$ rpki-client -vvf rpki.apnic.net/member_repository/A91F018E/FA568E5E9E1511E99015364AC4F9AE02/7214B0AA9E1711E9B3710950C4F9AE02.roa File: 7214B0AA9E1711E9B3710950C4F9AE02.roa (raw, json) Hash identifier: HKMv6lMzUEnj1OeWCUm5Usk6S8rbshVmXllyOLilxZk= Subject key identifier: 65:22:7D:8A:FC:A9:B4:79:B9:1F:62:65:EA:D6:8F:04:E5:98:59:39 Certificate issuer: /CN=A91F018E/serialNumber=D3038BA4490EA815ADB09F1A38658BCD8B17F482 Certificate serial: 0D73 Authority key identifier: D3:03:8B:A4:49:0E:A8:15:AD:B0:9F:1A:38:65:8B:CD:8B:17:F4:82 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0wOLpEkOqBWtsJ8aOGWLzYsX9II.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F018E/FA568E5E9E1511E99015364AC4F9AE02/7214B0AA9E1711E9B3710950C4F9AE02.roa Signing time: Fri 22 Mar 2024 18:26:44 +0000 ROA not before: Fri 22 Mar 2024 18:26:44 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 132688 IP address blocks: 103.18.0.0/22 maxlen: 22 103.18.0.0/24 maxlen: 24 103.18.1.0/24 maxlen: 24 103.18.2.0/24 maxlen: 24 103.18.3.0/24 maxlen: 24 2001:df3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F018E/FA568E5E9E1511E99015364AC4F9AE02/0wOLpEkOqBWtsJ8aOGWLzYsX9II.crl rsync://rpki.apnic.net/member_repository/A91F018E/FA568E5E9E1511E99015364AC4F9AE02/0wOLpEkOqBWtsJ8aOGWLzYsX9II.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0wOLpEkOqBWtsJ8aOGWLzYsX9II.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:46:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3443 (0xd73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F018E/serialNumber=D3038BA4490EA815ADB09F1A38658BCD8B17F482 Validity Not Before: Mar 22 18:26:44 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=65fdcd63-5ced Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:63:0c:3f:08:2f:c3:23:ef:72:91:5e:37:06: d2:ff:ae:8a:05:84:6c:06:30:f0:7e:21:2b:e9:b2: 77:b2:12:59:a8:a6:03:22:4f:e0:2a:e6:da:e9:d8: 32:4f:5f:36:73:46:64:6b:e0:f3:d0:86:00:90:25: 5f:53:b5:3d:05:66:60:60:14:37:53:c9:8b:46:99: dd:00:20:d5:3f:88:18:35:06:c0:92:53:b6:78:50: 24:af:bd:97:b8:31:a9:bb:3e:8a:b9:8f:d9:58:e6: 3f:b7:f4:ae:31:20:5b:b4:7d:4f:1c:48:08:cc:02: 84:82:98:ff:b3:c9:38:ad:f4:ed:e2:07:3c:7b:b3: 44:04:3e:f9:c1:91:34:96:5a:f8:c4:a2:a9:72:cb: 0b:8e:c4:41:9d:af:54:cb:0a:d6:c5:07:a7:b6:7d: 09:fc:87:23:64:a3:e2:92:94:02:76:36:22:d6:b9: 9e:56:8f:72:ab:90:5d:5c:f4:b1:f6:9b:d3:e2:11: bb:ae:48:de:2b:0d:62:57:bb:c0:bd:5b:b4:27:38: 6c:c0:c7:81:5f:e5:c8:97:18:dd:0f:83:1a:0d:08: 2a:6c:dd:34:a6:c8:dd:c7:3e:d2:90:b4:be:2c:99: 94:4e:86:88:b9:21:0c:13:9a:0a:35:60:29:3b:15: 1d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:22:7D:8A:FC:A9:B4:79:B9:1F:62:65:EA:D6:8F:04:E5:98:59:39 X509v3 Authority Key Identifier: keyid:D3:03:8B:A4:49:0E:A8:15:AD:B0:9F:1A:38:65:8B:CD:8B:17:F4:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F018E/FA568E5E9E1511E99015364AC4F9AE02/0wOLpEkOqBWtsJ8aOGWLzYsX9II.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0wOLpEkOqBWtsJ8aOGWLzYsX9II.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F018E/FA568E5E9E1511E99015364AC4F9AE02/7214B0AA9E1711E9B3710950C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.18.0.0/22 IPv6: 2001:df3::/48 Signature Algorithm: sha256WithRSAEncryption 41:57:c5:2e:57:b3:38:57:56:82:0d:40:f9:8a:38:45:06:4f: c2:9a:48:f9:24:14:50:8e:53:d0:da:84:b8:0f:fa:aa:d5:a7: c7:5b:b4:9b:05:e4:74:b9:84:51:b6:90:a2:45:98:10:b4:cf: 6c:f8:6b:be:a7:de:c1:6b:57:68:a4:56:33:65:18:ce:66:45: 40:6e:82:b6:16:76:a6:b8:05:0d:71:7b:e1:60:d7:0d:ea:c4: f5:8b:98:41:ac:c4:29:ff:da:e4:31:fc:7c:00:4e:1c:a2:fa: dd:d2:b1:4a:75:98:de:b0:0b:7c:b6:7d:e2:96:aa:3e:5c:b3: f2:0b:fd:71:42:33:1b:6c:5d:86:92:66:69:0e:54:9b:51:ec: da:34:dc:77:7f:e5:23:48:72:9c:08:41:7d:41:fb:90:cc:24: cd:79:91:f4:0a:7e:dc:52:7c:04:97:a7:b7:55:cb:f9:56:10: 95:6d:28:65:6f:ef:dc:8e:54:1b:f0:fa:71:f5:59:4b:45:e1: 14:71:9b:db:de:72:ff:a9:d7:af:06:8c:58:ad:dd:7e:dc:d3: 36:5b:68:1e:e8:b2:2b:b4:e2:40:9f:a1:69:db:d6:35:90:b7: 05:cc:4d:fb:39:13:b5:b1:dd:fd:43:b5:83:1a:20:29:4a:8c: 9d:22:9b:47 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICDXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjAxOEUxMTAvBgNVBAUTKEQzMDM4QkE0NDkwRUE4MTVBREIwOUYxQTM4NjU4QkNE OEIxN0Y0ODIwHhcNMjQwMzIyMTgyNjQ0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NWZkY2Q2My01Y2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA02MMPwgvwyPvcpFeNwbS/66KBYRsBjDwfiEr6bJ3shJZqKYDIk/gKuba6dgy T182c0Zka+Dz0IYAkCVfU7U9BWZgYBQ3U8mLRpndACDVP4gYNQbAklO2eFAkr72X uDGpuz6KuY/ZWOY/t/SuMSBbtH1PHEgIzAKEgpj/s8k4rfTt4gc8e7NEBD75wZE0 llr4xKKpcssLjsRBna9UywrWxQentn0J/IcjZKPikpQCdjYi1rmeVo9yq5BdXPSx 9pvT4hG7rkjeKw1iV7vAvVu0JzhswMeBX+XIlxjdD4MaDQgqbN00psjdxz7SkLS+ LJmUToaIuSEME5oKNWApOxUdUQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGUifYr8 qbR5uR9iZerWjwTlmFk5MB8GA1UdIwQYMBaAFNMDi6RJDqgVrbCfGjhli82LF/SC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDE4RS9GQTU2OEU1RTlF MTUxMUU5OTAxNTM2NEFDNEY5QUUwMi8wd09McEVrT3FCV3RzSjhhT0dXTHpZc1g5 SUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzB3T0xwRWtPcUJXdHNKOGFPR1dMellzWDlJSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjAxOEUvRkE1NjhFNUU5RTE1MTFFOTkwMTUzNjRBQzRGOUFFMDIvNzIxNEIwQUE5 RTE3MTFFOUIzNzEwOTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAJnEgAwDwQCAAIwCQMHACABDfMAADANBgkqhkiG9w0BAQsF AAOCAQEAQVfFLlezOFdWgg1A+Yo4RQZPwppI+SQUUI5T0NqEuA/6qtWnx1u0mwXk dLmEUbaQokWYELTPbPhrvqfewWtXaKRWM2UYzmZFQG6CthZ2prgFDXF74WDXDerE 9YuYQazEKf/a5DH8fABOHKL63dKxSnWY3rALfLZ94paqPlyz8gv9cUIzG2xdhpJm aQ5Um1Hs2jTcd3/lI0hynAhBfUH7kMwkzXmR9Ap+3FJ8BJent1XL+VYQlW0oZW/v 3I5UG/D6cfVZS0XhFHGb295y/6nXrwaMWK3dftzTNltoHuiyK7TiQJ+hadvWNZC3 BcxN+zkTtbHd/UO1gxogKUqMnSKbRw== -----END CERTIFICATE-----Generated at Fri Nov 22 19:45:05 2024 by rpki-client on console-fra.rpki-client.org