$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1AE040CEE5F011EB8AAF8141C4F9AE02.roa File: 1AE040CEE5F011EB8AAF8141C4F9AE02.roa (raw, json) Hash identifier: Y5mZY2yIfhvB2EBhj/zny/u9Sa2KaYCccxcl4JVHfX4= Subject key identifier: 96:2A:8F:A0:D2:F8:9C:48:69:23:8E:71:17:96:24:92:20:55:9B:2E Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6C7B Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1AE040CEE5F011EB8AAF8141C4F9AE02.roa Signing time: Wed 10 May 2023 16:24:44 +0000 ROA not before: Wed 10 May 2023 16:24:44 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 136370 IP address blocks: 103.87.90.0/24 maxlen: 24 103.117.9.0/24 maxlen: 24 103.160.124.0/23 maxlen: 24 103.220.20.0/23 maxlen: 24 2001:df5:9d80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27771 (0x6c7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:24:44 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc54b-cf20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e9:0a:1c:ec:8c:1c:74:f4:3b:c9:19:be:7b: 51:e1:93:e9:18:79:4c:e3:fb:d7:e2:0e:84:ae:11: 95:f4:25:f6:6c:4e:bb:98:31:57:ec:33:18:8b:6b: 85:fe:cf:56:72:af:2f:9d:31:b2:cd:4a:74:9d:49: 1a:bd:19:d0:94:bb:31:3f:02:f1:14:5f:36:fb:a1: a3:72:c8:7e:7b:4a:19:4f:d4:e1:44:e6:58:ed:e2: 22:ea:ed:52:bf:8f:90:66:04:b7:fb:25:56:ec:56: a2:d0:cb:31:f3:fa:02:d1:9a:b5:4a:07:85:c5:b7: 4a:5c:5e:2e:92:d5:81:b4:19:69:b8:43:2f:02:ca: a4:38:cf:ed:b9:0a:b7:25:9f:28:d7:71:15:70:1f: 6c:21:88:f8:4d:28:a1:44:cf:c7:69:3a:a9:50:dd: af:ba:f5:6b:7f:0a:ec:75:6e:a4:e7:3e:27:94:51: fc:0b:35:ee:bf:1d:70:5d:77:a0:15:02:4d:39:fa: 42:3e:6c:e3:a9:ea:d3:0d:37:7c:16:01:67:75:f0: b4:88:b9:6f:ce:a3:71:23:ba:2c:62:6e:43:61:61: dc:70:d3:46:1d:db:8f:df:0f:bc:25:0f:5b:2a:22: 42:00:3b:ae:7b:ee:eb:22:44:59:28:eb:2f:95:c4: 64:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:2A:8F:A0:D2:F8:9C:48:69:23:8E:71:17:96:24:92:20:55:9B:2E X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1AE040CEE5F011EB8AAF8141C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.87.90.0/24 103.117.9.0/24 103.160.124.0/23 103.220.20.0/23 IPv6: 2001:df5:9d80::/48 Signature Algorithm: sha256WithRSAEncryption 2c:9d:94:a3:ff:7b:6a:c0:eb:b7:99:02:8c:ac:e8:9c:7f:fa: 41:41:f7:72:63:29:a7:9a:3b:d5:1d:51:4f:ea:a8:b8:c0:13: 8d:b0:6b:e8:4f:a2:73:97:a1:b0:83:a7:ea:53:fd:48:8d:ed: b3:c8:aa:f3:aa:13:b5:fd:c3:0a:0a:67:c4:23:37:83:25:bd: d8:8f:f4:4e:85:ea:1b:32:4c:f3:86:09:fa:7e:57:d5:70:f9: 71:2a:d9:31:12:41:db:6f:f8:4d:6a:16:b8:84:0f:b8:f5:48: 41:70:d1:ac:84:1f:20:ce:1d:27:2e:7f:f6:a2:ed:18:13:a6: 91:d6:55:93:38:7c:fa:9b:99:b9:8b:58:7c:39:d5:01:20:79: a9:92:4e:de:99:69:a9:f5:c0:12:ae:b8:e9:68:a8:0e:6c:dd: 6f:b3:3f:62:c8:98:2a:2a:12:e6:31:c2:07:b6:79:81:2c:bf: 8f:b4:01:eb:0a:75:22:20:6b:59:b9:2b:0d:95:3b:e4:30:1b: df:31:23:fa:bb:5d:e0:c7:2f:86:fa:c5:ba:1a:8f:2b:c3:15: d4:d7:f3:de:4d:28:d4:9a:d6:15:83:7c:f5:8e:7f:25:70:bf: eb:2c:f0:4a:5b:36:da:02:eb:0c:76:cf:8d:7c:c8:b2:e2:2d: ae:8e:75:6d -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICbHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYyNDQ0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzU0Yi1jZjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz+kKHOyMHHT0O8kZvntR4ZPpGHlM4/vX4g6ErhGV9CX2bE67mDFX7DMYi2uF /s9Wcq8vnTGyzUp0nUkavRnQlLsxPwLxFF82+6Gjcsh+e0oZT9ThROZY7eIi6u1S v4+QZgS3+yVW7Fai0Msx8/oC0Zq1SgeFxbdKXF4uktWBtBlpuEMvAsqkOM/tuQq3 JZ8o13EVcB9sIYj4TSihRM/HaTqpUN2vuvVrfwrsdW6k5z4nlFH8CzXuvx1wXXeg FQJNOfpCPmzjqerTDTd8FgFndfC0iLlvzqNxI7osYm5DYWHccNNGHduP3w+8JQ9b KiJCADuue+7rIkRZKOsvlcRkEQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFJYqj6DS +JxIaSOOcReWJJIgVZsuMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMUFFMDQwQ0VF NUYwMTFFQjhBQUY4MTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E MzAxMB4EAgABMBgDBABnV1oDBABndQkDBAFnoHwDBAFn3BQwDwQCAAIwCQMHACAB DfWdgDANBgkqhkiG9w0BAQsFAAOCAQEALJ2Uo/97asDrt5kCjKzonH/6QUH3cmMp p5o71R1RT+qouMATjbBr6E+ic5ehsIOn6lP9SI3ts8iq86oTtf3DCgpnxCM3gyW9 2I/0ToXqGzJM84YJ+n5X1XD5cSrZMRJB22/4TWoWuIQPuPVIQXDRrIQfIM4dJy5/ 9qLtGBOmkdZVkzh8+puZuYtYfDnVASB5qZJO3plpqfXAEq646WioDmzdb7M/YsiY KioS5jHCB7Z5gSy/j7QB6wp1IiBrWbkrDZU75DAb3zEj+rtd4McvhvrFuhqPK8MV 1Nfz3k0o1JrWFYN89Y5/JXC/6yzwSls22gLrDHbPjXzIsuItro51bQ== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:27 2024 by rpki-client on console-ams.rpki-client.org