$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/18BC31AEA63C11EEB558E341C4F9AE02.roa File: 18BC31AEA63C11EEB558E341C4F9AE02.roa (raw, json) Hash identifier: /+pwEkzDEqOe5qBYWsj4IDG4YPHkoLdokOzZybAiP3k= Subject key identifier: 01:E7:88:91:34:35:D9:1B:0A:07:07:FE:7A:0E:07:39:AA:DF:27:48 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8103 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/18BC31AEA63C11EEB558E341C4F9AE02.roa Signing time: Thu 04 Jan 2024 06:35:41 +0000 ROA not before: Thu 04 Jan 2024 06:35:41 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 132757 IP address blocks: 45.251.232.0/22 maxlen: 24 103.141.92.0/23 maxlen: 24 103.166.109.0/24 maxlen: 24 103.220.208.0/22 maxlen: 24 103.240.26.0/23 maxlen: 24 2401:2ba0::/32 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33027 (0x8103) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jan 4 06:35:41 2024 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=659651bd-e0ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:0d:70:f6:6d:5e:9e:ee:b8:c2:21:9b:01:bd: 3a:44:35:2c:34:6e:da:0c:73:50:e1:39:64:4b:22: 18:8f:d3:01:7d:d6:89:3a:5b:d2:f0:f6:9f:b7:17: c0:e5:1c:59:b4:bc:61:48:63:ce:91:e3:8b:a1:58: 1d:3d:2b:69:fb:31:15:44:1b:45:98:7c:6f:e6:8c: 84:b9:3a:b4:b3:aa:3b:69:5c:85:94:9c:13:e2:e9: d3:9b:93:cb:ce:e6:95:6b:75:5d:88:99:d3:13:f1: af:6f:72:bd:9e:1a:c4:81:34:fb:35:51:26:7f:a7: 79:4b:18:d2:cb:b1:33:53:8b:7f:d6:30:9a:34:92: cb:e2:b7:b7:15:6f:0e:3d:72:83:97:92:8a:9d:eb: 2f:2f:33:e1:9f:42:6e:6d:61:0a:ca:d5:0c:82:ef: fa:41:79:44:e9:e0:7c:26:19:bb:a3:1a:57:1b:4a: 2c:3c:60:ae:fb:5f:95:e5:18:82:10:5a:46:6f:6f: 34:8c:14:74:33:65:4a:9d:e8:e5:2b:99:be:44:5e: 5e:86:5b:68:c5:48:d5:d2:cc:3a:6b:26:47:e7:2e: c5:e6:49:dc:a4:7f:1f:16:60:1a:5c:7b:8f:65:68: e5:68:05:29:01:01:12:88:81:80:aa:0f:72:98:80: 98:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:E7:88:91:34:35:D9:1B:0A:07:07:FE:7A:0E:07:39:AA:DF:27:48 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/18BC31AEA63C11EEB558E341C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.251.232.0/22 103.141.92.0/23 103.166.109.0/24 103.220.208.0/22 103.240.26.0/23 IPv6: 2401:2ba0::/32 Signature Algorithm: sha256WithRSAEncryption 1e:e8:f3:9c:de:21:4a:e3:d3:67:26:67:68:da:ef:b9:13:e0: 10:bd:cf:ac:9e:49:43:26:03:c8:35:a1:f5:a1:b4:c2:f6:56: e6:4d:11:25:92:8c:42:26:2b:29:62:c0:8c:88:db:a5:d7:fe: e3:7d:e9:eb:af:b7:cb:98:73:25:d1:91:3a:83:a9:64:37:79: 0e:ef:ca:f4:ce:74:81:03:d4:b2:7a:34:a5:7d:13:f0:5b:6b: ff:85:0f:91:96:cb:63:16:9b:07:8d:b1:0b:3f:a6:78:be:3e: ec:96:9f:c5:6f:2f:71:fc:14:1f:cf:4d:38:97:3f:7f:46:ba: f6:9b:ec:62:5a:fd:cb:d6:28:d3:69:54:43:de:1a:fe:fa:ca: b5:5c:f2:f8:84:d6:f5:5b:85:1e:ef:4f:ca:4d:0e:3e:d9:81: 17:7e:1c:39:d5:bd:fc:f9:f1:8e:00:a5:e0:34:0f:22:9b:f9: 09:c5:d3:3c:c7:3f:20:d2:07:46:01:2c:d7:e3:e3:10:1e:cf: 61:01:1f:af:7d:3f:1e:7d:50:00:1d:29:4e:80:7e:49:02:2f: 6b:dd:cf:2b:62:04:d7:0d:91:57:19:3a:ff:bf:2c:ec:cb:65: 10:d1:2b:4d:23:27:53:0f:e5:b5:ff:91:64:2a:99:bb:5c:ac: 7c:1f:5b:80 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgIDAIEDMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDEwNDA2MzU0MVoXDTI0MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjU5NjUxYmQtZTBlZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALENcPZtXp7uuMIhmwG9OkQ1LDRu2gxzUOE5ZEsiGI/TAX3WiTpb0vD2n7cX wOUcWbS8YUhjzpHji6FYHT0rafsxFUQbRZh8b+aMhLk6tLOqO2lchZScE+Lp05uT y87mlWt1XYiZ0xPxr29yvZ4axIE0+zVRJn+neUsY0suxM1OLf9YwmjSSy+K3txVv Dj1yg5eSip3rLy8z4Z9Cbm1hCsrVDILv+kF5ROngfCYZu6MaVxtKLDxgrvtfleUY ghBaRm9vNIwUdDNlSp3o5SuZvkReXoZbaMVI1dLMOmsmR+cuxeZJ3KR/HxZgGlx7 j2Vo5WgFKQEBEoiBgKoPcpiAmOcCAwEAAaOCArwwggK4MB0GA1UdDgQWBBQB54iR NDXZGwoHB/56Dgc5qt8nSDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE4QkMzMUFF QTYzQzExRUVCNTU4RTM0MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEYGCCsGAQUFBwEHAQH/ BDcwNTAkBAIAATAeAwQCLfvoAwQBZ41cAwQAZ6ZtAwQCZ9zQAwQBZ/AaMA0EAgAC MAcDBQAkASugMA0GCSqGSIb3DQEBCwUAA4IBAQAe6POc3iFK49NnJmdo2u+5E+AQ vc+snklDJgPINaH1obTC9lbmTRElkoxCJispYsCMiNul1/7jfenrr7fLmHMl0ZE6 g6lkN3kO78r0znSBA9SyejSlfRPwW2v/hQ+RlstjFpsHjbELP6Z4vj7slp/Fby9x /BQfz004lz9/Rrr2m+xiWv3L1ijTaVRD3hr++sq1XPL4hNb1W4Ue70/KTQ4+2YEX fhw51b38+fGOAKXgNA8im/kJxdM8xz8g0gdGASzX4+MQHs9hAR+vfT8efVAAHSlO gH5JAi9r3c8rYgTXDZFXGTr/vyzsy2UQ0StNIydTD+W1/5FkKpm7XKx8H1uA -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:27 2024 by rpki-client on console-ams.rpki-client.org