$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0091708C0D4E11EC8DDD243AC4F9AE02.roa File: 0091708C0D4E11EC8DDD243AC4F9AE02.roa (raw, json) Hash identifier: QWgAM3T07w9lwFqKOlrJDod6UH7JovPxAbH1c8h2fME= Subject key identifier: F4:82:89:F7:2B:EF:1C:AF:A0:47:9F:E9:7D:CC:2D:06:D2:6E:73:12 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6BEF Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0091708C0D4E11EC8DDD243AC4F9AE02.roa Signing time: Wed 10 May 2023 16:22:06 +0000 ROA not before: Wed 10 May 2023 16:22:06 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 135750 IP address blocks: 103.127.140.0/22 maxlen: 24 103.208.56.0/22 maxlen: 24 103.208.60.0/22 maxlen: 24 103.208.104.0/22 maxlen: 24 103.208.108.0/22 maxlen: 24 103.208.144.0/22 maxlen: 24 103.208.156.0/22 maxlen: 24 103.208.172.0/22 maxlen: 24 103.208.236.0/22 maxlen: 24 103.208.240.0/22 maxlen: 24 103.210.80.0/22 maxlen: 24 103.210.88.0/22 maxlen: 24 103.210.92.0/22 maxlen: 24 103.210.100.0/22 maxlen: 24 2406:cec0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27631 (0x6bef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:22:06 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc4ae-b26d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:23:08:2c:c9:b6:56:22:05:38:ed:10:f9:78: 55:0b:9b:2c:07:19:a9:23:20:91:49:5d:71:5e:5d: db:b1:6d:1b:e1:6c:2f:a2:03:77:76:43:2e:bb:ef: 90:f8:8a:1b:4c:53:50:4a:0d:65:ee:80:b0:19:b3: 44:bc:9a:ab:84:6a:53:05:b4:71:ae:2a:05:93:1c: cf:12:66:4f:57:f8:c7:99:96:90:dc:6a:ca:75:c6: 6d:7a:80:b1:31:b0:8e:4d:bb:16:84:83:b5:14:8d: b4:da:43:f2:40:f8:e8:81:d2:be:b2:37:3c:71:43: 2a:4c:4c:6a:01:21:04:7d:0f:5e:5f:e5:db:52:c9: af:a6:17:c9:bd:43:be:5c:fb:c4:5f:dc:a7:07:67: 49:0b:aa:10:3d:11:07:af:66:d9:7c:7f:23:4f:93: 86:4d:cd:a9:20:e7:16:e2:a6:e5:a9:a6:7e:c7:e0: fa:1d:c5:52:64:f0:66:bf:94:68:f4:af:4c:97:b0: db:90:7c:a4:43:cf:40:98:37:a8:76:d9:48:af:c8: 31:4e:c0:68:76:aa:40:e7:9b:5a:96:9e:de:d3:ff: 9a:9f:69:09:82:01:2d:84:12:3e:5d:19:e7:97:1d: 00:ce:ba:30:75:df:44:85:2f:89:9a:58:6d:a3:b1: 77:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:82:89:F7:2B:EF:1C:AF:A0:47:9F:E9:7D:CC:2D:06:D2:6E:73:12 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0091708C0D4E11EC8DDD243AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.127.140.0/22 103.208.56.0/21 103.208.104.0/21 103.208.144.0/22 103.208.156.0/22 103.208.172.0/22 103.208.236.0-103.208.243.255 103.210.80.0/22 103.210.88.0/21 103.210.100.0/22 IPv6: 2406:cec0::/32 Signature Algorithm: sha256WithRSAEncryption 93:a7:22:30:56:dc:4e:8a:45:4b:bd:4f:31:80:86:6f:98:85: d4:d3:6d:c6:af:71:7f:40:a5:cd:ca:07:cc:d5:0f:63:8a:00: 9d:3f:d3:75:28:aa:2e:2f:b7:70:c0:d4:5c:0b:74:41:e1:19: 10:e0:81:cb:5f:19:69:f1:22:19:2e:f6:52:7e:49:0b:dd:73: 51:5e:b7:01:6c:b7:d4:b5:93:2f:ad:fe:7e:dd:c5:82:11:d8: 9b:c6:b6:7a:89:eb:41:c5:2b:38:e5:63:20:9c:7c:8a:09:92: f1:ba:5d:65:be:b2:e3:39:32:18:72:b8:c8:f4:bf:45:fe:d6: f7:c1:58:1e:55:6d:be:8c:5f:81:76:6a:0e:41:9e:c2:73:5c: 7d:70:2e:c0:ae:a5:42:ba:b3:46:20:91:49:fe:4d:af:80:fb: bf:58:2b:73:61:44:24:a3:16:58:0f:fe:62:ea:60:8f:a2:b9: e6:9f:2e:f3:6c:59:b3:d1:75:fd:a0:ba:5d:7e:c2:24:7a:c9: 03:55:68:1a:22:e8:78:04:50:04:0b:67:4b:1f:cb:5a:d7:17: 45:4b:30:3e:ec:86:17:aa:27:0e:b8:b9:68:88:e8:75:df:38: 16:1f:06:af:57:97:d3:d1:0d:0d:a7:02:ef:33:9f:e5:ad:2f: fc:ab:88:75 -----BEGIN CERTIFICATE----- MIIFvjCCBKagAwIBAgICa+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYyMjA2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzRhZS1iMjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnCMILMm2ViIFOO0Q+XhVC5ssBxmpIyCRSV1xXl3bsW0b4WwvogN3dkMuu++Q +IobTFNQSg1l7oCwGbNEvJqrhGpTBbRxrioFkxzPEmZPV/jHmZaQ3GrKdcZteoCx MbCOTbsWhIO1FI202kPyQPjogdK+sjc8cUMqTExqASEEfQ9eX+XbUsmvphfJvUO+ XPvEX9ynB2dJC6oQPREHr2bZfH8jT5OGTc2pIOcW4qblqaZ+x+D6HcVSZPBmv5Ro 9K9Ml7DbkHykQ89AmDeodtlIr8gxTsBodqpA55talp7e0/+an2kJggEthBI+XRnn lx0Azrowdd9EhS+Jmlhto7F3YwIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFPSCifcr 7xyvoEef6X3MLQbSbnMSMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDA5MTcwOEMw RDRFMTFFQzhEREQyNDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E XTBbMEoEAgABMEQDBAJnf4wDBANn0DgDBANn0GgDBAJn0JADBAJn0JwDBAJn0Kww DAMEAmfQ7AMEAmfQ8AMEAmfSUAMEA2fSWAMEAmfSZDANBAIAAjAHAwUAJAbOwDAN BgkqhkiG9w0BAQsFAAOCAQEAk6ciMFbcTopFS71PMYCGb5iF1NNtxq9xf0ClzcoH zNUPY4oAnT/TdSiqLi+3cMDUXAt0QeEZEOCBy18ZafEiGS72Un5JC91zUV63AWy3 1LWTL63+ft3FghHYm8a2eonrQcUrOOVjIJx8igmS8bpdZb6y4zkyGHK4yPS/Rf7W 98FYHlVtvoxfgXZqDkGewnNcfXAuwK6lQrqzRiCRSf5Nr4D7v1grc2FEJKMWWA/+ Yupgj6K55p8u82xZs9F1/aC6XX7CJHrJA1VoGiLoeARQBAtnSx/LWtcXRUswPuyG F6onDri5aIjodd84Fh8Gr1eX09ENDacC7zOf5a0v/KuIdQ== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:25 2024 by rpki-client on console-ams.rpki-client.org