$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1EFB05EAF19A11EA90B2B06BC4F9AE02.roa File: 1EFB05EAF19A11EA90B2B06BC4F9AE02.roa (raw, json) Hash identifier: rsnPLBo8lrwbjKGuI6sCkubrj1LHyPTWWT4Bqg6UoDo= Subject key identifier: B2:61:7C:21:78:25:82:46:B7:F9:0A:E8:0A:E1:F4:42:D1:70:B9:E5 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8208 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1EFB05EAF19A11EA90B2B06BC4F9AE02.roa Signing time: Mon 29 Jan 2024 06:07:04 +0000 ROA not before: Mon 29 Jan 2024 06:07:04 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 140201 IP address blocks: 103.155.40.0/23 maxlen: 24 103.160.238.0/23 maxlen: 24 103.217.249.0/24 maxlen: 24 2001:df1:cbc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33288 (0x8208) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jan 29 06:07:04 2024 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=65b74088-a714 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:cf:14:57:23:52:c5:f0:73:b4:d1:c2:aa:7c: 5b:d5:1c:44:ae:76:a1:05:7b:5a:e9:c5:84:69:2a: 1e:c0:92:04:03:5b:71:bc:e8:f2:15:17:40:b8:f4: f5:ba:11:bf:7c:4c:07:bb:58:87:0e:cd:51:24:bd: 00:72:75:fa:fa:28:31:49:45:d5:a5:02:3e:14:31: ef:de:f1:b2:c2:5d:55:8b:b5:f9:ca:4e:1d:e0:90: e0:d8:75:30:3f:f3:c8:6f:f3:3c:bd:72:1b:fb:54: cf:db:81:d0:66:d5:d3:92:2a:94:80:21:2e:7a:75: c2:5a:cd:dc:da:92:61:90:69:f0:f5:d9:d2:f1:12: aa:87:c5:5c:79:8d:89:b5:a8:3a:f3:61:c8:92:70: 51:4a:ac:5e:00:c1:dc:54:dd:89:51:64:05:ae:7a: b1:98:9d:ba:53:0d:b9:9f:97:f0:19:3e:b8:d5:9c: 4e:af:48:a0:01:8a:3f:f2:6d:d3:7a:e5:50:27:c4: df:56:3b:54:6c:3b:03:e6:91:ab:f7:c7:3d:a7:45: e0:d0:98:d6:28:7d:08:df:fc:36:2b:9b:42:de:62: 17:6f:db:3c:43:35:95:d6:e0:0b:d8:9c:43:a0:71: fc:8b:8e:5a:e8:1f:e3:f7:d0:4f:32:50:30:f8:c5: 74:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:61:7C:21:78:25:82:46:B7:F9:0A:E8:0A:E1:F4:42:D1:70:B9:E5 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1EFB05EAF19A11EA90B2B06BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.155.40.0/23 103.160.238.0/23 103.217.249.0/24 IPv6: 2001:df1:cbc0::/48 Signature Algorithm: sha256WithRSAEncryption 5c:df:8f:e5:76:56:75:95:62:c0:3c:ba:3a:4c:58:f0:a3:1e: d6:b7:e0:5b:24:ce:83:38:ff:d6:17:79:21:d4:e3:92:31:c6: e9:48:b1:6c:a9:d6:75:e1:40:02:11:22:3a:44:87:f0:8f:b0: 60:06:51:fd:05:8f:92:1e:66:dd:40:58:70:f2:fd:8f:be:99: b7:34:24:d9:19:01:c5:f5:86:d9:57:bc:d3:c3:f2:bf:8f:b1: ce:12:6f:88:4c:c5:97:07:3d:52:da:6e:fe:32:9e:d4:5a:a1: fd:4b:f7:b1:97:63:97:80:17:08:8d:1a:53:6c:ea:e5:30:4c: 24:02:cc:df:6f:07:41:79:5d:d1:00:34:b5:39:c1:bc:60:78: c5:43:7a:f1:e1:6c:d6:14:3e:db:ad:5e:fe:62:92:b7:e0:1e: 83:87:13:8b:6f:29:00:f4:7b:6a:64:c4:23:e2:83:bd:1e:2c: 5e:1f:8c:09:9b:c1:fa:7a:a8:05:0f:5c:04:98:e5:ee:be:63: 39:8e:d2:e4:2b:94:67:72:78:2c:5b:5f:fa:2b:f2:5f:89:4c: 0f:e4:bf:1c:ce:e8:8b:7e:87:fa:fa:ca:a4:ca:be:eb:56:c4: 93:ae:e2:7f:f6:fa:c7:6b:32:3c:18:9d:92:41:ad:6e:6b:35: e7:23:6f:43 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgIDAIIIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDEyOTA2MDcwNFoXDTI0MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjViNzQwODgtYTcxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKzPFFcjUsXwc7TRwqp8W9UcRK52oQV7WunFhGkqHsCSBANbcbzo8hUXQLj0 9boRv3xMB7tYhw7NUSS9AHJ1+vooMUlF1aUCPhQx797xssJdVYu1+cpOHeCQ4Nh1 MD/zyG/zPL1yG/tUz9uB0GbV05IqlIAhLnp1wlrN3NqSYZBp8PXZ0vESqofFXHmN ibWoOvNhyJJwUUqsXgDB3FTdiVFkBa56sZidulMNuZ+X8Bk+uNWcTq9IoAGKP/Jt 03rlUCfE31Y7VGw7A+aRq/fHPadF4NCY1ih9CN/8NiubQt5iF2/bPEM1ldbgC9ic Q6Bx/IuOWugf4/fQTzJQMPjFdLMCAwEAAaOCArIwggKuMB0GA1UdDgQWBBSyYXwh eCWCRrf5CugK4fRC0XC55TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzFFRkIwNUVB RjE5QTExRUE5MEIyQjA2QkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDwGCCsGAQUFBwEHAQH/ BC0wKzAYBAIAATASAwQBZ5soAwQBZ6DuAwQAZ9n5MA8EAgACMAkDBwAgAQ3xy8Aw DQYJKoZIhvcNAQELBQADggEBAFzfj+V2VnWVYsA8ujpMWPCjHta34FskzoM4/9YX eSHU45IxxulIsWyp1nXhQAIRIjpEh/CPsGAGUf0Fj5IeZt1AWHDy/Y++mbc0JNkZ AcX1htlXvNPD8r+Psc4Sb4hMxZcHPVLabv4yntRaof1L97GXY5eAFwiNGlNs6uUw TCQCzN9vB0F5XdEANLU5wbxgeMVDevHhbNYUPtutXv5ikrfgHoOHE4tvKQD0e2pk xCPig70eLF4fjAmbwfp6qAUPXASY5e6+YzmO0uQrlGdyeCxbX/or8l+JTA/kvxzO 6It+h/r6yqTKvutWxJOu4n/2+sdrMjwYnZJBrW5rNecjb0M= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:27 2024 by rpki-client on console-ams.rpki-client.org