$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/254DAD86BCFB11EAB65E512FC4F9AE02.roa File: 254DAD86BCFB11EAB65E512FC4F9AE02.roa (raw, json) Hash identifier: LtmGQDwDH2JiaXiRmKt+VVLCaSMNUmcaNEDE9SSI2dc= Subject key identifier: 91:B8:33:8C:38:ED:A6:93:0C:3A:B2:96:08:10:7F:48:71:8E:A3:C9 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6AF4 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/254DAD86BCFB11EAB65E512FC4F9AE02.roa Signing time: Wed 10 May 2023 16:17:19 +0000 ROA not before: Wed 10 May 2023 16:17:19 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 134040 IP address blocks: 45.120.40.0/22 maxlen: 22 45.120.40.0/24 maxlen: 24 45.120.41.0/24 maxlen: 24 45.120.42.0/24 maxlen: 24 45.120.43.0/24 maxlen: 24 103.60.100.0/22 maxlen: 22 103.60.100.0/24 maxlen: 24 103.60.101.0/24 maxlen: 24 103.60.102.0/24 maxlen: 24 103.60.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27380 (0x6af4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:17:19 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc38f-3f30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:84:8c:90:b2:0f:8e:39:41:d9:c0:2e:b4:8e: bf:30:98:67:73:d1:c4:b4:52:ad:de:bf:68:32:88: 6f:00:f6:84:fb:04:8d:bc:b8:e0:b8:13:91:3e:cf: 80:04:97:ac:41:c3:bb:2c:4a:b9:b6:11:f0:ea:54: 73:b5:73:8b:5f:58:44:1a:f4:59:b6:36:aa:7b:c8: 21:1d:7b:eb:01:1a:19:5a:18:98:46:5e:2e:7b:ad: 4d:d3:6a:5a:5a:d5:41:41:61:82:b9:09:58:7e:1c: 68:99:b5:2d:6a:54:6f:c7:bb:03:ef:e3:7b:e1:6b: 10:a8:43:ad:08:01:a9:00:e3:3b:6e:22:cf:ce:ce: 02:0c:1d:73:76:49:ed:43:04:27:44:a4:67:90:59: 11:f8:33:c6:0c:36:3f:7e:3d:80:8b:20:04:4b:3d: 04:cc:e8:2b:8c:89:32:89:4f:86:30:f4:b4:44:56: c6:29:4b:da:33:24:87:8d:7d:9a:0d:dd:c2:71:ef: 5b:f4:7d:26:f0:b0:98:0a:40:d1:a9:5b:35:c5:8b: 06:0a:74:56:02:02:a4:b6:3e:f8:18:5b:b4:8a:f9: dd:10:68:d7:32:fa:3f:4b:8d:83:06:f0:b1:6b:65: 48:9f:d5:5d:64:ed:0c:63:6f:bb:a0:03:56:e6:1b: 62:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:B8:33:8C:38:ED:A6:93:0C:3A:B2:96:08:10:7F:48:71:8E:A3:C9 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/254DAD86BCFB11EAB65E512FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.120.40.0/22 103.60.100.0/22 Signature Algorithm: sha256WithRSAEncryption 85:b3:44:15:b3:23:bc:3d:1b:41:e6:95:67:cc:50:53:06:79: fa:63:a6:0a:44:45:e6:83:71:02:ac:57:c0:32:2e:13:22:c1: 7c:85:ef:d2:25:24:12:12:37:f6:19:e4:3f:c4:96:58:2a:9c: 6a:3e:a7:02:73:f7:d9:9d:6d:7d:fe:a7:f3:9c:25:20:a3:20: a2:d2:eb:69:28:35:51:1e:62:f9:8d:e0:14:a2:7e:d7:60:65: c5:b6:80:49:c5:04:66:31:32:42:43:33:0e:57:b7:0a:78:57: d4:5d:2b:8a:35:b1:30:72:86:ad:07:8a:ef:a8:2a:e2:8e:fb: a1:12:6d:26:54:5d:dd:ba:bd:da:d7:76:f1:48:59:51:6c:25: ec:e4:2d:19:7a:18:6d:8e:7c:75:0d:08:a9:7b:e4:18:e2:78: 12:2c:07:da:2e:4f:87:26:36:92:a2:54:64:d6:c5:de:89:04: 12:5c:89:64:8e:7d:31:43:45:61:6b:df:2b:3e:1f:37:18:0f: 6d:c0:1c:67:c6:41:4e:4b:a6:c2:81:c9:b3:42:b5:d2:78:de: a2:17:15:b0:a1:8b:86:9b:23:5b:f9:1a:d0:fe:a1:2e:57:79: fd:25:34:38:cf:7f:9f:87:ab:79:0d:14:3d:7d:3e:46:e7:c2: 9b:23:84:00 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICavQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYxNzE5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzM4Zi0zZjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu4SMkLIPjjlB2cAutI6/MJhnc9HEtFKt3r9oMohvAPaE+wSNvLjguBORPs+A BJesQcO7LEq5thHw6lRztXOLX1hEGvRZtjaqe8ghHXvrARoZWhiYRl4ue61N02pa WtVBQWGCuQlYfhxombUtalRvx7sD7+N74WsQqEOtCAGpAOM7biLPzs4CDB1zdknt QwQnRKRnkFkR+DPGDDY/fj2AiyAESz0EzOgrjIkyiU+GMPS0RFbGKUvaMySHjX2a Dd3Cce9b9H0m8LCYCkDRqVs1xYsGCnRWAgKktj74GFu0ivndEGjXMvo/S42DBvCx a2VIn9VdZO0MY2+7oANW5hti1wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJG4M4w4 7aaTDDqylggQf0hxjqPJMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMjU0REFEODZC Q0ZCMTFFQUI2NUU1MTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIteCgDBAJnPGQwDQYJKoZIhvcNAQELBQADggEBAIWzRBWz I7w9G0HmlWfMUFMGefpjpgpEReaDcQKsV8AyLhMiwXyF79IlJBISN/YZ5D/Ellgq nGo+pwJz99mdbX3+p/OcJSCjIKLS62koNVEeYvmN4BSiftdgZcW2gEnFBGYxMkJD Mw5Xtwp4V9RdK4o1sTByhq0Hiu+oKuKO+6ESbSZUXd26vdrXdvFIWVFsJezkLRl6 GG2OfHUNCKl75BjieBIsB9ouT4cmNpKiVGTWxd6JBBJciWSOfTFDRWFr3ys+HzcY D23AHGfGQU5LpsKBybNCtdJ43qIXFbChi4abI1v5GtD+oS5Xef0lNDjPf5+Hq3kN FD19PkbnwpsjhAA= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:28 2024 by rpki-client on console-ams.rpki-client.org