$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7B599432590C11EE98844076C4F9AE02.roa File: 7B599432590C11EE98844076C4F9AE02.roa (raw, json) Hash identifier: XEBw9KWceYyTMvERjQ6cYP74+D5rFD4T0hdViIMmAJs= Subject key identifier: A9:EF:DD:0F:05:18:6B:EB:31:FC:EC:9F:BC:CF:A3:B4:1E:68:C7:83 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 910B Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7B599432590C11EE98844076C4F9AE02.roa Signing time: Thu 30 May 2024 16:30:32 +0000 ROA not before: Thu 30 May 2024 16:30:32 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 55947 IP address blocks: 43.247.156.0/22 maxlen: 24 103.5.132.0/22 maxlen: 24 103.39.126.0/23 maxlen: 24 103.87.92.0/22 maxlen: 24 103.87.128.0/22 maxlen: 24 103.91.180.0/22 maxlen: 24 103.92.100.0/22 maxlen: 24 103.132.16.0/23 maxlen: 24 103.154.27.0/24 maxlen: 24 103.157.238.0/23 maxlen: 24 103.161.74.0/23 maxlen: 24 103.173.170.0/23 maxlen: 24 124.40.244.0/22 maxlen: 24 2400:c2a0::/32 maxlen: 32 2404:1f00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37131 (0x910b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 30 16:30:32 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a9a7-525b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:fb:56:e5:a3:33:c1:9e:9e:1f:2e:15:16:36: 23:b4:13:0c:f3:13:ba:b3:e1:dd:ca:3a:0c:8c:49: d5:da:8c:bc:d7:51:c4:fa:25:b9:97:68:13:0b:0c: a8:64:6b:b2:7c:d8:18:97:6b:05:2c:a9:cf:eb:47: 14:9d:ed:03:3e:4b:60:fa:d1:57:83:4d:d5:1e:b0: 2a:e5:57:b1:99:04:f9:77:42:1e:5c:d4:9c:c0:ad: d8:19:26:98:1d:49:f3:95:76:5d:42:9b:40:df:49: 96:62:d6:be:f4:d5:27:df:49:ba:4c:80:76:0f:33: c5:10:c6:14:18:5c:33:29:cc:d7:27:48:8a:4b:32: 8f:00:86:b9:51:11:d8:87:f3:21:c7:4b:f4:6c:7d: af:51:fc:ba:97:20:63:6d:cf:34:d7:f1:d8:4a:28: 8c:ff:2b:ae:14:c5:79:44:46:2d:45:b8:ac:28:b1: 6f:9a:aa:a8:6e:07:4e:4a:57:6b:ec:ab:a6:92:ea: 32:e6:b2:61:0a:6d:36:f6:aa:4e:6c:dd:0f:4c:dc: 05:42:d8:0d:b1:26:c8:6d:6d:e9:10:d8:28:a9:7c: 2d:4d:db:6c:4d:e3:e7:a1:7b:27:ab:37:14:c8:49: d2:5a:ce:7e:14:7f:82:49:9f:0b:a9:46:e6:1b:b1: 62:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:EF:DD:0F:05:18:6B:EB:31:FC:EC:9F:BC:CF:A3:B4:1E:68:C7:83 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7B599432590C11EE98844076C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.247.156.0/22 103.5.132.0/22 103.39.126.0/23 103.87.92.0/22 103.87.128.0/22 103.91.180.0/22 103.92.100.0/22 103.132.16.0/23 103.154.27.0/24 103.157.238.0/23 103.161.74.0/23 103.173.170.0/23 124.40.244.0/22 IPv6: 2400:c2a0::/32 2404:1f00::/32 Signature Algorithm: sha256WithRSAEncryption b6:a2:5a:c6:14:a5:b9:a2:07:37:20:f8:53:5a:e5:76:1e:73: c5:8e:93:0e:3f:8f:0d:b5:3d:5b:09:16:fd:e3:5e:29:9e:0d: e0:9a:71:b5:ca:f7:2d:18:31:18:17:d5:37:d7:6c:6b:bf:1c: 0e:83:7a:1a:8d:7b:77:b2:81:17:ea:4b:b8:66:ed:54:74:a7: d7:cd:06:35:e0:71:50:11:25:44:ed:c2:12:33:1a:53:32:52: 5c:30:f5:87:36:24:5f:5c:02:17:03:b6:5d:ab:3e:15:0d:10: 8e:d1:ce:a9:4f:e4:c2:a6:f5:c0:5a:0f:54:da:f5:ea:d0:95: 45:f5:e8:b1:d6:aa:b4:a8:78:c1:0c:15:87:a2:a9:53:a9:b9: d4:7f:6e:b5:fd:fc:fd:55:dc:d5:30:5e:00:59:1e:cd:10:70: 91:16:e2:3f:c9:e5:a6:67:f1:6a:3f:e3:33:86:17:96:df:1e: 99:51:33:f7:62:ec:dd:5a:e8:26:96:69:57:9c:1a:87:02:a9: d8:49:b3:fc:0c:16:47:24:ec:0f:5d:41:a7:15:36:98:3b:a8: d2:36:0d:dc:f1:85:ba:fe:6c:56:08:53:9a:be:c5:c4:ca:ed: 36:ed:aa:1a:ab:6b:f6:23:47:60:c8:11:88:21:5f:88:67:58: bf:33:84:65 -----BEGIN CERTIFICATE----- MIIF0DCCBLigAwIBAgIDAJELMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE2MzAzMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGE5YTctNTI1YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANn7VuWjM8Genh8uFRY2I7QTDPMTurPh3co6DIxJ1dqMvNdRxPoluZdoEwsM qGRrsnzYGJdrBSypz+tHFJ3tAz5LYPrRV4NN1R6wKuVXsZkE+XdCHlzUnMCt2Bkm mB1J85V2XUKbQN9JlmLWvvTVJ99JukyAdg8zxRDGFBhcMynM1ydIiksyjwCGuVER 2IfzIcdL9Gx9r1H8upcgY23PNNfx2EoojP8rrhTFeURGLUW4rCixb5qqqG4HTkpX a+yrppLqMuayYQptNvaqTmzdD0zcBULYDbEmyG1t6RDYKKl8LU3bbE3j56F7J6s3 FMhJ0lrOfhR/gkmfC6lG5huxYrECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSp790P BRhr6zH87J+8z6O0HmjHgzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzdCNTk5NDMy NTkwQzExRUU5ODg0NDA3NkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMH0GCCsGAQUFBwEHAQH/ BG4wbDBUBAIAATBOAwQCK/ecAwQCZwWEAwQBZyd+AwQCZ1dcAwQCZ1eAAwQCZ1u0 AwQCZ1xkAwQBZ4QQAwQAZ5obAwQBZ53uAwQBZ6FKAwQBZ62qAwQCfCj0MBQEAgAC MA4DBQAkAMKgAwUAJAQfADANBgkqhkiG9w0BAQsFAAOCAQEAtqJaxhSluaIHNyD4 U1rldh5zxY6TDj+PDbU9WwkW/eNeKZ4N4Jpxtcr3LRgxGBfVN9dsa78cDoN6Go17 d7KBF+pLuGbtVHSn180GNeBxUBElRO3CEjMaUzJSXDD1hzYkX1wCFwO2Xas+FQ0Q jtHOqU/kwqb1wFoPVNr16tCVRfXosdaqtKh4wQwVh6KpU6m51H9utf38/VXc1TBe AFkezRBwkRbiP8nlpmfxaj/jM4YXlt8emVEz92Ls3VroJpZpV5wahwKp2Emz/AwW RyTsD11BpxU2mDuo0jYN3PGFuv5sVghTmr7FxMrtNu2qGqtr9iNHYMgRiCFfiGdY vzOEZQ== -----END CERTIFICATE-----Generated at Fri Nov 22 11:47:51 2024 by rpki-client on console-ams.rpki-client.org