$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4B8A5A5A816711EF975C6F85C4F9AE02.roa File: 4B8A5A5A816711EF975C6F85C4F9AE02.roa (raw, json) Hash identifier: r2SSuhdZxTINfLvBdtXqurSZS09+waJKZ5Ji8bKSBac= Subject key identifier: BA:6B:8A:11:4F:15:99:33:52:6F:76:FA:F6:47:72:E1:3E:4A:F0:5E Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 9AA1 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4B8A5A5A816711EF975C6F85C4F9AE02.roa Signing time: Thu 03 Oct 2024 09:14:09 +0000 ROA not before: Thu 03 Oct 2024 09:14:08 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 153211 IP address blocks: 103.100.20.0/22 maxlen: 24 2001:df4:4240::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 12:05:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39585 (0x9aa1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Oct 3 09:14:08 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66fe6060-b547 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:bb:37:fb:79:96:64:d0:4a:aa:cc:c6:30:72: 26:7b:3a:12:73:69:69:a0:83:66:42:59:95:a0:ef: 0f:16:ac:dc:b8:59:4c:67:52:66:93:47:ac:ad:4d: 80:82:88:78:4e:ee:32:c1:8c:98:dd:d2:1b:90:26: 8b:59:61:75:fa:a5:56:01:8a:72:61:db:9a:f6:9d: ec:e3:94:59:93:26:6f:9f:dc:f1:9f:3b:ec:cb:55: 13:ba:36:10:89:a4:3b:52:dd:1f:c5:cd:1e:99:70: 9a:d9:30:e8:85:47:20:cb:18:d5:a1:2e:1e:26:04: 9b:c6:8e:7f:91:03:e1:bf:cc:31:1f:ee:9d:9c:92: a5:4c:57:c9:bc:cb:0f:46:11:9b:68:07:83:7b:e3: 74:b6:11:91:16:94:4b:d4:23:93:cc:00:49:7f:ce: 8c:13:0f:cd:2e:e6:8e:67:1a:85:44:13:a4:ea:1e: 5b:f1:4d:7b:5e:ac:37:c9:e2:84:5c:e4:88:99:e1: e5:e5:96:c1:9f:89:b6:5f:47:07:b7:cf:1d:f4:bd: 9b:7b:51:c9:fa:8f:66:4d:e4:dd:e4:e1:0f:f8:a8: 8b:38:93:3d:26:e1:51:2f:f9:ff:33:11:3f:84:df: 78:07:34:76:5b:ea:ab:a5:95:f0:4f:19:ac:69:34: ae:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:6B:8A:11:4F:15:99:33:52:6F:76:FA:F6:47:72:E1:3E:4A:F0:5E X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4B8A5A5A816711EF975C6F85C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.100.20.0/22 IPv6: 2001:df4:4240::/48 Signature Algorithm: sha256WithRSAEncryption 20:72:e6:88:94:7f:4a:32:a5:e4:a3:30:2e:59:6d:e8:cf:53: 8d:8b:c1:f2:44:3f:85:f8:c1:0a:51:fd:f9:16:00:8c:82:f0: d1:a8:63:92:a5:8c:3b:3c:f0:aa:1b:a0:82:65:46:f5:7c:fb: f1:a8:2d:e6:9e:99:83:ba:43:15:17:34:bd:b5:a4:00:0e:37: 17:8b:d7:84:fe:92:73:c4:e7:ca:11:fc:34:32:7d:32:6e:39: 4f:d4:63:65:e7:59:99:aa:97:5b:4c:dd:0d:19:df:b0:8e:ca: 15:42:b7:d6:86:46:a1:14:05:b1:f3:2b:27:86:b4:5e:3f:41: 96:ce:a2:c6:62:8a:3f:81:41:30:ff:7c:0f:4d:65:64:71:79: 28:51:ac:db:7d:16:91:f4:40:b2:49:f2:d9:5f:b6:30:8e:6a: 96:4c:80:0f:f5:06:95:af:8c:36:30:aa:c7:6c:d9:f4:c3:2c: 9f:25:90:20:ad:44:bf:04:83:30:5f:67:b8:09:f9:ee:6d:24: bd:ec:93:79:f6:fd:1d:20:9e:a5:a7:27:bf:e6:65:06:b7:d9: 0e:8e:58:91:a6:4e:8a:ac:cf:0a:62:40:95:38:19:12:fb:8d: 3c:2b:90:38:5f:47:37:cd:c4:c0:ed:d6:34:33:14:09:ae:2c: 61:d2:71:ec -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIDAJqhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MTAwMzA5MTQwOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjZmZTYwNjAtYjU0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKm7N/t5lmTQSqrMxjByJns6EnNpaaCDZkJZlaDvDxas3LhZTGdSZpNHrK1N gIKIeE7uMsGMmN3SG5Ami1lhdfqlVgGKcmHbmvad7OOUWZMmb5/c8Z877MtVE7o2 EImkO1LdH8XNHplwmtkw6IVHIMsY1aEuHiYEm8aOf5ED4b/MMR/unZySpUxXybzL D0YRm2gHg3vjdLYRkRaUS9Qjk8wASX/OjBMPzS7mjmcahUQTpOoeW/FNe16sN8ni hFzkiJnh5eWWwZ+Jtl9HB7fPHfS9m3tRyfqPZk3k3eThD/ioiziTPSbhUS/5/zMR P4TfeAc0dlvqq6WV8E8ZrGk0rtUCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBS6a4oR TxWZM1Jvdvr2R3LhPkrwXjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzRCOEE1QTVB ODE2NzExRUY5NzVDNkY4NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/ BCEwHzAMBAIAATAGAwQCZ2QUMA8EAgACMAkDBwAgAQ30QkAwDQYJKoZIhvcNAQEL BQADggEBACBy5oiUf0oypeSjMC5ZbejPU42LwfJEP4X4wQpR/fkWAIyC8NGoY5Kl jDs88KoboIJlRvV8+/GoLeaemYO6QxUXNL21pAAONxeL14T+knPE58oR/DQyfTJu OU/UY2XnWZmql1tM3Q0Z37COyhVCt9aGRqEUBbHzKyeGtF4/QZbOosZiij+BQTD/ fA9NZWRxeShRrNt9FpH0QLJJ8tlftjCOapZMgA/1BpWvjDYwqsds2fTDLJ8lkCCt RL8EgzBfZ7gJ+e5tJL3sk3n2/R0gnqWnJ7/mZQa32Q6OWJGmToqszwpiQJU4GRL7 jTwrkDhfRzfNxMDt1jQzFAmuLGHScew= -----END CERTIFICATE-----Generated at Fri Nov 22 13:34:57 2024 by rpki-client on console-fra.rpki-client.org