$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EA9D97665BD511EC9B98994EC4F9AE02.roa File: EA9D97665BD511EC9B98994EC4F9AE02.roa (raw, json) Hash identifier: hQ+WD2i3Gn3x0jlu5ad2R+78npbgWGGv20+kswifOh0= Subject key identifier: 11:7B:84:74:AF:F7:56:90:5A:3F:6A:BB:6E:BC:7E:91:91:4F:49:FC Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8E8E Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EA9D97665BD511EC9B98994EC4F9AE02.roa Signing time: Thu 30 May 2024 16:20:11 +0000 ROA not before: Thu 30 May 2024 16:20:10 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 147221 IP address blocks: 103.31.40.0/23 maxlen: 24 103.176.134.0/23 maxlen: 24 2001:df3:b1c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36494 (0x8e8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 30 16:20:10 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a73a-9914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:3c:11:d5:5e:8d:b7:82:d8:02:b0:ae:2b:99: ca:64:b3:1d:c8:ff:87:e1:a8:21:74:8a:51:33:8d: 8e:f7:15:8d:24:db:7e:99:54:eb:e2:5c:c2:1e:81: f1:2b:4a:63:4e:c5:84:c0:6e:12:30:a8:03:15:96: e2:9e:3f:13:77:d0:ae:5c:fe:4c:06:34:c5:9c:d6: cc:cb:32:1d:01:da:b6:81:81:ed:68:e9:d6:c0:81: ee:94:c6:df:5e:e1:dc:94:a7:69:15:7c:99:16:4d: bc:a8:cc:dc:b0:dd:21:d3:a0:2d:e6:3c:dc:55:d2: ad:08:db:3c:81:f4:5d:4e:89:6f:86:a4:03:b0:bd: 1b:cb:c2:87:16:3a:89:8c:ba:05:92:28:2f:21:99: b3:8e:52:95:5d:e5:d1:c8:7f:3c:c8:b1:bb:68:da: 38:d6:30:ca:5f:75:f8:a1:6c:78:32:84:2d:a1:48: 91:ad:8f:f9:e5:7c:15:1d:f6:db:b1:33:45:35:2c: bb:8a:1d:88:e4:f6:b4:72:d8:5c:d8:0a:f4:46:30: 56:89:69:c1:46:d6:26:de:41:42:ae:ba:f8:69:42: 91:99:a3:0c:85:59:75:89:d0:07:bd:1e:64:b4:14: 18:09:38:ae:ff:fd:e9:09:b8:e5:31:0a:0f:67:d7: af:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:7B:84:74:AF:F7:56:90:5A:3F:6A:BB:6E:BC:7E:91:91:4F:49:FC X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EA9D97665BD511EC9B98994EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.31.40.0/23 103.176.134.0/23 IPv6: 2001:df3:b1c0::/48 Signature Algorithm: sha256WithRSAEncryption 3d:23:aa:95:22:22:c3:32:44:81:a8:97:52:32:a4:78:79:31: f9:fe:4a:a9:bf:58:da:d4:59:67:bb:66:87:13:c1:c9:22:b5: 5c:15:11:c9:d4:bf:45:b0:b7:46:44:52:b9:ff:37:25:00:25: 94:d4:91:cb:51:91:15:04:38:e3:a7:13:33:c7:27:1e:72:14: 2c:24:60:d2:96:c2:43:71:10:ff:a9:f7:4d:d9:44:52:e8:db: 64:8c:70:52:e0:1b:1a:1c:24:ba:7f:8e:d3:36:fd:99:3b:69: 57:e2:c1:ce:2c:81:c9:5a:9e:28:fb:12:77:d8:25:6b:18:7f: f9:1e:13:ec:de:bf:c7:01:34:25:47:fd:22:73:4f:b7:7c:d0: 7b:a9:46:2a:19:0b:59:85:14:59:cc:51:ba:0b:8a:b6:02:dd: 09:de:df:1e:5e:c5:d7:83:96:7d:f6:40:97:53:0a:27:26:a6: c8:59:00:21:93:a0:2f:0a:9a:bc:b7:a5:3e:21:4a:02:59:a7: 1f:e8:d2:5a:8a:8c:1f:2d:c2:e3:9c:1b:55:50:81:37:ed:92: 86:c9:8b:2d:e5:63:2b:c5:b0:06:3f:d8:f8:28:63:23:00:8b: 38:3b:93:af:ca:c9:e8:9f:bd:1c:a7:b2:35:84:89:bb:3d:82: d9:48:86:c0 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIDAI6OMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE2MjAxMFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGE3M2EtOTkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPQ8EdVejbeC2AKwriuZymSzHcj/h+GoIXSKUTONjvcVjSTbfplU6+Jcwh6B 8StKY07FhMBuEjCoAxWW4p4/E3fQrlz+TAY0xZzWzMsyHQHatoGB7Wjp1sCB7pTG 317h3JSnaRV8mRZNvKjM3LDdIdOgLeY83FXSrQjbPIH0XU6Jb4akA7C9G8vChxY6 iYy6BZIoLyGZs45SlV3l0ch/PMixu2jaONYwyl91+KFseDKELaFIka2P+eV8FR32 27EzRTUsu4odiOT2tHLYXNgK9EYwVolpwUbWJt5BQq66+GlCkZmjDIVZdYnQB70e ZLQUGAk4rv/96Qm45TEKD2fXr3MCAwEAAaOCAqwwggKoMB0GA1UdDgQWBBQRe4R0 r/dWkFo/artuvH6RkU9J/DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VBOUQ5NzY2 NUJENTExRUM5Qjk4OTk0RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDYGCCsGAQUFBwEHAQH/ BCcwJTASBAIAATAMAwQBZx8oAwQBZ7CGMA8EAgACMAkDBwAgAQ3zscAwDQYJKoZI hvcNAQELBQADggEBAD0jqpUiIsMyRIGol1IypHh5Mfn+Sqm/WNrUWWe7ZocTwcki tVwVEcnUv0Wwt0ZEUrn/NyUAJZTUkctRkRUEOOOnEzPHJx5yFCwkYNKWwkNxEP+p 903ZRFLo22SMcFLgGxocJLp/jtM2/Zk7aVfiwc4sgclanij7EnfYJWsYf/keE+ze v8cBNCVH/SJzT7d80HupRioZC1mFFFnMUboLirYC3Qne3x5exdeDln32QJdTCicm pshZACGToC8Kmry3pT4hSgJZpx/o0lqKjB8twuOcG1VQgTftkobJiy3lYyvFsAY/ 2PgoYyMAizg7k6/KyeifvRynsjWEibs9gtlIhsA= -----END CERTIFICATE-----Generated at Fri Nov 22 11:48:05 2024 by rpki-client on console-ams.rpki-client.org