$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/236A1054BDD211EAA55BEE1AC4F9AE02.roa File: 236A1054BDD211EAA55BEE1AC4F9AE02.roa (raw, json) Hash identifier: SwHrMO6xYn8of+XufaeiThXZMSP4nf7Tgif5IgBliLI= Subject key identifier: 03:C4:F3:84:CB:54:51:18:DE:1B:D0:BB:C2:29:17:BD:8A:85:95:75 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6A66 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/236A1054BDD211EAA55BEE1AC4F9AE02.roa Signing time: Wed 10 May 2023 16:14:36 +0000 ROA not before: Wed 10 May 2023 16:14:36 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 133266 IP address blocks: 103.175.70.0/24 maxlen: 24 103.239.124.0/24 maxlen: 24 2001:df2:9600::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27238 (0x6a66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:14:36 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc2eb-54af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:50:22:7a:ca:4a:ba:f6:d5:b1:12:22:0e:b3: be:67:8b:db:97:15:1f:fa:9d:1d:c6:63:e3:af:fb: 86:94:04:a9:13:0b:a0:74:59:54:b4:b2:8e:3d:25: ba:6a:7e:55:ea:c2:01:02:00:59:39:3c:e6:4a:d3: ae:e7:b9:83:ec:0c:bc:9e:0c:64:9c:57:a0:bd:d5: dc:68:3f:b4:58:02:c7:b5:b7:3e:86:2d:ce:95:c8: 22:3a:8b:53:b0:c5:3b:b7:24:36:90:f6:db:38:b7: df:31:21:fa:af:f3:85:a6:fd:6f:61:4a:e2:19:23: 08:bf:b0:88:1d:7e:57:76:bf:c6:3f:1d:51:33:a5: 44:8c:bb:8f:f5:4b:7a:dc:91:6b:1b:17:2c:4f:42: ef:22:59:eb:a8:19:86:eb:8c:2f:26:16:37:4f:d7: d6:4a:c9:4e:6c:7f:ad:64:26:58:3a:42:c1:49:b5: 13:b4:1f:3f:eb:b0:47:39:38:d9:2c:8d:e2:fd:cb: ea:53:ad:3d:9e:e0:6c:a6:32:92:1a:39:2b:ea:a0: ed:94:74:a3:a1:9b:13:01:f8:08:96:ae:b2:e6:d8: 6a:00:0b:23:91:7c:83:f3:e9:66:68:39:c0:cb:8b: ef:d0:87:5a:c1:e0:59:40:67:d1:89:6d:2a:c0:d4: 74:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:C4:F3:84:CB:54:51:18:DE:1B:D0:BB:C2:29:17:BD:8A:85:95:75 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/236A1054BDD211EAA55BEE1AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.175.70.0/24 103.239.124.0/24 IPv6: 2001:df2:9600::/48 Signature Algorithm: sha256WithRSAEncryption 56:02:ee:74:6e:a0:62:03:09:7a:3c:22:4f:4c:79:69:bd:37: 78:28:71:f9:2c:6c:f9:a5:11:93:e6:c7:ca:97:e5:f3:4b:c2: 87:c5:a1:62:a8:79:29:f3:f0:29:b9:a3:7a:87:67:51:75:6c: 46:22:ad:e6:5b:41:8f:95:9e:3d:05:9b:4d:27:df:df:af:22: 9c:2e:5c:0e:37:13:73:1b:f5:9a:c9:79:50:fd:d5:2a:03:fa: a4:1b:dd:aa:5b:a5:a8:56:15:4e:3f:2c:18:ac:91:07:8b:0f: 5a:0c:c0:ea:61:24:ad:08:f0:59:20:8f:8f:d1:4a:78:a8:82: 90:0c:ea:e0:8f:e4:d0:ae:11:ef:ea:9b:11:0b:52:a5:2f:24: 95:63:c8:d7:b8:f4:03:5a:4f:42:21:78:99:bd:37:ed:8a:cf: 03:6a:73:5b:d4:d8:ec:09:77:44:15:e8:61:09:dd:cb:1c:04: 2f:02:48:ce:0b:4e:d7:f1:fd:10:83:d2:e8:ac:24:7b:b3:89: 74:1b:8e:fb:ce:b0:53:1d:f6:fd:b5:01:27:27:dd:cb:0c:bd: 4e:b9:58:51:14:e0:22:96:e9:4f:0d:4a:c8:32:25:c2:9c:38: 69:ff:98:33:34:20:e6:31:cf:1b:2a:d5:3a:e7:19:79:bc:a5: 71:a5:a1:35 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgICamYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYxNDM2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzJlYi01NGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApFAiespKuvbVsRIiDrO+Z4vblxUf+p0dxmPjr/uGlASpEwugdFlUtLKOPSW6 an5V6sIBAgBZOTzmStOu57mD7Ay8ngxknFegvdXcaD+0WALHtbc+hi3OlcgiOotT sMU7tyQ2kPbbOLffMSH6r/OFpv1vYUriGSMIv7CIHX5Xdr/GPx1RM6VEjLuP9Ut6 3JFrGxcsT0LvIlnrqBmG64wvJhY3T9fWSslObH+tZCZYOkLBSbUTtB8/67BHOTjZ LI3i/cvqU609nuBspjKSGjkr6qDtlHSjoZsTAfgIlq6y5thqAAsjkXyD8+lmaDnA y4vv0IdaweBZQGfRiW0qwNR0oQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFAPE84TL VFEY3hvQu8IpF72KhZV1MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMjM2QTEwNTRC REQyMTFFQUE1NUJFRTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E JzAlMBIEAgABMAwDBABnr0YDBABn73wwDwQCAAIwCQMHACABDfKWADANBgkqhkiG 9w0BAQsFAAOCAQEAVgLudG6gYgMJejwiT0x5ab03eChx+Sxs+aURk+bHypfl80vC h8WhYqh5KfPwKbmjeodnUXVsRiKt5ltBj5WePQWbTSff368inC5cDjcTcxv1msl5 UP3VKgP6pBvdqlulqFYVTj8sGKyRB4sPWgzA6mEkrQjwWSCPj9FKeKiCkAzq4I/k 0K4R7+qbEQtSpS8klWPI17j0A1pPQiF4mb037YrPA2pzW9TY7Al3RBXoYQndyxwE LwJIzgtO1/H9EIPS6Kwke7OJdBuO+86wUx32/bUBJyfdywy9TrlYURTgIpbpTw1K yDIlwpw4af+YMzQg5jHPGyrVOucZebylcaWhNQ== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:28 2024 by rpki-client on console-ams.rpki-client.org