$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D617A656A0A311ED88BE5C6BC4F9AE02.roa File: D617A656A0A311ED88BE5C6BC4F9AE02.roa (raw, json) Hash identifier: I8YYtCdvDODBPIjkc2SC/lehTWsYrzP4Cz4k14Gjjjw= Subject key identifier: 2B:0A:EB:24:E7:4E:62:EA:59:3B:1B:99:DC:35:7F:3E:A0:66:C5:74 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8DD1 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D617A656A0A311ED88BE5C6BC4F9AE02.roa Signing time: Thu 30 May 2024 16:17:11 +0000 ROA not before: Thu 30 May 2024 16:17:11 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 141854 IP address blocks: 103.156.206.0/23 maxlen: 24 2001:df1:a140::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36305 (0x8dd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: May 30 16:17:11 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a686-ea33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:22:4f:a2:54:04:a5:30:9e:fb:04:4d:b0:b6: a6:3a:52:83:12:c9:28:47:c0:37:65:f9:93:71:a5: 20:86:46:d9:de:f0:2a:51:86:1f:ed:5f:2d:7a:ed: c9:ad:f0:da:fd:cd:4a:41:b2:77:79:e4:32:19:2e: 1a:cc:42:8a:ba:2e:4a:9f:99:e6:20:b3:df:9d:c2: d5:2c:f4:cc:a4:bf:7a:6b:7a:3b:3a:61:c0:fc:8e: 4d:70:81:96:7a:60:2f:d3:74:8e:9a:8a:bc:e0:d0: 77:a1:55:12:35:02:55:07:4f:7c:f1:b7:d6:32:cc: ac:9a:2e:0f:77:0d:6e:7d:49:94:2f:53:96:5d:d2: b4:a3:1a:98:d2:a7:2c:5f:be:72:41:69:58:46:bd: 98:5e:cc:17:0e:9d:85:bf:d0:04:52:1a:b2:6e:a2: dd:1b:2b:c1:28:40:d3:42:26:dd:37:38:9b:fe:a0: fd:42:0d:60:e0:9a:04:67:64:88:31:df:d6:d8:e8: 9f:54:00:d8:d4:b1:09:a2:44:bb:d7:2a:3a:8e:b5: 37:3c:11:22:33:97:de:49:1c:77:9a:4a:52:e3:2c: ec:c7:7e:8b:8c:04:67:6a:c7:ca:f2:a6:7f:ac:96: 20:1f:d2:80:fa:7f:66:b1:7d:79:32:60:72:0b:fc: 00:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:0A:EB:24:E7:4E:62:EA:59:3B:1B:99:DC:35:7F:3E:A0:66:C5:74 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D617A656A0A311ED88BE5C6BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.156.206.0/23 IPv6: 2001:df1:a140::/48 Signature Algorithm: sha256WithRSAEncryption 22:e5:57:46:c7:f8:7a:6c:ec:2b:74:62:32:3d:66:ce:79:72: fa:49:3f:8b:4f:d2:97:0a:6b:f8:34:39:0f:ea:b9:ab:ea:bc: ef:17:cf:be:a9:7f:3f:05:23:7e:28:53:84:4e:11:9b:a1:ee: ad:be:49:e9:cf:b5:37:5d:c1:c0:78:94:85:98:48:b1:7e:60: 85:e6:8b:be:44:9c:1f:7d:1f:3f:2f:34:3b:cf:b9:82:f5:82: b0:a6:0b:02:b9:88:1c:4f:bb:c6:aa:9e:35:96:66:b7:84:2c: 28:fd:8d:9d:46:86:9d:32:e7:be:ac:5e:74:df:99:8c:45:e0: 7e:18:f2:9c:44:4a:b2:6f:dd:3a:13:6e:6a:63:a0:57:8d:84: e7:55:c7:7e:f2:dd:31:eb:29:16:60:2f:22:b2:0d:69:ef:13: 64:a3:25:41:47:d9:1a:13:47:e5:4e:1a:25:ef:56:a6:18:e1: ae:d2:a3:fa:85:0e:cf:f6:0b:15:81:b2:4e:7a:60:89:4f:72: d8:14:bf:ad:de:1c:cb:54:a9:1d:81:2e:6a:a0:39:d7:f6:fb: 0b:19:ff:ba:dc:4c:46:5c:e8:12:e8:dc:a3:49:16:64:ba:eb: 17:84:19:c8:8a:a6:1e:ac:b4:70:12:aa:1d:f7:15:67:ee:89: 2a:69:93:14 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIDAI3RMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE2MTcxMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGE2ODYtZWEzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALIiT6JUBKUwnvsETbC2pjpSgxLJKEfAN2X5k3GlIIZG2d7wKlGGH+1fLXrt ya3w2v3NSkGyd3nkMhkuGsxCirouSp+Z5iCz353C1Sz0zKS/emt6OzphwPyOTXCB lnpgL9N0jpqKvODQd6FVEjUCVQdPfPG31jLMrJouD3cNbn1JlC9Tll3StKMamNKn LF++ckFpWEa9mF7MFw6dhb/QBFIasm6i3RsrwShA00Im3Tc4m/6g/UINYOCaBGdk iDHf1tjon1QA2NSxCaJEu9cqOo61NzwRIjOX3kkcd5pKUuMs7Md+i4wEZ2rHyvKm f6yWIB/SgPp/ZrF9eTJgcgv8AH0CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQrCusk 505i6lk7G5ncNX8+oGbFdDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Q2MTdBNjU2 QTBBMzExRUQ4OEJFNUM2QkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/ BCEwHzAMBAIAATAGAwQBZ5zOMA8EAgACMAkDBwAgAQ3xoUAwDQYJKoZIhvcNAQEL BQADggEBACLlV0bH+Hps7Ct0YjI9Zs55cvpJP4tP0pcKa/g0OQ/quavqvO8Xz76p fz8FI34oU4ROEZuh7q2+SenPtTddwcB4lIWYSLF+YIXmi75EnB99Hz8vNDvPuYL1 grCmCwK5iBxPu8aqnjWWZreELCj9jZ1Ghp0y576sXnTfmYxF4H4Y8pxESrJv3ToT bmpjoFeNhOdVx37y3THrKRZgLyKyDWnvE2SjJUFH2RoTR+VOGiXvVqYY4a7So/qF Ds/2CxWBsk56YIlPctgUv63eHMtUqR2BLmqgOdf2+wsZ/7rcTEZc6BLo3KNJFmS6 6xeEGciKph6stHASqh33FWfuiSppkxQ= -----END CERTIFICATE-----Generated at Sun Feb 16 20:32:33 2025 by rpki-client