$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/147ABE1602DA11EBBE6C0F19C4F9AE02.roa File: 147ABE1602DA11EBBE6C0F19C4F9AE02.roa (raw, json) Hash identifier: 0QIthnce/QEIRC+Y/98tlcWuZe+dQahlkemtB0kkIP8= Subject key identifier: 9F:D8:BA:7D:DB:5B:1B:03:63:39:F9:20:A9:0D:D2:19:44:FB:FC:96 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8A31 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/147ABE1602DA11EBBE6C0F19C4F9AE02.roa Signing time: Thu 30 May 2024 16:01:58 +0000 ROA not before: Thu 30 May 2024 16:01:58 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 135245 IP address blocks: 103.220.12.0/24 maxlen: 24 103.220.13.0/24 maxlen: 24 103.220.14.0/24 maxlen: 24 103.220.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35377 (0x8a31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 30 16:01:58 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a2f6-f0b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:cf:09:c3:d2:81:b0:f7:73:c4:cb:8c:f0:09: 6d:78:fc:8f:82:f6:cd:b2:86:6a:b9:39:3e:89:ca: 5d:01:c9:ad:cc:90:e5:34:15:a2:a0:f8:c6:2b:63: ea:63:6c:40:12:b9:7b:2c:39:40:7e:0e:8e:6e:1f: fe:3a:24:31:7d:a2:1a:6c:b5:43:fb:71:4a:79:c8: aa:54:e3:18:df:8a:2a:4d:91:e4:b2:8c:ea:09:19: d1:a7:47:f0:7c:f4:7a:32:bc:ca:ff:95:51:3d:28: 3c:0e:26:2e:08:69:30:03:09:bc:4e:f0:b5:23:25: b9:b0:c8:9b:22:3c:ee:7e:0e:c9:8a:37:0d:c3:4f: d9:90:f6:90:3d:0e:54:88:ac:9c:54:4e:26:5a:0b: d5:12:41:cb:04:3d:fa:5a:53:78:c2:93:12:44:96: ba:b0:62:86:ee:9b:2c:5a:61:06:1a:a8:58:b1:2f: 1d:a1:f7:a8:49:21:7f:14:b6:63:17:a3:92:57:6f: 72:94:3e:2b:cd:69:91:b3:0a:cf:c3:5e:3e:fa:d8: 8e:2f:f1:db:ed:56:cd:0e:08:5c:04:df:ee:cc:be: ff:ab:8d:18:13:39:0c:e6:85:32:98:e3:f9:fe:05: 28:cf:56:30:55:dc:3c:39:79:f1:d9:45:c4:3a:48: 74:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:D8:BA:7D:DB:5B:1B:03:63:39:F9:20:A9:0D:D2:19:44:FB:FC:96 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/147ABE1602DA11EBBE6C0F19C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.220.12.0/22 Signature Algorithm: sha256WithRSAEncryption 18:4d:f2:e1:2c:41:0e:dc:2a:af:26:4d:a6:c0:3c:c8:9a:6e: e1:0d:59:50:7a:90:3b:f9:da:fb:bf:ce:28:39:7b:e5:c8:94: af:68:fa:a7:a7:ce:19:64:1a:66:7f:71:f2:17:a6:b6:bc:bb: 38:51:89:53:3a:2d:3c:01:e4:b1:a5:cd:31:b5:66:fe:91:2f: f5:27:9a:4d:8d:c3:a5:44:1c:c4:cc:1f:36:48:75:f3:a1:28: 82:4e:c6:b7:e7:c5:12:a4:f7:60:68:9c:8b:c7:ca:3f:2f:c5: 15:7e:b6:86:55:2f:71:fa:07:c0:18:7c:32:d2:a0:0c:f7:96: 5e:d5:73:cb:2e:2e:42:f6:3e:ec:8b:37:26:8a:78:97:6f:19: c9:d6:d8:75:35:1e:ef:73:8e:bf:e6:5a:f8:bf:1a:72:bf:79: b5:d8:0b:95:65:13:25:3c:57:45:08:ea:3a:f2:23:26:1e:1e: c2:8e:05:35:5c:f6:e3:33:24:b6:0e:75:7b:ea:78:85:d8:26: 4d:93:d1:a0:65:76:89:7f:53:6a:53:62:cf:98:24:a4:1c:ea: 72:50:89:6d:cb:2c:40:4e:d8:f9:72:77:6b:f2:76:45:09:e9: ea:c6:b3:3b:85:8d:c8:81:1c:3d:87:b3:67:f7:02:08:fe:5a: bb:ed:eb:18 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgIDAIoxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE2MDE1OFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGEyZjYtZjBiODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALLPCcPSgbD3c8TLjPAJbXj8j4L2zbKGark5PonKXQHJrcyQ5TQVoqD4xitj 6mNsQBK5eyw5QH4Ojm4f/jokMX2iGmy1Q/txSnnIqlTjGN+KKk2R5LKM6gkZ0adH 8Hz0ejK8yv+VUT0oPA4mLghpMAMJvE7wtSMlubDImyI87n4OyYo3DcNP2ZD2kD0O VIisnFROJloL1RJBywQ9+lpTeMKTEkSWurBihu6bLFphBhqoWLEvHaH3qEkhfxS2 YxejkldvcpQ+K81pkbMKz8NePvrYji/x2+1WzQ4IXATf7sy+/6uNGBM5DOaFMpjj +f4FKM9WMFXcPDl58dlFxDpIdBkCAwEAAaOCApUwggKRMB0GA1UdDgQWBBSf2Lp9 21sbA2M5+SCpDdIZRPv8ljAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE0N0FCRTE2 MDJEQTExRUJCRTZDMEYxOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/ BBAwDjAMBAIAATAGAwQCZ9wMMA0GCSqGSIb3DQEBCwUAA4IBAQAYTfLhLEEO3Cqv Jk2mwDzImm7hDVlQepA7+dr7v84oOXvlyJSvaPqnp84ZZBpmf3HyF6a2vLs4UYlT Oi08AeSxpc0xtWb+kS/1J5pNjcOlRBzEzB82SHXzoSiCTsa358USpPdgaJyLx8o/ L8UVfraGVS9x+gfAGHwy0qAM95Ze1XPLLi5C9j7sizcminiXbxnJ1th1NR7vc46/ 5lr4vxpyv3m12AuVZRMlPFdFCOo68iMmHh7CjgU1XPbjMyS2DnV76niF2CZNk9Gg ZXaJf1NqU2LPmCSkHOpyUIltyyxATtj5cndr8nZFCenqxrM7hY3IgRw9h7Nn9wII /lq77esY -----END CERTIFICATE-----Generated at Fri Nov 22 11:47:34 2024 by rpki-client on console-ams.rpki-client.org