$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1004E2F28F0711ECBD470E1FC4F9AE02.roa File: 1004E2F28F0711ECBD470E1FC4F9AE02.roa (raw, json) Hash identifier: bwXI6LzYAYXPpQuEOEE4oYKhH55xE55OyvN+j4ueqCo= Subject key identifier: 26:1D:07:FC:01:79:EE:15:58:6E:31:AB:55:0B:24:31:A3:04:AD:1D Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6BBB Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1004E2F28F0711ECBD470E1FC4F9AE02.roa Signing time: Wed 10 May 2023 16:21:06 +0000 ROA not before: Wed 10 May 2023 16:21:06 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 135259 IP address blocks: 45.248.192.0/22 maxlen: 24 103.68.40.0/22 maxlen: 22 103.68.40.0/24 maxlen: 24 103.68.41.0/24 maxlen: 24 103.68.42.0/24 maxlen: 24 103.68.43.0/24 maxlen: 24 103.217.152.0/22 maxlen: 24 2404:98c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27579 (0x6bbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:21:06 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc472-66b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:c5:06:ac:5f:8d:04:59:20:7b:ab:46:1b:e2: c4:1f:a5:de:c1:c1:02:26:90:0f:ae:ea:b3:a7:fa: 20:80:75:e0:8e:1f:d8:c0:41:91:b7:51:3f:01:a8: 9c:3a:a2:f5:82:4a:59:1f:41:ee:4f:63:a9:27:fb: 9a:04:53:36:74:3d:56:8e:a4:f5:7a:72:8b:fe:f2: 0e:15:a8:42:88:c9:18:58:5a:62:e7:16:b3:4f:f8: bb:9e:11:bd:18:c3:6b:5f:8d:fe:f3:a8:9b:43:df: 35:f9:37:53:16:e8:44:27:d0:6e:85:7c:d2:19:c1: 68:bc:0f:12:eb:4d:ba:84:32:0e:70:22:38:1f:49: 9c:eb:0b:49:46:50:2f:ac:d6:5a:53:16:f8:da:2b: 6e:6f:8b:93:33:43:84:f1:9a:0d:95:b5:d4:32:bb: f3:cf:0a:2c:93:de:ae:d2:eb:ea:51:34:7e:fb:77: 29:cf:a6:5a:fe:d6:32:01:c0:5a:32:4e:61:40:bd: c8:2f:b0:9a:20:d5:89:c5:94:c1:00:d7:3f:3d:4f: 82:f5:21:49:0a:3e:b2:13:72:19:d4:fb:ec:99:69: 35:d5:df:94:6d:24:c2:d6:78:c7:56:7b:d8:49:8d: 81:43:08:ad:be:e1:21:80:ff:2a:0b:78:91:2c:e1: 67:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:1D:07:FC:01:79:EE:15:58:6E:31:AB:55:0B:24:31:A3:04:AD:1D X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1004E2F28F0711ECBD470E1FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.248.192.0/22 103.68.40.0/22 103.217.152.0/22 IPv6: 2404:98c0::/32 Signature Algorithm: sha256WithRSAEncryption 30:73:4c:6a:92:37:96:9e:fa:89:09:5f:0b:a6:46:07:3d:e1: d7:61:a9:9f:51:db:05:2c:14:22:2e:ea:6c:ff:aa:07:9f:df: 36:22:d9:c7:e2:c8:fe:c9:70:2b:58:fa:13:b7:b9:a9:31:e7: 2b:56:44:5a:c1:ab:66:51:ec:34:e9:5e:a1:b4:14:c4:bd:98: fb:8e:f5:7d:d6:ac:ad:d4:d5:fd:e7:5c:53:f0:38:64:eb:d7: 99:34:43:62:06:8c:c4:f3:8f:27:93:99:84:90:f7:bc:c7:b8: b7:38:74:85:8e:da:12:d6:a8:a9:74:9a:61:1a:26:93:39:9c: c8:5d:df:43:e6:5a:11:d3:e6:a8:62:a3:f5:b0:96:ce:38:81: d5:e0:9c:6b:b0:52:50:11:1f:2b:11:3b:34:a5:92:41:8e:e8: 5a:62:b6:4d:35:28:83:21:0f:f1:a5:ae:9e:ac:53:f1:43:4b: c9:9d:b2:13:32:92:fb:31:4f:af:e2:f7:6b:b3:94:b6:a1:14: b9:b8:2c:72:c9:00:e2:f5:0f:77:08:28:c6:26:ed:bc:d9:33: be:2b:8f:28:4c:63:42:6f:3b:d3:c8:af:0f:fd:bf:d2:a2:31: 94:69:1a:6e:5c:f2:ca:9c:05:12:5e:de:6d:c1:23:5f:40:e0: 4a:b3:3b:86 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICa7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYyMTA2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzQ3Mi02NmIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy8UGrF+NBFkge6tGG+LEH6XewcECJpAPruqzp/oggHXgjh/YwEGRt1E/Aaic OqL1gkpZH0HuT2OpJ/uaBFM2dD1WjqT1enKL/vIOFahCiMkYWFpi5xazT/i7nhG9 GMNrX43+86ibQ981+TdTFuhEJ9BuhXzSGcFovA8S6026hDIOcCI4H0mc6wtJRlAv rNZaUxb42itub4uTM0OE8ZoNlbXUMrvzzwosk96u0uvqUTR++3cpz6Za/tYyAcBa Mk5hQL3IL7CaINWJxZTBANc/PU+C9SFJCj6yE3IZ1PvsmWk11d+UbSTC1njHVnvY SY2BQwitvuEhgP8qC3iRLOFnkwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFCYdB/wB ee4VWG4xq1ULJDGjBK0dMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMTAwNEUyRjI4 RjA3MTFFQ0JENDcwRTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIt+MADBAJnRCgDBAJn2ZgwDQQCAAIwBwMFACQEmMAwDQYJ KoZIhvcNAQELBQADggEBADBzTGqSN5ae+okJXwumRgc94ddhqZ9R2wUsFCIu6mz/ qgef3zYi2cfiyP7JcCtY+hO3uakx5ytWRFrBq2ZR7DTpXqG0FMS9mPuO9X3WrK3U 1f3nXFPwOGTr15k0Q2IGjMTzjyeTmYSQ97zHuLc4dIWO2hLWqKl0mmEaJpM5nMhd 30PmWhHT5qhio/Wwls44gdXgnGuwUlARHysROzSlkkGO6Fpitk01KIMhD/Glrp6s U/FDS8mdshMykvsxT6/i92uzlLahFLm4LHLJAOL1D3cIKMYm7bzZM74rjyhMY0Jv O9PIrw/9v9KiMZRpGm5c8sqcBRJe3m3BI19A4EqzO4Y= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:26 2024 by rpki-client on console-ams.rpki-client.org