$ rpki-client -vvf rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/CDA6F2D0111611EFAD808A81C4F9AE02.roa File: CDA6F2D0111611EFAD808A81C4F9AE02.roa (raw, json) Hash identifier: SRelSEvLNqYoOSszS2goqEFTfuu04k/V3JzZ56G1Oj4= Subject key identifier: D4:51:8E:F3:49:9C:86:29:E6:7F:3D:48:2C:ED:3B:87:A4:A2:22:5A Certificate issuer: /CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A Certificate serial: 06E8 Authority key identifier: 62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/CDA6F2D0111611EFAD808A81C4F9AE02.roa Signing time: Tue 14 May 2024 06:19:29 +0000 ROA not before: Tue 14 May 2024 06:19:29 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 136251 IP address blocks: 103.204.180.0/24 maxlen: 24 103.204.181.0/24 maxlen: 24 103.204.182.0/24 maxlen: 24 103.204.183.0/24 maxlen: 24 202.181.0.0/24 maxlen: 24 202.181.1.0/24 maxlen: 24 202.181.2.0/24 maxlen: 24 202.181.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.crl rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 23:57:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1768 (0x6e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A Validity Not Before: May 14 06:19:29 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=66430271-a39c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:36:85:25:dd:c5:a6:95:c8:a3:34:23:9d:6d: 27:52:4f:5a:09:26:2b:5d:c6:09:ea:cc:d7:1e:7c: 79:4e:ad:cf:f7:9f:e9:63:c8:41:f7:9e:9d:37:06: 0c:e3:71:7b:99:83:e0:b8:46:81:8b:f1:51:5d:41: f6:7b:63:28:62:e0:75:31:9a:e8:a8:0b:81:90:d2: 30:6b:e4:50:5b:1b:24:a5:55:5f:dc:e0:5b:ed:ab: 27:55:59:49:8d:c9:a6:cc:02:84:34:0e:e5:a7:86: f9:6e:16:ca:0f:9a:5c:a8:bd:92:3e:46:ab:75:56: 17:80:e4:85:60:a2:85:41:e7:23:43:5a:17:88:f2: 44:bb:1a:2a:74:74:aa:a3:f5:03:1a:83:36:77:21: b6:fb:ad:25:c4:df:72:65:ac:72:78:61:dc:f5:41: 6c:06:bb:f8:1b:61:12:a3:53:26:bc:0a:c5:b6:0f: af:14:b5:5f:2e:03:a4:64:24:24:11:fc:9e:93:ad: e3:b1:8a:fa:f4:fa:2a:37:e5:5d:2c:03:d7:8f:6e: 87:52:26:60:7b:1c:25:9e:19:19:f2:68:8f:e8:9c: 22:4d:69:44:47:1a:e6:47:b2:1a:af:3e:40:11:79: 63:2a:17:a2:45:dd:85:13:2d:1a:8a:04:44:b6:7d: 22:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:51:8E:F3:49:9C:86:29:E6:7F:3D:48:2C:ED:3B:87:A4:A2:22:5A X509v3 Authority Key Identifier: keyid:62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/CDA6F2D0111611EFAD808A81C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.204.180.0/22 202.181.0.0/22 Signature Algorithm: sha256WithRSAEncryption 7c:94:8a:88:6b:33:8c:40:84:cd:88:99:96:1d:98:a7:df:9c: 95:ef:a2:38:c8:a8:1d:fd:22:4d:d2:64:b5:83:4e:d7:eb:a7: eb:d8:04:1a:ac:26:12:49:09:4c:1b:1e:40:73:7b:00:af:88: 79:e8:6c:c2:2e:75:84:98:2f:12:7a:ac:95:49:3f:03:c4:c1: c0:4b:3f:8f:36:b6:56:6f:39:e7:c8:03:09:e5:14:ad:83:fe: 3c:f0:ef:61:39:3a:c0:c8:dc:95:4f:d4:ea:dc:63:06:da:cc: 5b:19:1f:99:d7:d3:2c:13:e9:20:88:64:70:b7:7b:6f:25:f6: e7:e1:aa:39:2a:41:aa:02:91:e9:db:58:ca:c0:27:d5:b8:73: 61:3c:53:c8:e0:6c:aa:71:7f:9a:47:f6:14:a7:77:19:75:fe: 05:f2:22:ab:99:69:3d:01:aa:db:f9:d3:cc:4b:4a:3d:33:4d: 2d:3a:bc:af:2b:28:63:de:07:05:2e:9c:52:84:17:00:03:2f: 69:5e:e5:47:cf:12:7a:3e:a9:4c:25:39:5b:b8:01:0c:5a:8b: 40:df:e9:d0:dd:dc:6e:86:38:a9:fc:46:5e:be:22:91:aa:5f: 77:7b:27:4d:1d:1a:03:72:44:e9:cc:87:67:ff:f2:65:d8:7a: ca:a3:ac:b3 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBugwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NFMjIxMTAvBgNVBAUTKDYyQzQxODJDMDAzRUZDRkEzOEREQUY0RUY5MDRGQjA0 RkU1QjU2NEEwHhcNMjQwNTE0MDYxOTI5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjQzMDI3MS1hMzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtjaFJd3FppXIozQjnW0nUk9aCSYrXcYJ6szXHnx5Tq3P95/pY8hB956dNwYM 43F7mYPguEaBi/FRXUH2e2MoYuB1MZroqAuBkNIwa+RQWxskpVVf3OBb7asnVVlJ jcmmzAKENA7lp4b5bhbKD5pcqL2SPkardVYXgOSFYKKFQecjQ1oXiPJEuxoqdHSq o/UDGoM2dyG2+60lxN9yZaxyeGHc9UFsBrv4G2ESo1MmvArFtg+vFLVfLgOkZCQk Efyek63jsYr69PoqN+VdLAPXj26HUiZgexwlnhkZ8miP6JwiTWlERxrmR7Iarz5A EXljKheiRd2FEy0aigREtn0ifQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNRRjvNJ nIYp5n89SCztO4ekoiJaMB8GA1UdIwQYMBaAFGLEGCwAPvz6ON2vTvkE+wT+W1ZK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0UyMi8xMkZBODExQTE3 N0IxMUVCODQ2MzRDMzZDNEY5QUUwMi9Zc1FZTEFBLV9QbzQzYTlPLVFUN0JQNWJW a28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lzUVlMQUEtX1BvNDNhOU8tUVQ3QlA1YlZrby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0NFMjIvMTJGQTgxMUExNzdCMTFFQjg0NjM0QzM2QzRGOUFFMDIvQ0RBNkYyRDAx MTE2MTFFRkFEODA4QTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnzLQDBALKtQAwDQYJKoZIhvcNAQELBQADggEBAHyUiohr M4xAhM2ImZYdmKffnJXvojjIqB39Ik3SZLWDTtfrp+vYBBqsJhJJCUwbHkBzewCv iHnobMIudYSYLxJ6rJVJPwPEwcBLP482tlZvOefIAwnlFK2D/jzw72E5OsDI3JVP 1OrcYwbazFsZH5nX0ywT6SCIZHC3e28l9ufhqjkqQaoCkenbWMrAJ9W4c2E8U8jg bKpxf5pH9hSndxl1/gXyIquZaT0Bqtv508xLSj0zTS06vK8rKGPeBwUunFKEFwAD L2le5UfPEno+qUwlOVu4AQxai0Df6dDd3G6GOKn8Rl6+IpGqX3d7J00dGgNyROnM h2f/8mXYesqjrLM= -----END CERTIFICATE-----Generated at Sat Jun 1 00:32:59 2024 by rpki-client on console-fra.rpki-client.org