$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0DE4F9128A8311EDA0709B2AC4F9AE02.roa File: 0DE4F9128A8311EDA0709B2AC4F9AE02.roa (raw, json) Hash identifier: wrCKBpqj8J2A4IwGF8Tna9O+yznTk3CjrWg1ObzomIc= Subject key identifier: 6F:69:FD:1C:30:ED:FA:A8:D6:99:2C:BA:2A:73:67:D2:6D:9C:C7:A2 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7EE4 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0DE4F9128A8311EDA0709B2AC4F9AE02.roa Signing time: Tue 28 Nov 2023 07:04:45 +0000 ROA not before: Tue 28 Nov 2023 07:04:45 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 134330 IP address blocks: 103.118.157.0/24 maxlen: 24 103.133.38.0/24 maxlen: 24 103.155.147.0/24 maxlen: 24 2001:df1:5340::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32484 (0x7ee4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Nov 28 07:04:45 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=6565910c-35c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:52:4b:58:62:89:3d:e9:48:12:30:2c:6a:95: 3d:fb:e4:10:96:ef:14:e2:4b:55:f8:ff:14:5f:ed: 2f:40:b9:b2:da:40:f5:53:20:31:5f:2a:e0:27:76: ac:f6:29:f4:17:64:41:32:d5:8d:3d:c5:10:85:c9: c2:f2:4c:85:67:ad:14:19:29:fc:87:b0:c4:6f:3c: be:02:23:ba:7b:d3:05:e2:7a:32:af:5d:73:d6:5e: b6:a1:42:41:6f:ce:12:1a:2b:6e:98:f2:f4:86:d2: d1:c1:51:3b:43:63:a7:9e:0c:9b:72:da:5c:86:f3: 13:64:ed:2e:47:3b:b8:83:7a:51:71:a3:9d:68:8c: a0:d6:e6:e2:85:13:d3:39:b0:e5:04:c4:70:7b:36: 05:9a:a4:71:f8:6e:f1:8d:50:05:e4:f3:65:55:f7: 23:b7:ad:ef:ff:c7:9a:0b:db:bf:e7:01:9d:5d:44: 8c:a4:ce:4a:80:24:8c:d5:36:46:57:7c:8f:8d:31: d5:d0:40:ef:ea:3c:ba:ba:c4:29:9b:0b:a8:1a:e1: b1:4f:57:cc:b3:21:a7:87:05:aa:cb:c4:8c:06:a0: 9f:d2:ce:57:86:e5:43:d4:a5:0f:bf:28:37:b7:c0: 13:24:ec:c1:48:3c:29:2a:38:16:4e:42:72:45:1b: b6:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:69:FD:1C:30:ED:FA:A8:D6:99:2C:BA:2A:73:67:D2:6D:9C:C7:A2 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0DE4F9128A8311EDA0709B2AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.118.157.0/24 103.133.38.0/24 103.155.147.0/24 IPv6: 2001:df1:5340::/48 Signature Algorithm: sha256WithRSAEncryption 4f:b6:c1:af:a4:83:0c:93:45:1a:47:db:5c:32:c9:e5:7d:8c: 48:3d:0c:13:ba:a5:38:3b:9b:e9:24:9d:d0:bd:4b:22:ce:06: e0:c0:e9:50:53:12:c0:5b:b5:fd:a1:03:8c:45:13:02:9c:74: a0:03:9a:14:04:14:f3:6c:d7:e8:4f:77:5b:5f:5b:ae:87:3a: f7:32:2e:e5:88:a9:37:85:f5:0b:b0:e3:26:f6:b7:90:a8:dc: 31:c6:2d:a7:6d:24:5a:19:37:7c:90:8f:36:f6:82:c0:bb:43: 02:dd:f5:a9:30:d1:5f:b5:8e:b4:96:e5:f4:02:2c:cc:04:be: d4:df:28:78:f1:e8:91:13:9a:e1:b5:2a:14:75:c2:a7:40:00: ad:cc:71:f3:34:95:03:9a:7b:7a:36:3a:e0:3c:f6:c7:3a:30: 3e:71:f9:83:4d:25:ff:c1:69:78:53:4e:a9:5c:7b:70:8b:5d: 97:2c:10:1a:68:d0:dc:9c:70:7c:aa:03:21:8f:06:32:30:de: ac:3b:3d:1d:6c:af:4d:55:ff:01:d0:90:20:29:3d:3e:fd:e9: c9:d6:a4:15:e0:b1:d1:36:2c:a2:e9:d0:1e:45:22:95:3d:1d: cd:64:85:e8:24:70:7a:1c:ff:29:47:3c:4f:d7:28:24:a5:70: 82:53:c1:31 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICfuQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMxMTI4MDcwNDQ1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTY1OTEwYy0zNWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA51JLWGKJPelIEjAsapU9++QQlu8U4ktV+P8UX+0vQLmy2kD1UyAxXyrgJ3as 9in0F2RBMtWNPcUQhcnC8kyFZ60UGSn8h7DEbzy+AiO6e9MF4noyr11z1l62oUJB b84SGitumPL0htLRwVE7Q2OnngybctpchvMTZO0uRzu4g3pRcaOdaIyg1ubihRPT ObDlBMRwezYFmqRx+G7xjVAF5PNlVfcjt63v/8eaC9u/5wGdXUSMpM5KgCSM1TZG V3yPjTHV0EDv6jy6usQpmwuoGuGxT1fMsyGnhwWqy8SMBqCf0s5XhuVD1KUPvyg3 t8ATJOzBSDwpKjgWTkJyRRu2twIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFG9p/Rww 7fqo1pksuipzZ9JtnMeiMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMERFNEY5MTI4 QTgzMTFFREEwNzA5QjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBgEAgABMBIDBABndp0DBABnhSYDBABnm5MwDwQCAAIwCQMHACABDfFTQDAN BgkqhkiG9w0BAQsFAAOCAQEAT7bBr6SDDJNFGkfbXDLJ5X2MSD0ME7qlODub6SSd 0L1LIs4G4MDpUFMSwFu1/aEDjEUTApx0oAOaFAQU82zX6E93W19broc69zIu5Yip N4X1C7DjJva3kKjcMcYtp20kWhk3fJCPNvaCwLtDAt31qTDRX7WOtJbl9AIszAS+ 1N8oePHokROa4bUqFHXCp0AArcxx8zSVA5p7ejY64Dz2xzowPnH5g00l/8FpeFNO qVx7cItdlywQGmjQ3JxwfKoDIY8GMjDerDs9HWyvTVX/AdCQICk9Pv3pydakFeCx 0TYsounQHkUilT0dzWSF6CRwehz/KUc8T9coJKVwglPBMQ== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:26 2024 by rpki-client on console-ams.rpki-client.org