$ rpki-client -vvf rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/A842EEAA880E11ED9BE52B17C4F9AE02.roa File: A842EEAA880E11ED9BE52B17C4F9AE02.roa (raw, json) Hash identifier: 7ewrZNOz6VL8Fm9zIDpvbHy1sVwX8YMvmb18EChSv50= Subject key identifier: 66:93:48:94:2A:CC:30:CE:7F:E1:B4:5B:A4:6B:C2:2C:96:A3:B7:43 Certificate issuer: /CN=A919BEDB/serialNumber=1EDE5C6E008028BCD2AE33651381BDE1FD07C5D4 Certificate serial: 1A47 Authority key identifier: 1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/A842EEAA880E11ED9BE52B17C4F9AE02.roa Signing time: Tue 02 Jan 2024 16:53:56 +0000 ROA not before: Tue 02 Jan 2024 16:53:56 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 136162 IP address blocks: 103.82.128.0/23 maxlen: 24 103.82.130.0/23 maxlen: 24 125.62.64.0/22 maxlen: 22 125.62.64.0/23 maxlen: 23 125.62.64.0/24 maxlen: 24 125.62.65.0/24 maxlen: 24 125.62.66.0/23 maxlen: 23 125.62.66.0/24 maxlen: 24 125.62.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 16:19:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6727 (0x1a47) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919BEDB/serialNumber=1EDE5C6E008028BCD2AE33651381BDE1FD07C5D4 Validity Not Before: Jan 2 16:53:56 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65943fa4-95c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:d6:57:84:e9:5b:f1:7e:39:57:56:ab:e6:b6: 70:dd:50:b2:4e:9c:74:b6:05:91:18:34:db:b4:fc: 89:95:c8:a0:f0:96:b8:34:76:7b:9d:0f:51:48:8c: f7:63:45:3a:0c:3d:f2:ee:f2:f3:31:f7:48:7b:5c: 96:ee:f1:7a:ab:50:d6:ca:f5:3b:85:a5:7b:d2:4d: e5:66:4d:aa:8f:7d:45:72:c8:f0:ab:b9:f1:7d:da: 17:2b:f8:59:1b:20:64:18:00:f2:b3:8d:35:ea:43: 75:af:df:c2:f0:5f:29:3d:e8:07:68:8e:f1:34:42: 59:42:0f:77:36:1a:f6:0d:3c:e9:06:5b:45:2c:a2: ca:da:0b:7a:dd:89:ac:47:e2:8e:e4:d0:ba:b5:38: e7:3c:ea:f9:ba:93:51:87:b8:27:7a:20:c8:35:d4: a5:50:c9:9d:a4:1d:c1:d7:fc:6a:b3:63:4b:f7:f6: e7:0e:8e:1f:f7:16:f8:df:89:26:0e:ab:7a:51:c1: 8d:6e:da:49:1a:d2:54:e7:ce:8b:10:f9:18:0f:2d: 85:f8:3c:5c:2b:84:8c:18:20:09:32:fa:9c:df:5c: 75:60:89:e1:20:bd:c6:b3:6c:29:97:d4:15:be:e9: 12:8c:cf:f2:ce:7c:9f:84:2a:44:8e:a2:ab:14:90: e6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:93:48:94:2A:CC:30:CE:7F:E1:B4:5B:A4:6B:C2:2C:96:A3:B7:43 X509v3 Authority Key Identifier: keyid:1E:DE:5C:6E:00:80:28:BC:D2:AE:33:65:13:81:BD:E1:FD:07:C5:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ht5cbgCAKLzSrjNlE4G94f0HxdQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919BEDB/5D867EBC1F8311E7B57E6053C4F9AE02/A842EEAA880E11ED9BE52B17C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.82.128.0/22 125.62.64.0/22 Signature Algorithm: sha256WithRSAEncryption 57:fa:e2:ba:98:8b:ce:ec:18:67:5c:79:ed:78:90:75:e3:5e: b9:a1:a8:22:1f:74:59:46:09:17:64:0f:af:65:e3:1f:ec:c0: 6e:99:6b:aa:91:d9:4d:02:f8:1c:52:27:ef:d4:c8:ba:57:b8: 38:a5:a8:05:62:6e:55:7b:a5:d9:b3:ec:71:69:67:f8:07:54: 35:6b:05:81:89:7a:56:ae:97:2e:95:6d:9b:36:37:d2:e9:64: 58:48:7a:9d:27:e2:e9:13:96:92:78:a7:b8:fd:3f:1a:92:d1: d2:05:da:1d:9c:3a:9b:7f:d4:f0:f3:33:27:5a:75:62:75:ab: c4:2a:56:39:fd:d2:6c:af:36:23:b1:41:c9:d5:1e:8c:e7:1c: c0:ff:d2:93:88:f5:57:90:c7:86:fb:8b:83:37:c0:46:2e:9f: c9:71:3e:ba:fa:20:75:38:8f:31:60:b6:e2:3c:45:27:bd:12: e7:fd:21:d7:49:c0:2a:51:5c:76:d0:df:60:59:85:48:01:d6: 16:dc:5e:fb:5d:10:ca:e0:6b:0f:28:17:92:fd:07:a3:f5:66: e5:e6:18:92:63:c1:31:23:79:d2:da:a8:2f:18:84:11:bd:8d: e8:42:bc:ba:57:74:fb:67:68:e0:80:26:54:95:81:88:87:c9: 65:13:7b:65 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICGkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUJFREIxMTAvBgNVBAUTKDFFREU1QzZFMDA4MDI4QkNEMkFFMzM2NTEzODFCREUx RkQwN0M1RDQwHhcNMjQwMTAyMTY1MzU2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTk0M2ZhNC05NWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwtZXhOlb8X45V1ar5rZw3VCyTpx0tgWRGDTbtPyJlcig8Ja4NHZ7nQ9RSIz3 Y0U6DD3y7vLzMfdIe1yW7vF6q1DWyvU7haV70k3lZk2qj31Fcsjwq7nxfdoXK/hZ GyBkGADys4016kN1r9/C8F8pPegHaI7xNEJZQg93Nhr2DTzpBltFLKLK2gt63Yms R+KO5NC6tTjnPOr5upNRh7gneiDINdSlUMmdpB3B1/xqs2NL9/bnDo4f9xb434km Dqt6UcGNbtpJGtJU586LEPkYDy2F+DxcK4SMGCAJMvqc31x1YInhIL3Gs2wpl9QV vukSjM/yznyfhCpEjqKrFJDmZQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGaTSJQq zDDOf+G0W6RrwiyWo7dDMB8GA1UdIwQYMBaAFB7eXG4AgCi80q4zZROBveH9B8XU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QkVEQi81RDg2N0VCQzFG ODMxMUU3QjU3RTYwNTNDNEY5QUUwMi9IdDVjYmdDQUtMelNyak5sRTRHOTRmMEh4 ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0h0NWNiZ0NBS0x6U3JqTmxFNEc5NGYwSHhkUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUJFREIvNUQ4NjdFQkMxRjgzMTFFN0I1N0U2MDUzQzRGOUFFMDIvQTg0MkVFQUE4 ODBFMTFFRDlCRTUyQjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnUoADBAJ9PkAwDQYJKoZIhvcNAQELBQADggEBAFf64rqY i87sGGdcee14kHXjXrmhqCIfdFlGCRdkD69l4x/swG6Za6qR2U0C+BxSJ+/UyLpX uDilqAViblV7pdmz7HFpZ/gHVDVrBYGJelauly6VbZs2N9LpZFhIep0n4ukTlpJ4 p7j9PxqS0dIF2h2cOpt/1PDzMydadWJ1q8QqVjn90myvNiOxQcnVHoznHMD/0pOI 9VeQx4b7i4M3wEYun8lxPrr6IHU4jzFgtuI8RSe9Euf9IddJwCpRXHbQ32BZhUgB 1hbcXvtdEMrgaw8oF5L9B6P1ZuXmGJJjwTEjedLaqC8YhBG9jehCvLpXdPtnaOCA JlSVgYiHyWUTe2U= -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:13 2024 by rpki-client on console-ams.rpki-client.org