$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/54167E4C02DB11EBB4DBB51CC4F9AE02.roa File: 54167E4C02DB11EBB4DBB51CC4F9AE02.roa (raw, json) Hash identifier: fHqwVVxd5LrMGNWsSyUoiZXhIS0ZkIPwMprWocEKWVI= Subject key identifier: CF:6C:2D:30:4F:1A:6A:3F:BA:05:54:EE:BC:C0:86:99:14:D3:85:28 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8746 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/54167E4C02DB11EBB4DBB51CC4F9AE02.roa Signing time: Mon 13 May 2024 07:09:23 +0000 ROA not before: Mon 13 May 2024 07:09:23 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 131459 IP address blocks: 43.250.40.0/22 maxlen: 24 103.5.112.0/22 maxlen: 24 103.242.136.0/22 maxlen: 24 2402:900::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:50:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34630 (0x8746) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 13 07:09:23 2024 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=6641bca3-06c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:3f:8c:42:09:de:6c:7a:d4:d2:94:71:d9:6a: 65:71:77:7e:e8:0e:ca:26:41:bb:d2:6b:85:43:d2: 4a:7e:69:ce:b6:67:91:51:e6:ad:ce:75:45:54:af: 51:36:c5:0c:56:81:4f:fb:29:0b:8c:2f:4c:fb:44: 9f:6d:75:1f:4c:ca:56:2b:4c:fa:b2:2c:34:32:5f: 48:89:26:04:40:06:5e:9a:11:d3:dc:0f:b8:64:8a: 1e:ad:88:2c:26:96:8e:f3:91:49:d6:08:fc:23:5b: e5:9f:9b:6a:8d:79:1c:02:ed:47:9e:fe:b6:ab:75: ea:01:d6:3a:1c:1a:3a:2f:ee:a4:3b:3d:56:d1:d0: 12:c5:c8:dd:39:26:be:f4:6e:50:b1:dd:b5:10:3f: e5:2c:30:eb:25:24:a0:88:3a:72:6a:f4:5e:ca:5b: aa:6f:59:84:94:27:b6:4c:a8:2e:ed:1a:e8:cd:22: 0c:7d:46:43:e9:61:29:d6:49:ff:f4:96:ad:b0:df: a4:87:d3:92:0a:60:a6:7d:05:3b:68:a9:bd:ed:fc: d9:a9:aa:74:59:77:96:74:2c:35:d5:8f:0c:5c:c1: 9e:26:56:ef:bb:c3:d5:80:7d:da:22:9a:b7:5e:39: 3c:ef:ac:58:0b:5f:2c:0d:89:8e:a4:d9:db:04:c4: d7:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:6C:2D:30:4F:1A:6A:3F:BA:05:54:EE:BC:C0:86:99:14:D3:85:28 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/54167E4C02DB11EBB4DBB51CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.250.40.0/22 103.5.112.0/22 103.242.136.0/22 IPv6: 2402:900::/32 Signature Algorithm: sha256WithRSAEncryption 57:1d:04:f8:c7:9d:ad:2a:3e:ca:b1:64:8e:68:df:0f:c6:ed: fe:60:3a:4a:c1:9c:8a:39:53:26:50:31:dd:89:af:d4:1c:c0: e0:d4:80:1f:35:ca:01:bd:29:a5:ee:11:0b:b0:49:3c:75:47: ff:9b:1a:9b:ca:da:2e:83:7a:eb:2a:f5:41:f1:da:11:e6:bb: 10:52:c6:aa:56:43:f3:87:12:5d:a0:3a:c6:f2:db:c2:30:e0: 82:e1:37:e3:f5:d9:2b:df:64:1d:78:99:7b:c1:5a:34:68:77: 73:98:08:11:39:93:f8:88:c4:46:48:0b:66:8f:9a:4a:6c:00: ce:09:22:f7:d5:2d:30:db:31:eb:4f:f6:d4:ec:9b:0f:03:84: e7:e3:10:4a:93:9c:22:b7:0b:59:b2:b2:3f:1a:4d:34:d5:2d: d0:dd:da:9b:16:b3:d4:a6:fc:36:ee:42:91:b0:e1:d4:a8:26: 18:c4:0e:6d:23:a1:65:12:f0:35:30:0e:84:0d:9a:14:b7:b9: 45:40:00:63:e7:51:bf:37:23:c0:d5:61:28:1f:d1:dc:70:3b: 72:93:f4:b9:0d:e9:e4:41:2e:63:7d:8f:83:a0:c7:a7:a8:9b: fd:08:84:5f:ad:70:7f:f7:bd:15:9f:01:34:62:38:2a:03:35: 0c:67:be:7e -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgIDAIdGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUxMzA3MDkyM1oXDTI0MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY0MWJjYTMtMDZjNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJY/jEIJ3mx61NKUcdlqZXF3fugOyiZBu9JrhUPSSn5pzrZnkVHmrc51RVSv UTbFDFaBT/spC4wvTPtEn211H0zKVitM+rIsNDJfSIkmBEAGXpoR09wPuGSKHq2I LCaWjvORSdYI/CNb5Z+bao15HALtR57+tqt16gHWOhwaOi/upDs9VtHQEsXI3Tkm vvRuULHdtRA/5Sww6yUkoIg6cmr0Xspbqm9ZhJQntkyoLu0a6M0iDH1GQ+lhKdZJ //SWrbDfpIfTkgpgpn0FO2ipve382amqdFl3lnQsNdWPDFzBniZW77vD1YB92iKa t145PO+sWAtfLA2JjqTZ2wTE188CAwEAAaOCArAwggKsMB0GA1UdDgQWBBTPbC0w TxpqP7oFVO68wIaZFNOFKDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU0MTY3RTRD MDJEQjExRUJCNERCQjUxQ0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDoGCCsGAQUFBwEHAQH/ BCswKTAYBAIAATASAwQCK/ooAwQCZwVwAwQCZ/KIMA0EAgACMAcDBQAkAgkAMA0G CSqGSIb3DQEBCwUAA4IBAQBXHQT4x52tKj7KsWSOaN8Pxu3+YDpKwZyKOVMmUDHd ia/UHMDg1IAfNcoBvSml7hELsEk8dUf/mxqbytoug3rrKvVB8doR5rsQUsaqVkPz hxJdoDrG8tvCMOCC4Tfj9dkr32QdeJl7wVo0aHdzmAgROZP4iMRGSAtmj5pKbADO CSL31S0w2zHrT/bU7JsPA4Tn4xBKk5witwtZsrI/Gk001S3Q3dqbFrPUpvw27kKR sOHUqCYYxA5tI6FlEvA1MA6EDZoUt7lFQABj51G/NyPA1WEoH9HccDtyk/S5Denk QS5jfY+DoMenqJv9CIRfrXB/970VnwE0YjgqAzUMZ75+ -----END CERTIFICATE-----Generated at Sat May 18 16:20:00 2024 by rpki-client on console-fra.rpki-client.org