$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3B9A0178B3F011ECB1F2611CC4F9AE02.roa File: 3B9A0178B3F011ECB1F2611CC4F9AE02.roa (raw, json) Hash identifier: +Kx60I95QbW0+vaJNQpThiXrNHkHTSHMCevIZ7U4ibQ= Subject key identifier: 0D:E2:54:BD:A6:51:EA:B0:3F:F6:B0:26:B3:80:9E:13:CC:20:4D:1C Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 79CC Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3B9A0178B3F011ECB1F2611CC4F9AE02.roa Signing time: Wed 06 Sep 2023 05:25:22 +0000 ROA not before: Wed 06 Sep 2023 05:25:22 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 146886 IP address blocks: 103.173.22.0/23 maxlen: 24 103.173.23.0/26 maxlen: 26 103.173.23.64/26 maxlen: 26 103.173.23.128/26 maxlen: 26 103.173.23.192/26 maxlen: 26 2407:de40:4200::/48 maxlen: 48 2407:de40:4300::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31180 (0x79cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Sep 6 05:25:22 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=64f80d41-106f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:17:aa:dc:24:e3:5b:7d:21:d3:c3:ca:c6:72: ad:6b:3d:65:8c:7d:63:09:83:92:36:97:dd:24:a6: 45:c8:cf:86:07:3a:7e:a9:5a:f0:9d:6f:3e:14:d8: f7:f7:0f:74:d9:06:86:d1:91:de:4f:d9:7a:45:1a: 42:2f:86:3b:ad:8d:f5:b7:21:80:5f:0b:c1:48:48: 73:c5:f3:bd:dc:f8:d4:b1:00:de:9b:b8:e0:ad:6f: e6:a6:0a:8e:5f:5c:de:88:a8:4c:85:d4:aa:13:dc: e1:af:ea:8c:1c:2e:bb:44:b0:f6:aa:bf:1b:97:a7: df:92:13:ea:77:e3:62:b3:b8:1e:0a:01:f2:96:38: 6c:ad:b7:bf:16:8b:65:f5:c6:18:6b:66:f2:62:5c: 55:3f:d3:d9:ff:d2:a4:74:9a:bb:f0:3d:11:f8:8b: 0b:fc:f8:65:70:db:e0:c2:9c:e7:1d:78:f4:45:9e: a4:c9:f9:05:7e:c5:6e:ca:e6:0c:38:cc:c7:10:d7: a8:b2:3b:30:ce:6b:2b:14:58:61:3c:71:a4:33:f8: d1:0b:89:31:e7:52:f7:19:a2:3a:4a:7c:b8:e2:e6: a4:0a:aa:08:3f:7a:bd:10:5d:ae:af:99:df:cd:7b: 05:6c:f0:33:85:9d:a1:c8:ec:02:78:24:8d:de:26: ef:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:E2:54:BD:A6:51:EA:B0:3F:F6:B0:26:B3:80:9E:13:CC:20:4D:1C X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3B9A0178B3F011ECB1F2611CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.173.22.0/23 IPv6: 2407:de40:4200::/48 2407:de40:4300::/48 Signature Algorithm: sha256WithRSAEncryption 2e:62:e5:ac:02:d7:8d:b5:b8:bd:3c:b8:0c:82:15:57:17:0b: ca:df:9d:cc:4b:d4:63:88:91:8a:87:65:14:5e:fe:05:23:00: 3b:2d:7a:20:27:7b:b8:fb:3b:8c:6d:82:ee:fa:76:eb:6a:36: cc:c2:4e:7f:bc:44:5f:9a:ba:a4:f6:2f:02:61:37:a2:62:99: c6:f2:70:b3:5b:54:b4:75:3b:52:39:db:24:5b:a5:c0:a3:40: 55:b3:09:cb:19:42:4c:7a:58:b8:33:de:30:80:6f:db:6b:7d: 06:9e:49:94:b8:d4:97:a3:e6:f3:e7:35:39:05:a5:64:fb:4e: ec:4b:98:89:db:d4:f8:38:06:ce:e9:d5:e9:0f:f9:83:8f:e3: ab:ff:13:6a:81:5b:9a:c4:b1:8a:56:03:4a:84:18:78:ca:92: 2c:8c:57:52:93:4e:e0:59:cd:0d:36:eb:a8:8a:e7:ad:a4:c5: 1d:08:7d:95:9a:19:92:4b:6e:ee:6c:8f:85:39:3c:72:a6:2f: cc:78:82:88:8a:ea:15:4e:2e:8d:74:81:da:8b:9f:6d:e9:d2: d2:3d:4a:99:51:b2:b4:51:a5:d0:c5:2f:1b:45:60:fb:0f:d0: ce:c1:e9:10:72:2f:3f:81:1a:e0:53:6c:c6:df:cb:88:1b:42: e4:1d:17:a3 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICecwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwOTA2MDUyNTIyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGY4MGQ0MS0xMDZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxheq3CTjW30h08PKxnKtaz1ljH1jCYOSNpfdJKZFyM+GBzp+qVrwnW8+FNj3 9w902QaG0ZHeT9l6RRpCL4Y7rY31tyGAXwvBSEhzxfO93PjUsQDem7jgrW/mpgqO X1zeiKhMhdSqE9zhr+qMHC67RLD2qr8bl6ffkhPqd+Nis7geCgHyljhsrbe/Fotl 9cYYa2byYlxVP9PZ/9KkdJq78D0R+IsL/PhlcNvgwpznHXj0RZ6kyfkFfsVuyuYM OMzHENeosjswzmsrFFhhPHGkM/jRC4kx51L3GaI6Sny44uakCqoIP3q9EF2ur5nf zXsFbPAzhZ2hyOwCeCSN3ibv/QIDAQABo4ICrzCCAqswHQYDVR0OBBYEFA3iVL2m UeqwP/awJrOAnhPMIE0cMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0I5QTAxNzhC M0YwMTFFQ0IxRjI2MTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMAwEAgABMAYDBAFnrRYwGAQCAAIwEgMHACQH3kBCAAMHACQH3kBDADANBgkq hkiG9w0BAQsFAAOCAQEALmLlrALXjbW4vTy4DIIVVxcLyt+dzEvUY4iRiodlFF7+ BSMAOy16ICd7uPs7jG2C7vp262o2zMJOf7xEX5q6pPYvAmE3omKZxvJws1tUtHU7 UjnbJFulwKNAVbMJyxlCTHpYuDPeMIBv22t9Bp5JlLjUl6Pm8+c1OQWlZPtO7EuY idvU+DgGzunV6Q/5g4/jq/8TaoFbmsSxilYDSoQYeMqSLIxXUpNO4FnNDTbrqIrn raTFHQh9lZoZkktu7myPhTk8cqYvzHiCiIrqFU4ujXSB2oufbenS0j1KmVGytFGl 0MUvG0Vg+w/QzsHpEHIvP4Ea4FNsxt/LiBtC5B0Xow== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:30 2024 by rpki-client on console-ams.rpki-client.org