$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7B599432590C11EE98844076C4F9AE02.roa File: 7B599432590C11EE98844076C4F9AE02.roa (raw, json) Hash identifier: kY/qsXsu2aQzzdwuT4GFw37sj6Hh5yRBPmgtTnARIqg= Subject key identifier: 57:21:BA:71:2F:FF:3E:FD:59:A2:E7:73:83:C6:48:33:C2:E2:B8:2C Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7A8F Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7B599432590C11EE98844076C4F9AE02.roa Signing time: Fri 22 Sep 2023 05:54:24 +0000 ROA not before: Fri 22 Sep 2023 05:54:24 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 55947 IP address blocks: 43.247.156.0/22 maxlen: 24 103.5.132.0/22 maxlen: 24 103.39.126.0/23 maxlen: 24 103.87.92.0/22 maxlen: 24 103.87.128.0/22 maxlen: 24 103.91.180.0/22 maxlen: 24 103.92.100.0/22 maxlen: 24 103.132.16.0/23 maxlen: 24 103.154.27.0/24 maxlen: 24 103.157.238.0/23 maxlen: 24 103.161.74.0/23 maxlen: 24 103.173.170.0/23 maxlen: 24 124.40.244.0/22 maxlen: 24 2400:c2a0::/32 maxlen: 32 2404:1f00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 15:38:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31375 (0x7a8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Sep 22 05:54:24 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=650d2c10-8bcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:02:56:fd:4f:dc:b0:a5:bc:46:e8:7a:a6:f6: 5f:db:f0:16:d9:fd:0d:16:8c:45:af:57:e5:6f:86: c7:10:a0:5a:6e:1c:4e:55:8a:f9:d1:6f:e5:e0:54: 33:17:39:b2:1e:48:63:37:57:b1:fa:e4:f4:72:de: 44:63:2a:13:4a:23:b4:34:32:40:a9:97:de:32:16: c7:85:ca:90:64:91:2c:d2:cb:51:a7:6a:f2:b4:3c: 70:19:db:c1:ff:cc:08:f7:ed:a7:73:04:0e:13:a6: e5:9c:fb:f4:47:13:ad:0d:26:cd:01:3a:87:f2:b2: 3e:0e:53:c9:51:50:b4:ea:eb:35:74:1f:02:0a:7b: 6f:b6:fb:91:6c:4b:52:81:27:0b:db:11:b3:97:4c: be:de:af:c9:19:5b:8c:49:63:82:83:04:6f:ec:45: 0a:dd:5f:74:35:8e:82:ba:6a:1a:95:08:1b:63:ae: 6a:8b:88:80:af:37:2f:42:87:1d:5b:45:72:4d:33: 7e:1d:3f:26:c0:80:91:a6:71:af:7c:a5:84:23:0e: d9:29:f6:6e:56:de:f3:b9:41:c4:f5:a2:4e:09:52: 52:48:a8:16:34:b4:97:65:92:b1:79:45:9c:2d:b1: 46:e5:b9:88:39:63:c7:97:18:59:80:c7:42:e6:87: d4:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:21:BA:71:2F:FF:3E:FD:59:A2:E7:73:83:C6:48:33:C2:E2:B8:2C X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7B599432590C11EE98844076C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.247.156.0/22 103.5.132.0/22 103.39.126.0/23 103.87.92.0/22 103.87.128.0/22 103.91.180.0/22 103.92.100.0/22 103.132.16.0/23 103.154.27.0/24 103.157.238.0/23 103.161.74.0/23 103.173.170.0/23 124.40.244.0/22 IPv6: 2400:c2a0::/32 2404:1f00::/32 Signature Algorithm: sha256WithRSAEncryption 0d:ea:aa:fe:94:e6:4f:c9:9e:c7:1d:08:90:95:ce:a9:aa:36: 34:38:b5:6c:4e:7d:9a:03:9a:ee:39:ae:6a:f5:01:18:bd:f6: dc:ae:a3:01:81:ec:bc:ae:ae:08:5a:2f:a1:09:ca:b4:fd:25: 09:1b:6e:25:77:ed:5f:08:cd:b5:19:cf:64:7f:9c:ca:6e:b6: 01:55:a6:d7:06:fa:7f:ef:79:62:40:fc:69:eb:d7:65:5f:3f: c6:3a:8e:7f:9c:cd:19:19:5a:91:1a:9d:a7:64:bd:5b:78:b3: c3:de:bd:63:a4:d1:2c:bd:f0:d5:9f:da:29:5a:cc:f0:c6:9c: a1:56:20:80:56:0b:ef:4a:e0:f4:41:fa:db:fa:c6:5e:b3:42: c1:44:83:65:f8:c8:5b:e9:0c:68:fc:73:be:88:14:34:04:b4: cd:7a:bd:c7:ec:65:83:63:0c:9b:79:39:f3:b2:29:54:e9:0d: 59:e4:4d:38:74:86:db:87:3d:09:68:ba:cc:1d:89:93:bc:7d: 58:8a:36:88:a8:00:5e:8b:6b:84:43:98:9c:df:86:a9:07:02: e9:df:4f:49:01:39:f6:e5:62:8c:1a:40:4d:0f:ec:45:f7:7c: 88:d0:30:66:32:b2:79:a3:ae:65:14:5e:49:3a:f0:31:34:69: f6:3b:78:53 -----BEGIN CERTIFICATE----- MIIFzzCCBLegAwIBAgICeo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwOTIyMDU1NDI0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTBkMmMxMC04YmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxQJW/U/csKW8Ruh6pvZf2/AW2f0NFoxFr1flb4bHEKBabhxOVYr50W/l4FQz FzmyHkhjN1ex+uT0ct5EYyoTSiO0NDJAqZfeMhbHhcqQZJEs0stRp2rytDxwGdvB /8wI9+2ncwQOE6blnPv0RxOtDSbNATqH8rI+DlPJUVC06us1dB8CCntvtvuRbEtS gScL2xGzl0y+3q/JGVuMSWOCgwRv7EUK3V90NY6CumoalQgbY65qi4iArzcvQocd W0VyTTN+HT8mwICRpnGvfKWEIw7ZKfZuVt7zuUHE9aJOCVJSSKgWNLSXZZKxeUWc LbFG5bmIOWPHlxhZgMdC5ofU6wIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFFchunEv /z79WaLnc4PGSDPC4rgsMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvN0I1OTk0MzI1 OTBDMTFFRTk4ODQ0MDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfQYIKwYBBQUHAQcBAf8E bjBsMFQEAgABME4DBAIr95wDBAJnBYQDBAFnJ34DBAJnV1wDBAJnV4ADBAJnW7QD BAJnXGQDBAFnhBADBABnmhsDBAFnne4DBAFnoUoDBAFnraoDBAJ8KPQwFAQCAAIw DgMFACQAwqADBQAkBB8AMA0GCSqGSIb3DQEBCwUAA4IBAQAN6qr+lOZPyZ7HHQiQ lc6pqjY0OLVsTn2aA5ruOa5q9QEYvfbcrqMBgey8rq4IWi+hCcq0/SUJG24ld+1f CM21Gc9kf5zKbrYBVabXBvp/73liQPxp69dlXz/GOo5/nM0ZGVqRGp2nZL1beLPD 3r1jpNEsvfDVn9opWszwxpyhViCAVgvvSuD0Qfrb+sZes0LBRINl+Mhb6Qxo/HO+ iBQ0BLTNer3H7GWDYwybeTnzsilU6Q1Z5E04dIbbhz0JaLrMHYmTvH1YijaIqABe i2uEQ5ic34apBwLp309JATn25WKMGkBND+xF93yI0DBmMrJ5o65lFF5JOvAxNGn2 O3hT -----END CERTIFICATE-----Generated at Thu May 16 16:14:45 2024 by rpki-client on console-fra.rpki-client.org