$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8149028ABA5511EC8B8E7A45C4F9AE02.roa File: 8149028ABA5511EC8B8E7A45C4F9AE02.roa (raw, json) Hash identifier: lULb0oE+3dQ76Y6xGT8NCnqpQpe3tsLQMDpfoY89ilk= Subject key identifier: B3:8F:9F:D4:38:B1:A5:45:FC:6A:F2:AC:7E:DA:F7:22:8F:63:03:10 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7187 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8149028ABA5511EC8B8E7A45C4F9AE02.roa Signing time: Wed 10 May 2023 16:48:41 +0000 ROA not before: Wed 10 May 2023 16:48:41 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 45235 IP address blocks: 43.227.244.0/22 maxlen: 24 43.231.52.0/22 maxlen: 24 45.250.212.0/22 maxlen: 24 103.8.40.0/22 maxlen: 24 103.48.64.0/22 maxlen: 24 103.50.144.0/22 maxlen: 24 103.98.36.0/22 maxlen: 24 103.199.124.0/22 maxlen: 24 103.219.132.0/22 maxlen: 24 103.230.20.0/22 maxlen: 24 119.42.152.0/21 maxlen: 24 2402:d500::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29063 (0x7187) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:48:41 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bcae9-a241 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:eb:8d:25:e1:a0:1a:1f:da:f5:55:42:f3:ca: e0:81:b8:88:d4:df:00:2e:74:e4:3f:14:d8:d6:45: 49:96:cd:bb:64:05:04:81:61:f1:30:4f:0e:e8:99: 72:5f:a5:08:93:3f:16:88:a5:a6:41:d8:2d:3b:c1: 0d:bf:ab:26:fb:ff:27:4f:57:a1:8d:5e:b9:3d:f3: 02:e5:3a:ad:4f:e3:76:30:a9:e8:ba:66:f7:fe:28: 26:a1:f4:0c:3f:64:28:1f:54:34:63:f6:3b:aa:1c: ab:74:90:43:94:24:9d:f5:58:f9:d0:41:ed:83:4f: 56:b6:3c:95:75:06:05:b6:b9:fd:24:98:67:f9:66: 88:05:cd:2f:48:d0:86:ad:e1:16:4c:c8:be:65:59: d2:23:0e:91:8c:bf:bc:29:60:af:b3:ad:e7:7f:80: 82:e4:f9:c8:63:04:0b:e9:22:1d:ce:e4:5b:fa:8d: 22:83:d4:eb:ee:a3:5f:58:b3:2c:f0:aa:62:21:12: 82:b4:ee:bd:9e:a4:d1:ec:df:11:3c:9d:69:65:7a: 75:22:6a:e5:a5:40:a2:7d:26:65:f2:c5:1d:0d:03: 4a:7f:02:d9:fa:be:f7:e1:3c:b6:6e:9c:f9:e9:de: e6:49:e7:49:fd:9f:3c:24:6f:8a:45:f2:89:3d:37: 9b:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:8F:9F:D4:38:B1:A5:45:FC:6A:F2:AC:7E:DA:F7:22:8F:63:03:10 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8149028ABA5511EC8B8E7A45C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.227.244.0/22 43.231.52.0/22 45.250.212.0/22 103.8.40.0/22 103.48.64.0/22 103.50.144.0/22 103.98.36.0/22 103.199.124.0/22 103.219.132.0/22 103.230.20.0/22 119.42.152.0/21 IPv6: 2402:d500::/32 Signature Algorithm: sha256WithRSAEncryption 90:24:fd:e0:28:93:3e:3a:14:06:db:09:9b:e0:99:ea:7c:e9: 63:ba:47:14:97:75:f4:fb:a1:25:72:44:df:37:2c:77:4d:c8: 3c:24:4e:c7:86:00:cb:ab:90:40:15:3b:72:0e:33:a8:00:13: 53:25:fb:79:15:06:d2:e8:fc:b5:a0:f2:cc:31:5e:7a:9c:62: c1:82:ed:54:68:d8:b1:27:2e:8d:cc:00:c3:09:59:70:5a:ba: 8f:11:9e:66:ec:14:fe:e8:1f:22:e2:73:9d:15:08:58:73:2a: e0:6e:da:83:5b:56:25:2e:4a:29:d4:91:a5:cc:a7:40:4f:98: 9a:ae:d2:bc:7a:ae:40:b5:1e:4c:51:df:f2:d7:69:28:7b:87: 9f:6a:ac:fc:1c:c3:23:2e:a2:ae:6f:6d:37:ee:dd:f7:79:1b: 43:85:38:5b:f2:ba:5e:fa:a7:4a:ae:08:cd:7f:c4:df:e3:a2: 43:8c:5e:a6:6c:ad:10:31:fb:7b:db:59:7b:58:85:18:55:c1: 24:b5:02:f6:ac:35:d9:b4:89:13:cd:fc:c4:28:11:d2:8f:bd: 83:29:79:90:52:96:62:2d:a6:f2:c1:fe:6a:f1:45:75:41:d3: 40:e0:6a:f5:47:82:32:45:9a:c6:c1:3e:1f:44:17:b0:e0:04: ec:67:14:5f -----BEGIN CERTIFICATE----- MIIFvDCCBKSgAwIBAgICcYcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTY0ODQxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViY2FlOS1hMjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq+uNJeGgGh/a9VVC88rggbiI1N8ALnTkPxTY1kVJls27ZAUEgWHxME8O6Jly X6UIkz8WiKWmQdgtO8ENv6sm+/8nT1ehjV65PfMC5TqtT+N2MKnoumb3/igmofQM P2QoH1Q0Y/Y7qhyrdJBDlCSd9Vj50EHtg09WtjyVdQYFtrn9JJhn+WaIBc0vSNCG reEWTMi+ZVnSIw6RjL+8KWCvs63nf4CC5PnIYwQL6SIdzuRb+o0ig9Tr7qNfWLMs 8KpiIRKCtO69nqTR7N8RPJ1pZXp1ImrlpUCifSZl8sUdDQNKfwLZ+r734Ty2bpz5 6d7mSedJ/Z88JG+KRfKJPTebgQIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFLOPn9Q4 saVF/GryrH7a9yKPYwMQMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvODE0OTAyOEFC QTU1MTFFQzhCOEU3QTQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E WzBZMEgEAgABMEIDBAIr4/QDBAIr5zQDBAIt+tQDBAJnCCgDBAJnMEADBAJnMpAD BAJnYiQDBAJnx3wDBAJn24QDBAJn5hQDBAN3KpgwDQQCAAIwBwMFACQC1QAwDQYJ KoZIhvcNAQELBQADggEBAJAk/eAokz46FAbbCZvgmep86WO6RxSXdfT7oSVyRN83 LHdNyDwkTseGAMurkEAVO3IOM6gAE1Ml+3kVBtLo/LWg8swxXnqcYsGC7VRo2LEn Lo3MAMMJWXBauo8RnmbsFP7oHyLic50VCFhzKuBu2oNbViUuSinUkaXMp0BPmJqu 0rx6rkC1HkxR3/LXaSh7h59qrPwcwyMuoq5vbTfu3fd5G0OFOFvyul76p0quCM1/ xN/jokOMXqZsrRAx+3vbWXtYhRhVwSS1AvasNdm0iRPN/MQoEdKPvYMpeZBSlmIt pvLB/mrxRXVB00DgavVHgjJFmsbBPh9EF7DgBOxnFF8= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:38 2024 by rpki-client on console-ams.rpki-client.org