$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/DC06CBC0419A11EAA5E2BA6EC4F9AE02.roa File: DC06CBC0419A11EAA5E2BA6EC4F9AE02.roa (raw, json) Hash identifier: nEyyOyw7im8nWErYV8xgVjJLoHXkxaNm8iW5WtWapRU= Subject key identifier: F8:56:55:0C:E9:48:58:47:05:39:B3:F3:A8:3D:36:23:39:67:C6:02 Certificate issuer: /CN=A918FC40/serialNumber=1601D8650DD556B2AFB083B233FF65AE3DAD1571 Certificate serial: 0A09 Authority key identifier: 16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/DC06CBC0419A11EAA5E2BA6EC4F9AE02.roa Signing time: Sat 02 Dec 2023 20:28:03 +0000 ROA not before: Sat 02 Dec 2023 20:28:03 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 132827 IP address blocks: 43.249.92.0/24 maxlen: 24 43.249.93.0/24 maxlen: 24 43.249.94.0/23 maxlen: 23 43.249.95.0/24 maxlen: 24 103.246.254.0/24 maxlen: 24 103.246.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.crl rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 20:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2569 (0xa09) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918FC40/serialNumber=1601D8650DD556B2AFB083B233FF65AE3DAD1571 Validity Not Before: Dec 2 20:28:03 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=656b9353-a189 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:6a:77:1c:9f:e6:57:1a:b7:15:df:50:7c:e2: 4c:66:81:03:a1:ef:18:f0:99:1e:6d:5d:53:e1:87: 7c:4d:78:2f:46:5b:2c:20:21:df:ef:d7:77:3e:c2: f3:c5:b5:83:9c:21:76:b0:38:d1:8a:2d:ad:20:93: 2f:6a:e8:28:cd:8f:ef:eb:51:6a:30:b8:55:43:4b: 59:07:77:28:31:4b:06:65:2b:ab:b3:93:20:a3:99: a2:f8:aa:83:46:21:fd:1e:a2:a3:a8:e6:10:8b:7a: fb:f9:24:61:16:48:60:60:56:08:11:e3:aa:30:df: 06:1e:02:8f:c8:20:a8:c6:53:c3:81:b0:a2:42:be: 6a:3b:72:5c:6f:cd:3d:6b:e7:30:8b:cb:99:36:90: c1:18:55:b4:40:33:01:0d:12:02:3c:80:60:5d:78: c0:69:7d:78:9e:c3:9d:3a:ab:99:1e:0f:8a:8b:19: 81:cc:67:3f:95:18:f4:10:98:91:ef:45:2e:8c:2a: 4c:23:9b:c1:f8:f5:dc:1e:6e:6a:aa:f9:f5:67:ae: eb:a0:52:87:18:ce:e4:b3:5b:6d:9a:9b:cd:58:8b: 24:98:5e:1e:b2:63:e4:59:80:87:7f:0e:ca:1e:a3: 30:c1:71:4b:c0:31:66:14:02:47:c6:5c:c8:86:a9: b1:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:56:55:0C:E9:48:58:47:05:39:B3:F3:A8:3D:36:23:39:67:C6:02 X509v3 Authority Key Identifier: keyid:16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/DC06CBC0419A11EAA5E2BA6EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.249.92.0/22 103.246.254.0/23 Signature Algorithm: sha256WithRSAEncryption ba:14:3d:65:47:f7:6f:29:99:5f:fc:6e:a4:10:ee:b4:01:8d: c5:8f:ab:1f:5e:4e:60:ff:65:7d:28:03:ae:cd:eb:eb:82:0f: 49:65:77:d9:97:f7:a8:33:e9:30:36:a8:0e:24:64:5f:f9:ff: 00:cf:2a:36:f3:7d:b7:01:6b:fc:ac:c7:26:d2:80:37:d8:50: 5e:2f:9c:ef:88:65:34:4a:62:19:d1:da:9d:31:dc:7e:69:24: 3d:90:05:ae:ec:d4:ed:81:a8:85:40:6f:f6:f0:83:7b:82:d2: ee:8a:ed:9a:36:8b:39:95:bc:60:8f:5b:b8:49:35:39:ac:82: 7f:a0:55:bb:6a:e6:53:21:25:d3:6e:f8:72:49:d8:d5:17:44: 67:be:fb:3b:bb:32:49:42:78:d7:60:0f:d7:8e:1d:b9:88:73: 7e:cc:86:52:77:7b:54:2b:2a:65:63:4d:e8:08:5b:5a:a3:de: d3:06:d2:d5:0c:70:af:73:f8:9e:5a:e6:fc:54:81:20:9a:86: 7c:7a:6e:b7:6e:1d:01:e4:52:77:96:3e:6f:ba:6b:49:b3:8d: 5e:ec:44:4f:77:d4:da:ff:b4:89:e4:9d:a3:c0:99:02:fa:86: 7e:a2:67:23:53:91:76:48:7f:40:84:af:77:f6:9f:e2:e3:1c: 5c:82:3a:87 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICCgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEZDNDAxMTAvBgNVBAUTKDE2MDFEODY1MERENTU2QjJBRkIwODNCMjMzRkY2NUFF M0RBRDE1NzEwHhcNMjMxMjAyMjAyODAzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTZiOTM1My1hMTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAump3HJ/mVxq3Fd9QfOJMZoEDoe8Y8JkebV1T4Yd8TXgvRlssICHf79d3PsLz xbWDnCF2sDjRii2tIJMvaugozY/v61FqMLhVQ0tZB3coMUsGZSurs5Mgo5mi+KqD RiH9HqKjqOYQi3r7+SRhFkhgYFYIEeOqMN8GHgKPyCCoxlPDgbCiQr5qO3Jcb809 a+cwi8uZNpDBGFW0QDMBDRICPIBgXXjAaX14nsOdOquZHg+KixmBzGc/lRj0EJiR 70UujCpMI5vB+PXcHm5qqvn1Z67roFKHGM7ks1ttmpvNWIskmF4esmPkWYCHfw7K HqMwwXFLwDFmFAJHxlzIhqmxVwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPhWVQzp SFhHBTmz86g9NiM5Z8YCMB8GA1UdIwQYMBaAFBYB2GUN1Vayr7CDsjP/Za49rRVx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM0MC82MTdGMzUzNjQw RTExMUVBQkM2MkRCMjZDNEY5QUUwMi9GZ0hZWlEzVlZyS3ZzSU95TV85bHJqMnRG WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZnSFlaUTNWVnJLdnNJT3lNXzlscmoydEZYRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEZDNDAvNjE3RjM1MzY0MEUxMTFFQUJDNjJEQjI2QzRGOUFFMDIvREMwNkNCQzA0 MTlBMTFFQUE1RTJCQTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr+VwDBAFn9v4wDQYJKoZIhvcNAQELBQADggEBALoUPWVH 928pmV/8bqQQ7rQBjcWPqx9eTmD/ZX0oA67N6+uCD0lld9mX96gz6TA2qA4kZF/5 /wDPKjbzfbcBa/ysxybSgDfYUF4vnO+IZTRKYhnR2p0x3H5pJD2QBa7s1O2BqIVA b/bwg3uC0u6K7Zo2izmVvGCPW7hJNTmsgn+gVbtq5lMhJdNu+HJJ2NUXRGe++zu7 MklCeNdgD9eOHbmIc37MhlJ3e1QrKmVjTegIW1qj3tMG0tUMcK9z+J5a5vxUgSCa hnx6brduHQHkUneWPm+6a0mzjV7sRE931Nr/tInknaPAmQL6hn6iZyNTkXZIf0CE r3f2n+LjHFyCOoc= -----END CERTIFICATE-----Generated at Thu May 16 21:45:29 2024 by rpki-client on console-fra.rpki-client.org