$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5C98AD88022D11EFB42EC511C4F9AE02.roa File: 5C98AD88022D11EFB42EC511C4F9AE02.roa (raw, json) Hash identifier: 3QuoyKvsvAAfoojd2wuJsYM2GM5FngnyRDpUsSj4NDU= Subject key identifier: BF:67:44:C2:10:77:7B:FD:10:19:7C:79:F3:B5:B5:31:3A:BD:FF:E1 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 86AB Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5C98AD88022D11EFB42EC511C4F9AE02.roa Signing time: Wed 24 Apr 2024 11:25:32 +0000 ROA not before: Wed 24 Apr 2024 11:25:32 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 132974 IP address blocks: 43.230.36.0/22 maxlen: 24 103.72.6.0/23 maxlen: 24 103.77.186.0/23 maxlen: 24 103.243.54.0/24 maxlen: 24 103.243.55.0/24 maxlen: 24 2001:df4:b000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 15:38:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34475 (0x86ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Apr 24 11:25:32 2024 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=6628ec2c-a83b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ff:91:20:d5:15:30:57:ab:26:e9:ce:8d:53: 85:a5:85:09:3b:ea:b0:fc:08:14:e5:cd:6b:a2:bd: c9:d1:61:f3:49:c1:61:9b:3a:f2:25:d0:5e:4a:fc: 0e:5d:9b:0b:24:22:48:5c:00:3a:ad:3c:3a:50:56: bd:70:3b:80:26:46:62:35:f2:65:f2:28:06:7b:ce: b4:ea:79:44:52:c3:ef:97:b9:dc:86:e0:55:76:5c: 2a:88:0a:58:73:17:bd:f7:f6:da:8b:a1:50:44:ef: ec:c6:ef:ae:37:2a:43:d3:3c:38:68:68:84:2e:f4: 00:6a:00:72:36:a9:71:b0:ca:b0:17:28:eb:14:e7: f6:4a:a2:32:ce:f2:38:5f:a0:55:19:10:24:e0:8d: 33:be:35:3f:11:82:ee:20:d7:8b:e1:20:ca:d9:4d: 82:36:cc:53:f6:e4:3e:ea:3f:b9:39:75:cc:16:3b: 48:2b:61:ea:33:78:c4:a2:bc:30:5a:ed:4c:19:00: db:bd:00:90:92:a1:4c:74:69:f0:62:e7:9e:5a:6a: bd:4a:37:7f:a1:75:1c:d6:47:83:10:5a:4a:63:21: 6c:23:bd:81:f9:17:78:1f:c4:3c:9a:13:26:18:a0: 81:74:61:20:bd:7e:41:a8:00:e5:7f:bb:db:4a:03: ee:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:67:44:C2:10:77:7B:FD:10:19:7C:79:F3:B5:B5:31:3A:BD:FF:E1 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5C98AD88022D11EFB42EC511C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.36.0/22 103.72.6.0/23 103.77.186.0/23 103.243.54.0/23 IPv6: 2001:df4:b000::/48 Signature Algorithm: sha256WithRSAEncryption 33:91:93:a5:43:9e:fb:aa:ff:f1:1f:fd:c3:ce:60:f3:00:c2: 94:87:61:10:f6:2f:9a:23:8b:7b:1c:a7:1a:77:6a:a3:65:a9: e4:b6:64:84:a6:fe:a0:ae:47:36:2e:89:ce:29:45:97:c2:25: 8b:a9:a1:e1:54:9a:55:95:c4:cb:07:fc:d0:22:34:fe:e8:4e: 0a:ac:84:86:4c:95:bd:1b:55:1c:c7:38:b1:6b:1b:85:ae:00: 33:02:51:98:d5:d5:f3:1a:35:d6:9f:7e:a6:16:88:8d:29:fd: 85:f4:81:8a:a4:6c:23:8f:1e:7f:77:7b:c1:26:ec:c9:2e:d7: 52:07:19:51:fd:75:05:15:dd:1b:87:71:3d:cc:d7:a6:cd:78: 09:a7:78:fe:7e:66:e1:e7:f4:41:68:89:1a:29:1a:ba:7e:ed: 7a:ce:32:f6:f3:b3:c0:ef:fd:fa:b6:64:21:53:1c:54:26:8d: 99:85:93:1e:11:98:83:e1:9a:0e:75:4a:42:47:ff:3d:cf:62: a7:e4:94:bd:27:f4:eb:54:ab:70:53:b1:ba:af:ec:65:3d:76: d8:e0:13:95:36:9b:b4:de:63:b8:a1:65:c8:e9:11:38:94:f1: 29:95:f4:e8:af:3f:d4:51:03:da:8c:d3:11:7b:e6:9f:28:aa: 8a:c8:3d:76 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIDAIarMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDQyNDExMjUzMloXDTI0MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjYyOGVjMmMtYTgzYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANr/kSDVFTBXqybpzo1ThaWFCTvqsPwIFOXNa6K9ydFh80nBYZs68iXQXkr8 Dl2bCyQiSFwAOq08OlBWvXA7gCZGYjXyZfIoBnvOtOp5RFLD75e53IbgVXZcKogK WHMXvff22ouhUETv7MbvrjcqQ9M8OGhohC70AGoAcjapcbDKsBco6xTn9kqiMs7y OF+gVRkQJOCNM741PxGC7iDXi+EgytlNgjbMU/bkPuo/uTl1zBY7SCth6jN4xKK8 MFrtTBkA270AkJKhTHRp8GLnnlpqvUo3f6F1HNZHgxBaSmMhbCO9gfkXeB/EPJoT JhiggXRhIL1+QagA5X+720oD7jsCAwEAAaOCArgwggK0MB0GA1UdDgQWBBS/Z0TC EHd7/RAZfHnztbUxOr3/4TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVDOThBRDg4 MDIyRDExRUZCNDJFQzUxMUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEIGCCsGAQUFBwEHAQH/ BDMwMTAeBAIAATAYAwQCK+YkAwQBZ0gGAwQBZ026AwQBZ/M2MA8EAgACMAkDBwAg AQ30sAAwDQYJKoZIhvcNAQELBQADggEBADORk6VDnvuq//Ef/cPOYPMAwpSHYRD2 L5oji3scpxp3aqNlqeS2ZISm/qCuRzYuic4pRZfCJYupoeFUmlWVxMsH/NAiNP7o TgqshIZMlb0bVRzHOLFrG4WuADMCUZjV1fMaNdaffqYWiI0p/YX0gYqkbCOPHn93 e8Em7Mku11IHGVH9dQUV3RuHcT3M16bNeAmneP5+ZuHn9EFoiRopGrp+7XrOMvbz s8Dv/fq2ZCFTHFQmjZmFkx4RmIPhmg51SkJH/z3PYqfklL0n9OtUq3BTsbqv7GU9 dtjgE5U2m7TeY7ihZcjpETiU8SmV9OivP9RRA9qM0xF75p8oqorIPXY= -----END CERTIFICATE-----Generated at Thu May 16 16:14:41 2024 by rpki-client on console-fra.rpki-client.org