$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9D98329438D511EEA0554A33C4F9AE02.roa File: 9D98329438D511EEA0554A33C4F9AE02.roa (raw, json) Hash identifier: 6GBac1WRsWKB4FX9R//rLkXTqTvjuFrfg9dZ3nP2ny0= Subject key identifier: EE:7B:51:B9:AE:78:ED:CD:7F:6F:2B:E2:16:AA:42:EF:55:A2:7B:C1 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8A0B Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9D98329438D511EEA0554A33C4F9AE02.roa Signing time: Thu 30 May 2024 16:01:23 +0000 ROA not before: Thu 30 May 2024 16:01:23 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 135183 IP address blocks: 103.83.248.0/22 maxlen: 24 103.217.88.0/22 maxlen: 24 2001:df2:1fc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35339 (0x8a0b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 30 16:01:23 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a2d3-a1a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:0b:d5:2f:6e:24:94:e6:9a:74:aa:44:28:13: 0e:d8:7a:a5:4e:6a:27:55:e9:3a:da:c0:cf:75:ee: 9b:5d:1a:63:9c:17:5a:42:78:de:36:08:45:3e:f9: 33:94:2c:14:45:73:ea:a8:6b:36:27:f6:57:fd:ee: 05:a0:ee:fc:4e:a2:80:9c:fd:a7:81:10:11:2d:aa: fd:63:25:49:ab:11:3e:e5:c7:72:69:e2:28:9f:38: e5:68:5c:92:13:12:8a:19:b6:ae:ef:97:80:3e:56: e5:82:65:a4:62:c4:fb:19:fd:90:da:11:25:7f:d2: 62:3a:11:f0:9e:a5:67:42:66:cd:7d:f6:e2:89:d6: ca:66:b8:dc:8c:13:48:a2:f3:6a:d4:61:3b:9a:d8: e6:7c:51:56:c7:ad:31:36:81:78:36:9e:39:56:e9: ac:a3:6b:68:98:8e:35:30:cc:39:dd:36:2f:78:1e: fe:60:d4:db:81:b4:04:6e:ac:8f:dd:e6:75:e7:1e: ac:34:1f:eb:37:be:6e:dc:ed:f4:09:83:95:dd:37: 1e:cb:c9:e2:3e:a4:a0:c8:99:bb:f9:df:39:98:21: 6b:ab:77:3c:87:d2:84:41:b4:56:5d:34:f6:1e:da: af:86:5d:4e:57:99:ec:37:8c:2e:20:1f:6c:c8:5b: f9:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:7B:51:B9:AE:78:ED:CD:7F:6F:2B:E2:16:AA:42:EF:55:A2:7B:C1 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9D98329438D511EEA0554A33C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.83.248.0/22 103.217.88.0/22 IPv6: 2001:df2:1fc0::/48 Signature Algorithm: sha256WithRSAEncryption 4f:0d:a7:ad:b7:87:80:8f:2f:d5:46:bb:30:d2:84:c2:7e:87: 57:4c:79:1d:8f:06:60:44:6f:51:92:43:f1:c2:e2:dd:2c:90: 70:7b:6b:8f:90:28:4b:83:a3:b0:0f:4a:39:24:96:4e:58:8a: ae:ed:0b:53:6e:3e:d9:a3:76:90:7e:f3:6b:75:0b:42:c6:19: fd:7e:e9:77:28:df:05:06:a4:a7:fd:ce:73:44:a1:37:91:ed: 87:79:7d:31:a4:5b:fb:59:f7:68:af:91:00:31:ed:85:ef:9c: d9:eb:f7:a5:9e:8b:89:37:c2:33:b4:81:51:90:1e:8c:65:6c: 84:96:fb:0b:5a:a7:37:09:4c:49:5c:9f:b1:ef:a7:6b:44:2a: 96:81:df:3b:c4:0f:30:72:36:c3:77:d1:1d:60:e4:e2:57:58: 7e:c2:22:d7:57:b3:3d:e7:7b:1b:17:66:b7:49:bc:df:f4:3e: 7c:61:63:2a:52:a2:97:82:b1:4d:73:b8:52:d1:5c:70:d3:94: 88:f0:93:90:21:a9:b6:62:d1:2d:07:8d:b8:ac:93:bd:c5:29: 78:63:77:b6:fb:b8:7a:21:92:ea:5f:5d:66:25:31:7c:2d:9b: 86:f0:43:68:71:bd:b9:cf:e2:18:38:ce:f2:17:ef:8d:dc:24: 17:57:81:77 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIDAIoLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE2MDEyM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGEyZDMtYTFhMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQL1S9uJJTmmnSqRCgTDth6pU5qJ1XpOtrAz3Xum10aY5wXWkJ43jYIRT75 M5QsFEVz6qhrNif2V/3uBaDu/E6igJz9p4EQES2q/WMlSasRPuXHcmniKJ845Whc khMSihm2ru+XgD5W5YJlpGLE+xn9kNoRJX/SYjoR8J6lZ0JmzX324onWyma43IwT SKLzatRhO5rY5nxRVsetMTaBeDaeOVbprKNraJiONTDMOd02L3ge/mDU24G0BG6s j93mdecerDQf6ze+btzt9AmDld03HsvJ4j6koMiZu/nfOZgha6t3PIfShEG0Vl00 9h7ar4ZdTleZ7DeMLiAfbMhb+RcCAwEAAaOCAqwwggKoMB0GA1UdDgQWBBTue1G5 rnjtzX9vK+IWqkLvVaJ7wTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlEOTgzMjk0 MzhENTExRUVBMDU1NEEzM0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDYGCCsGAQUFBwEHAQH/ BCcwJTASBAIAATAMAwQCZ1P4AwQCZ9lYMA8EAgACMAkDBwAgAQ3yH8AwDQYJKoZI hvcNAQELBQADggEBAE8Np623h4CPL9VGuzDShMJ+h1dMeR2PBmBEb1GSQ/HC4t0s kHB7a4+QKEuDo7APSjkklk5Yiq7tC1NuPtmjdpB+82t1C0LGGf1+6Xco3wUGpKf9 znNEoTeR7Yd5fTGkW/tZ92ivkQAx7YXvnNnr96Wei4k3wjO0gVGQHoxlbISW+wta pzcJTElcn7Hvp2tEKpaB3zvEDzByNsN30R1g5OJXWH7CItdXsz3nexsXZrdJvN/0 PnxhYypSopeCsU1zuFLRXHDTlIjwk5AhqbZi0S0Hjbisk73FKXhjd7b7uHohkupf XWYlMXwtm4bwQ2hxvbnP4hg4zvIX743cJBdXgXc= -----END CERTIFICATE-----Generated at Fri Nov 22 11:47:56 2024 by rpki-client on console-ams.rpki-client.org