$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3CB1872CDAEC11EABCCEB262C4F9AE02.roa File: 3CB1872CDAEC11EABCCEB262C4F9AE02.roa (raw, json) Hash identifier: /kimIjuk3TkonlS1bHdy9Ky2+OqJqpa7j8QohSi+yTY= Subject key identifier: 53:AF:12:56:EB:FA:3F:10:5F:00:35:4A:29:67:84:7A:08:79:99:3A Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 8274 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3CB1872CDAEC11EABCCEB262C4F9AE02.roa Signing time: Mon 05 Feb 2024 06:07:34 +0000 ROA not before: Mon 05 Feb 2024 06:07:34 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 133234 IP address blocks: 43.224.220.0/22 maxlen: 24 103.70.32.0/22 maxlen: 22 103.70.32.0/24 maxlen: 24 103.70.33.0/24 maxlen: 24 103.70.34.0/24 maxlen: 24 103.70.35.0/24 maxlen: 24 103.184.90.0/23 maxlen: 24 103.231.4.0/22 maxlen: 24 2402:d7c0::/48 maxlen: 48 2402:d7c0:1::/48 maxlen: 48 2402:d7c0:2::/48 maxlen: 48 2402:d7c0:3::/48 maxlen: 48 2402:d7c0:4::/48 maxlen: 48 2402:d7c0:5::/48 maxlen: 48 2402:d7c0:6::/48 maxlen: 48 2402:d7c0:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33396 (0x8274) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Feb 5 06:07:34 2024 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=65c07b26-6938 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:cc:4d:c0:07:84:42:e8:bc:90:9a:38:8f:4a: b4:74:2b:5b:76:c5:e2:47:8f:04:56:83:18:27:39: 4a:01:a7:b9:7f:32:b9:8b:0f:42:e3:cd:0d:01:f8: 2a:3e:30:03:2d:e3:8b:75:d4:1d:34:80:55:55:61: 61:01:3c:24:db:e4:a9:89:68:42:6e:4a:a5:2c:cd: e3:43:fe:50:a4:e0:04:0c:c3:fa:a7:35:ad:6c:68: 66:f6:17:12:a6:54:ec:69:6f:40:05:7d:35:e1:04: 83:c5:7c:d6:9a:15:45:8c:d6:85:d8:51:01:49:96: 6a:1b:e2:7e:7c:8d:4e:4d:c7:f0:39:53:07:03:78: c3:6b:b0:1a:f3:16:b0:a9:6f:ba:82:60:2e:f8:c7: 48:52:17:3b:9f:5b:5d:fc:61:92:b3:e0:2c:03:c9: e6:3f:4e:dd:39:b0:15:c6:61:38:c6:07:a3:ff:59: ec:c8:c8:70:d9:de:d3:d1:c4:86:f1:14:e1:53:63: 31:3f:61:e2:d4:56:32:b5:21:e7:fa:c1:8b:a6:8a: 97:37:88:ba:21:3a:5a:fe:d9:47:5e:37:03:58:a4: f7:4e:8d:88:e1:99:d3:e8:85:d2:18:80:b2:33:a7: 1f:7f:ae:23:b1:77:58:f9:2c:55:ae:05:66:7d:1f: 88:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:AF:12:56:EB:FA:3F:10:5F:00:35:4A:29:67:84:7A:08:79:99:3A X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3CB1872CDAEC11EABCCEB262C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.220.0/22 103.70.32.0/22 103.184.90.0/23 103.231.4.0/22 IPv6: 2402:d7c0::/45 Signature Algorithm: sha256WithRSAEncryption b4:da:aa:00:b7:49:bb:45:8b:95:2b:86:a4:a0:ee:d8:2c:e7: 63:9a:25:bf:6e:d5:04:e6:b6:3a:1d:41:e9:cb:3c:ec:d7:dc: 0c:1b:48:3a:6c:80:36:5e:90:16:26:21:67:42:f9:c2:47:4d: fa:65:70:ec:30:5e:18:c9:be:58:e0:a5:f8:3b:a1:ab:2b:11: 3e:0a:58:63:9e:b3:90:04:18:e5:2b:c3:26:24:b2:3a:c2:7c: 92:f4:b0:21:18:7f:6d:75:0b:fe:e9:20:64:84:48:24:ae:04: 97:01:1a:eb:c1:9b:9e:03:3c:e9:2c:67:92:3a:3c:2d:d7:ef: 47:9a:1b:33:4d:ce:0b:91:a9:87:37:1e:84:50:da:e7:73:4d: 30:ff:d1:4c:74:d9:7d:97:1e:bb:19:5f:40:76:91:c6:7d:6a: 90:5e:cc:7d:5e:b4:1a:26:02:db:8a:96:f7:8c:aa:2b:f0:77: ff:45:a8:b7:d4:51:dc:b4:6d:86:48:20:c5:20:c9:a7:dc:c7: 6f:a8:87:ea:40:27:9d:9a:e9:42:d3:23:f3:da:c4:43:18:19: db:af:c9:e4:55:45:b0:43:c6:85:aa:8c:69:8b:f0:0d:ba:2d: 6f:ab:1f:2b:6e:cd:ed:25:13:44:59:a1:ff:ec:46:30:ef:44: 4d:17:0b:b6 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgIDAIJ0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDIwNTA2MDczNFoXDTI0MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjVjMDdiMjYtNjkzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ/MTcAHhELovJCaOI9KtHQrW3bF4kePBFaDGCc5SgGnuX8yuYsPQuPNDQH4 Kj4wAy3ji3XUHTSAVVVhYQE8JNvkqYloQm5KpSzN40P+UKTgBAzD+qc1rWxoZvYX EqZU7GlvQAV9NeEEg8V81poVRYzWhdhRAUmWahvifnyNTk3H8DlTBwN4w2uwGvMW sKlvuoJgLvjHSFIXO59bXfxhkrPgLAPJ5j9O3TmwFcZhOMYHo/9Z7MjIcNne09HE hvEU4VNjMT9h4tRWMrUh5/rBi6aKlzeIuiE6Wv7ZR143A1ik906NiOGZ0+iF0hiA sjOnH3+uI7F3WPksVa4FZn0fiF8CAwEAAaOCArgwggK0MB0GA1UdDgQWBBRTrxJW 6/o/EF8ANUopZ4R6CHmZOjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzNDQjE4NzJD REFFQzExRUFCQ0NFQjI2MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEIGCCsGAQUFBwEHAQH/ BDMwMTAeBAIAATAYAwQCK+DcAwQCZ0YgAwQBZ7haAwQCZ+cEMA8EAgACMAkDBwMk AtfAAAAwDQYJKoZIhvcNAQELBQADggEBALTaqgC3SbtFi5UrhqSg7tgs52OaJb9u 1QTmtjodQenLPOzX3AwbSDpsgDZekBYmIWdC+cJHTfplcOwwXhjJvljgpfg7oasr ET4KWGOes5AEGOUrwyYksjrCfJL0sCEYf211C/7pIGSESCSuBJcBGuvBm54DPOks Z5I6PC3X70eaGzNNzguRqYc3HoRQ2udzTTD/0Ux02X2XHrsZX0B2kcZ9apBezH1e tBomAtuKlveMqivwd/9FqLfUUdy0bYZIIMUgyafcx2+oh+pAJ52a6ULTI/PaxEMY GduvyeRVRbBDxoWqjGmL8A26LW+rHytuze0lE0RZof/sRjDvRE0XC7Y= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:30 2024 by rpki-client on console-ams.rpki-client.org