3:f7:9f:14:68:4b:0e:ce:fa:6c:85: 32:ff:77:e5:67:d6:11:7d:f7:0a:ec:bf:a8:b1:75:75:a2:ac: b9:38:a0:4e:71:ba:0c:13:87:f4:58:03:32:76:b0:45:88:33: 4b:bd:4f:6b:bc:c7:96:ed:c1:8a:07:96:1e:10:92:bc:23:0f: ec:b8:06:70:b8:a6:52:ee:9e:ed:1b:6f:c9:f9:ce:50:00:a1: d4:f2:a1:ab:4a:10:03:40:4a:1e:7a:6c:39:0f:3e:ec:c1:52: d8:bd:14:c0:94:28:80:f7:b1:59:11:81:c7:22:52:0f:7c:56: 95:9f:83:97:0b:37:13:d2:ac:58:c8:c8:d8:c1:d0:ef:18:dc: 3b:df:9c:39:ff:e5:8a:3e:39:17:6d:9f:6a:27:4e:54:fb:91: d5:36:be:72:ca:95:4d:e1:ac:45:9d:10:d1:73:04:c0:f1:f2: 94:d2:c7:54:93:7f:10:c7:7f:d4:b4:82:83:50:9a:a4:31:0a: a2:ba:65:30:a7:94:51:47:e0:b8:85:e9:12:db:3c:ff:7e:8a: 77:f1:78:92 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICBo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEI1OTExMTAvBgNVBAUTKEUzQjhFQUIxQUU5MTZERjk1QTJENTVBRTdCQjdCQjc5 QTUwQjRBRTcwHhcNMjQwNjI4MjMyODM3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjdmNDcyNS1lMmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6QPDUdW5xR8nV5RR4xu6Sj7lxTN9Qsbsst3AhsI3uEWFlwGyenaSWPlonOJU pphp3KOViRMXQabZSQG6nVM1mBCWOXLDzX9B0hzHCFaLJPIa5d9Ce54Cpg4LTlJW TM3G2QnJgd9950OzU3rz8tEaYcsuESzP9lPsk9lP7DdyHGXr0wdemPQdg2rVSoPF 7xX6N5bFTjDThhsUcs4NOjNEnl0GGJbOTYV3yeKXgKVCquX+nCWSTa7nb4yNoz+b er9D3M0jacYIvbZaakCGnToQYL19gqJ0w3aa8UcI76fNSH1l/JcmA2/tlqkSQkTT U6Z4EX2yoX9nhrGYtQREowUPGwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFITC1GlS v5V9zHWv/RTyptT4KoH1MB8GA1UdIwQYMBaAFOO46rGukW35Wi1Vrnu3u3mlC0rn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QjU5MS9EMjMzQzY0NjJG NzExMUVCQjZFRDNFMjJDNEY5QUUwMi80N2pxc2E2UmJmbGFMVld1ZTdlN2VhVUxT dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ3anFzYTZSYmZsYUxWV3VlN2U3ZWFVTFN1Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEI1OTEvRDIzM0M2NDYyRjcxMTFFQkI2RUQzRTIyQzRGOUFFMDIvRDJFMjQxN0Ey RjcyMTFFQjgwOTY5QzIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnmAwwDwQCAAIwCQMHACABDfPsgDANBgkqhkiG9w0BAQsF AAOCAQEAXpGfqR9USmEg5SbdNHDFAEFnx5YLHWey+tzVEftpNGaBdlV33qgBxexr IvP3nxRoSw7O+myFMv935WfWEX33Cuy/qLF1daKsuTigTnG6DBOH9FgDMnawRYgz S71Pa7zHlu3BigeWHhCSvCMP7LgGcLimUu6e7RtvyfnOUACh1PKhq0oQA0BKHnps OQ8+7MFS2L0UwJQogPexWRGBxyJSD3xWlZ+Dlws3E9KsWMjI2MHQ7xjcO9+cOf/l ij45F22faidOVPuR1Ta+csqVTeGsRZ0Q0XMEwPHylNLHVJN/EMd/1LSCg1CapDEK orplMKeUUUfguIXpEts8/36Kd/F4kg== -----END CERTIFICATE-----Generated at Sat Nov 23 00:08:44 2024 by rpki-client on console-ams.rpki-client.org