$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/153B8836B8C111EDAC68E946C4F9AE02.roa File: 153B8836B8C111EDAC68E946C4F9AE02.roa (raw, json) Hash identifier: MXc9LByJqgm9ay8dGZATzc47oxOv8wblLlhvwHrCQnw= Subject key identifier: 76:B6:AA:AB:B2:8C:7E:4F:C7:A0:75:C3:BD:6B:20:73:65:FE:E7:E7 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6F01 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/153B8836B8C111EDAC68E946C4F9AE02.roa Signing time: Wed 10 May 2023 16:36:42 +0000 ROA not before: Wed 10 May 2023 16:36:42 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 141799 IP address blocks: 103.146.222.0/24 maxlen: 24 103.146.223.0/24 maxlen: 24 103.149.52.0/23 maxlen: 24 103.159.242.0/23 maxlen: 24 103.165.22.0/23 maxlen: 24 103.181.176.0/23 maxlen: 24 2001:df6:f280::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28417 (0x6f01) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:36:42 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc81a-a451 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:de:1c:c1:91:c1:53:25:0b:1b:67:41:36:b4: 4b:26:fb:42:e7:ee:29:cb:05:8f:da:6e:a1:d7:5f: 2b:f8:16:a3:8c:af:ed:96:6a:3a:b1:73:01:32:b5: 3e:60:44:2d:d8:68:79:d3:a0:2f:a3:cd:c4:5e:50: 83:52:1e:4d:cd:e1:2d:90:bc:bf:b4:d2:a9:ec:7a: d8:28:fc:a6:a5:33:f7:e0:98:fc:e2:81:16:54:88: 4a:fc:21:71:94:92:b4:b0:5e:12:4d:49:48:1c:3f: a2:7d:e3:42:6c:e7:38:98:c9:f2:97:71:40:be:4c: b7:49:5c:6a:26:b8:b7:ec:08:9a:41:b6:48:f3:10: 2a:98:82:3f:2d:f2:af:a3:49:9a:6d:2a:cc:c2:81: 06:28:e7:69:d6:0d:16:35:4c:d0:e0:7f:f0:1e:ad: 11:f5:f1:7e:ca:42:37:c5:9b:e8:fd:af:da:35:d8: 64:d7:03:4b:f0:26:72:ee:3b:6d:63:75:b6:db:ac: d2:5d:ed:61:61:07:93:6e:d0:ba:66:e2:91:6b:b9: fe:25:60:41:27:52:97:63:6f:d8:9e:e5:84:6a:7a: 90:f9:f4:90:cf:4b:7c:b9:b3:56:08:e7:b0:92:40: 88:44:05:11:4f:2b:29:d2:6d:48:9e:cd:20:2e:95: cb:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:B6:AA:AB:B2:8C:7E:4F:C7:A0:75:C3:BD:6B:20:73:65:FE:E7:E7 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/153B8836B8C111EDAC68E946C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.146.222.0/23 103.149.52.0/23 103.159.242.0/23 103.165.22.0/23 103.181.176.0/23 IPv6: 2001:df6:f280::/48 Signature Algorithm: sha256WithRSAEncryption 09:90:36:7f:3d:ee:fe:fd:d2:d0:bb:98:34:ab:ff:c1:5d:77: 9b:df:4e:4a:fa:b4:c6:83:70:77:ee:e0:b5:fd:eb:cc:98:60: 32:43:d3:14:b9:0f:b8:12:bb:00:83:9e:94:8b:f9:39:01:7c: d2:8b:8d:0c:9a:d8:6a:53:10:23:4d:b5:f9:d3:1d:05:65:0b: dc:5a:fb:d3:25:3f:4b:4e:34:d2:1c:ca:75:7f:ed:d2:0d:e1: ec:e3:2e:26:36:ab:df:fc:7d:98:67:1a:a8:42:1c:55:1d:29: 98:95:2e:7e:02:4f:fa:05:0b:6b:95:61:66:5f:65:0d:3d:ca: 92:f7:52:92:68:46:ba:a7:3b:14:b7:43:8e:fa:bc:73:95:d5: 18:df:a8:35:61:b0:3b:31:5d:ec:f8:db:dd:e2:af:69:31:ec: 5e:a4:e7:70:be:08:1f:8c:cf:dc:3a:aa:f6:b6:bf:4c:1f:da: de:2f:d8:4f:d8:f0:0f:eb:70:fd:65:4d:a3:77:2c:85:aa:69: 9d:b2:f9:43:e5:a9:ed:67:60:31:30:ed:fd:2b:fc:42:67:30: f1:1c:17:3a:27:f7:9e:87:42:5e:cc:09:d1:29:0f:08:fa:5e: 7f:29:af:77:03:bf:91:b8:16:46:86:e6:09:1d:6b:df:18:7a: e6:28:a0:d7 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgICbwEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYzNjQyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzgxYS1hNDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxN4cwZHBUyULG2dBNrRLJvtC5+4pywWP2m6h118r+BajjK/tlmo6sXMBMrU+ YEQt2Gh506Avo83EXlCDUh5NzeEtkLy/tNKp7HrYKPympTP34Jj84oEWVIhK/CFx lJK0sF4STUlIHD+ifeNCbOc4mMnyl3FAvky3SVxqJri37AiaQbZI8xAqmII/LfKv o0mabSrMwoEGKOdp1g0WNUzQ4H/wHq0R9fF+ykI3xZvo/a/aNdhk1wNL8CZy7jtt Y3W226zSXe1hYQeTbtC6ZuKRa7n+JWBBJ1KXY2/YnuWEanqQ+fSQz0t8ubNWCOew kkCIRAURTysp0m1Ins0gLpXL0QIDAQABo4ICvjCCArowHQYDVR0OBBYEFHa2qquy jH5Px6B1w71rIHNl/ufnMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMTUzQjg4MzZC OEMxMTFFREFDNjhFOTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E OTA3MCQEAgABMB4DBAFnkt4DBAFnlTQDBAFnn/IDBAFnpRYDBAFntbAwDwQCAAIw CQMHACABDfbygDANBgkqhkiG9w0BAQsFAAOCAQEACZA2fz3u/v3S0LuYNKv/wV13 m99OSvq0xoNwd+7gtf3rzJhgMkPTFLkPuBK7AIOelIv5OQF80ouNDJrYalMQI021 +dMdBWUL3Fr70yU/S0400hzKdX/t0g3h7OMuJjar3/x9mGcaqEIcVR0pmJUufgJP +gULa5VhZl9lDT3KkvdSkmhGuqc7FLdDjvq8c5XVGN+oNWGwOzFd7Pjb3eKvaTHs XqTncL4IH4zP3Dqq9ra/TB/a3i/YT9jwD+tw/WVNo3cshappnbL5Q+Wp7WdgMTDt /Sv8Qmcw8RwXOif3nodCXswJ0SkPCPpefymvdwO/kbgWRobmCR1r3xh65iig1w== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:27 2024 by rpki-client on console-ams.rpki-client.org