$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0089F59461DB11EE98C01930C4F9AE02.roa File: 0089F59461DB11EE98C01930C4F9AE02.roa (raw, json) Hash identifier: /rCEKO/yrrIzE1e3k10j8E9hXU+YHGlRss4/DPLtta0= Subject key identifier: D4:14:55:02:B7:AB:6B:52:85:3C:03:C4:CC:9B:6C:2F:CB:BC:3D:88 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7B0C Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0089F59461DB11EE98C01930C4F9AE02.roa Signing time: Tue 03 Oct 2023 10:56:39 +0000 ROA not before: Tue 03 Oct 2023 10:56:39 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 135268 IP address blocks: 103.120.238.0/24 maxlen: 24 103.120.252.0/24 maxlen: 24 103.120.253.0/24 maxlen: 24 103.120.254.0/24 maxlen: 24 103.120.255.0/24 maxlen: 24 2001:df2:5240::/48 maxlen: 48 2001:df2:5241::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31500 (0x7b0c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Oct 3 10:56:39 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=651bf367-5779 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:01:e8:74:d9:08:6b:17:96:36:c7:f8:ca:a4: 64:3f:93:55:db:34:d0:70:cb:ec:e7:3e:61:0a:2d: 59:79:88:f8:44:4f:66:d3:73:10:6e:ee:8c:37:1b: e1:f0:95:d3:da:76:37:f5:07:9b:b1:2f:75:04:59: ba:23:5d:d5:b4:e6:c0:37:dd:2f:5c:65:16:22:0e: 0a:87:99:3a:b8:08:02:7b:64:55:fa:43:76:f3:49: f6:c8:07:6a:cd:a6:e5:c6:0b:eb:81:f3:5a:79:ef: 3f:1b:ac:3a:39:33:a0:69:33:98:10:da:b8:21:51: 84:de:bd:8d:d7:3a:23:d8:4b:b5:7d:68:6b:ff:87: 61:a8:3d:1e:a9:56:eb:51:3b:5c:3d:ea:a7:ab:39: d8:21:d1:01:85:a5:c9:5f:d4:a5:b5:c4:fa:55:19: 9b:f2:fd:27:86:21:0f:ea:18:4f:06:04:9c:5f:c5: bd:ac:87:42:64:a8:1f:84:9e:05:0d:bc:7f:1f:70: 63:24:df:80:02:73:4c:66:eb:de:52:d4:13:48:7f: 46:db:07:93:f3:08:99:3c:b0:c8:66:7c:a0:96:d3: ae:73:f0:6e:47:51:27:ce:77:69:30:27:b2:73:4d: 1f:d5:62:cd:61:52:e3:95:38:e0:5e:79:7a:5e:d2: f4:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:14:55:02:B7:AB:6B:52:85:3C:03:C4:CC:9B:6C:2F:CB:BC:3D:88 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0089F59461DB11EE98C01930C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.120.238.0/24 103.120.252.0/22 IPv6: 2001:df2:5240::/47 Signature Algorithm: sha256WithRSAEncryption 4f:8c:ad:c2:9f:c8:be:e9:c0:d2:2d:f9:84:74:c6:97:c4:7e: fb:99:2f:8e:ca:58:da:61:7c:59:57:3c:5c:b2:5b:d1:a5:c7: 8a:12:31:a9:89:b9:a3:00:73:b5:fd:2c:36:33:88:56:fa:51: e6:fa:ec:cf:4e:6f:41:47:df:64:1a:74:ca:85:6b:ac:fb:22: 00:cd:3a:62:be:5d:07:e9:b6:f1:ba:2a:32:88:40:b6:ea:c6: c0:78:a1:37:73:03:bc:e5:69:f1:2d:46:ba:17:ce:62:8a:73: 3e:f5:40:03:05:a9:54:44:6e:46:f1:d6:07:ca:33:c7:e5:d4: 46:08:55:9a:d1:2f:90:7c:94:31:c4:95:39:01:6b:82:69:7a: f8:f7:d4:98:81:42:81:0f:f7:56:61:48:9c:57:bf:bb:63:48: 6f:1b:07:05:b7:f3:ae:3d:72:08:8e:1e:fc:f6:28:65:67:d8: 26:81:7d:0f:81:62:d2:c4:f2:8b:93:6b:a5:64:27:db:4b:1d: be:bc:61:03:41:bb:63:f1:3e:53:cf:8a:db:2b:19:14:9f:f5: 6a:3a:18:8d:37:2f:fb:dc:cf:34:5d:20:16:6e:35:b3:d5:50: 2d:b0:65:de:31:2a:36:db:52:5d:34:e6:2c:03:e2:36:8f:fb: 62:d0:39:bc -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICewwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMxMDAzMTA1NjM5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTFiZjM2Ny01Nzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7gHodNkIaxeWNsf4yqRkP5NV2zTQcMvs5z5hCi1ZeYj4RE9m03MQbu6MNxvh 8JXT2nY39QebsS91BFm6I13VtObAN90vXGUWIg4Kh5k6uAgCe2RV+kN280n2yAdq zablxgvrgfNaee8/G6w6OTOgaTOYENq4IVGE3r2N1zoj2Eu1fWhr/4dhqD0eqVbr UTtcPeqnqznYIdEBhaXJX9SltcT6VRmb8v0nhiEP6hhPBgScX8W9rIdCZKgfhJ4F Dbx/H3BjJN+AAnNMZuveUtQTSH9G2weT8wiZPLDIZnygltOuc/BuR1EnzndpMCey c00f1WLNYVLjlTjgXnl6XtL0lQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFNQUVQK3 q2tShTwDxMybbC/LvD2IMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDA4OUY1OTQ2 MURCMTFFRTk4QzAxOTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBABneO4DBAJnePwwDwQCAAIwCQMHASABDfJSQDANBgkqhkiG 9w0BAQsFAAOCAQEAT4ytwp/IvunA0i35hHTGl8R++5kvjspY2mF8WVc8XLJb0aXH ihIxqYm5owBztf0sNjOIVvpR5vrsz05vQUffZBp0yoVrrPsiAM06Yr5dB+m28boq MohAturGwHihN3MDvOVp8S1GuhfOYopzPvVAAwWpVERuRvHWB8ozx+XURghVmtEv kHyUMcSVOQFrgml6+PfUmIFCgQ/3VmFInFe/u2NIbxsHBbfzrj1yCI4e/PYoZWfY JoF9D4Fi0sTyi5NrpWQn20sdvrxhA0G7Y/E+U8+K2ysZFJ/1ajoYjTcv+9zPNF0g Fm41s9VQLbBl3jEqNttSXTTmLAPiNo/7YtA5vA== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:25 2024 by rpki-client on console-ams.rpki-client.org