$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3D9D4464BCFB11EAB65E512FC4F9AE02.roa File: 3D9D4464BCFB11EAB65E512FC4F9AE02.roa (raw, json) Hash identifier: WyKSjPyAtxf0b2Suw2Yh3w+gFGoUcIjcoY+L3f8j5kU= Subject key identifier: C7:75:C8:B0:35:F6:6C:3A:A8:BC:8A:CD:C5:8E:DD:BE:B6:FB:F9:63 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7169 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3D9D4464BCFB11EAB65E512FC4F9AE02.roa Signing time: Wed 10 May 2023 16:48:07 +0000 ROA not before: Wed 10 May 2023 16:48:07 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 23872 IP address blocks: 45.64.92.0/22 maxlen: 24 103.129.0.0/23 maxlen: 24 103.142.18.0/24 maxlen: 24 103.242.224.0/22 maxlen: 24 203.110.80.0/20 maxlen: 24 2404:a200::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29033 (0x7169) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:48:07 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bcac7-43ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:10:d7:0b:1f:dd:72:5a:25:f2:f1:31:09:67: 4d:81:f3:03:d3:79:34:a6:77:38:2a:4f:10:12:07: 15:28:77:a6:3d:47:31:e6:bf:c8:33:93:68:d9:c1: c2:7f:fb:0c:ca:5b:cd:a1:69:96:74:b9:40:55:9c: 99:d1:53:8e:45:f2:dd:c5:7b:a4:d5:0f:98:37:20: ae:0d:f7:1f:8a:ee:26:74:41:5e:7d:3c:f3:25:72: ac:ca:01:eb:01:02:09:e3:0a:80:d4:f4:db:52:21: 36:b8:7a:0d:c1:ff:5f:80:c6:ef:b7:5b:fd:29:1a: f4:d4:b3:57:eb:23:b1:38:41:18:07:0a:a8:6a:19: 84:7c:81:50:8e:04:0f:0a:af:ed:c6:59:a8:9b:0f: ab:b7:2d:d8:2a:bc:7d:e8:f6:59:b2:7f:d1:53:81: 75:e2:53:70:04:83:4d:24:28:d9:f8:8c:e4:44:6e: 32:b5:ac:74:dd:83:d1:3b:7e:b3:4f:77:9e:4b:bd: 6a:d1:8c:77:42:01:87:33:43:02:f0:82:74:8e:96: a1:fa:35:d9:16:11:43:0c:cb:45:06:5e:8b:8e:34: 13:dc:f3:67:3e:a5:3a:8b:21:24:91:71:b9:31:11: d6:fc:75:fa:b1:5b:90:2b:b5:95:53:ac:b4:60:9e: 27:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:75:C8:B0:35:F6:6C:3A:A8:BC:8A:CD:C5:8E:DD:BE:B6:FB:F9:63 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3D9D4464BCFB11EAB65E512FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.92.0/22 103.129.0.0/23 103.142.18.0/24 103.242.224.0/22 203.110.80.0/20 IPv6: 2404:a200::/32 Signature Algorithm: sha256WithRSAEncryption 94:df:ff:61:09:56:4f:e5:6a:05:ad:af:76:87:d2:dc:78:d7: 6c:2f:ed:98:bd:35:f4:12:ea:15:34:41:4a:b8:57:21:05:6f: 4d:b4:4f:d6:ad:71:c0:ba:2d:ce:c5:07:42:6b:ef:f5:59:9d: 5a:5a:b2:8b:4d:98:a5:57:3f:19:ec:fe:4b:e1:4b:de:22:b8: c7:24:06:1a:b9:f1:10:03:0e:a9:bc:82:cf:2f:cb:68:f3:cf: fb:3e:1c:f4:62:26:63:98:81:c6:68:af:53:db:1a:16:0e:f0: 59:fb:f3:76:0f:9b:40:40:b4:43:c2:56:07:6c:06:5c:84:2a: ac:34:9b:86:18:b7:28:45:04:83:da:0d:6f:67:7e:20:dc:7f: 5a:e4:85:b5:22:93:4f:08:f4:f0:30:79:fa:92:2f:f9:b5:49: 08:3c:a0:6c:47:1b:ce:d9:e8:d1:d6:8f:df:1c:5b:f0:df:39: 3f:32:7d:b9:9a:c0:90:ec:66:04:84:51:09:8b:a5:76:ea:00: 28:9e:7d:4c:fb:12:9c:c5:41:e3:15:81:f6:08:df:a5:1f:38: 23:7e:0a:aa:d7:f1:07:90:bf:0b:1c:d0:76:91:be:4b:00:80: 89:ab:83:73:d6:8d:8c:0a:9d:d5:cc:4b:ff:cb:c4:4b:65:df: 2d:13:e2:be -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICcWkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTY0ODA3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViY2FjNy00M2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxBDXCx/dclol8vExCWdNgfMD03k0pnc4Kk8QEgcVKHemPUcx5r/IM5No2cHC f/sMylvNoWmWdLlAVZyZ0VOORfLdxXuk1Q+YNyCuDfcfiu4mdEFefTzzJXKsygHr AQIJ4wqA1PTbUiE2uHoNwf9fgMbvt1v9KRr01LNX6yOxOEEYBwqoahmEfIFQjgQP Cq/txlmomw+rty3YKrx96PZZsn/RU4F14lNwBINNJCjZ+IzkRG4ytax03YPRO36z T3eeS71q0Yx3QgGHM0MC8IJ0jpah+jXZFhFDDMtFBl6LjjQT3PNnPqU6iyEkkXG5 MRHW/HX6sVuQK7WVU6y0YJ4nzwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFMd1yLA1 9mw6qLyKzcWO3b62+/ljMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0Q5RDQ0NjRC Q0ZCMTFFQUI2NUU1MTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAItQFwDBAFngQADBABnjhIDBAJn8uADBATLblAwDQQCAAIw BwMFACQEogAwDQYJKoZIhvcNAQELBQADggEBAJTf/2EJVk/lagWtr3aH0tx412wv 7Zi9NfQS6hU0QUq4VyEFb020T9atccC6Lc7FB0Jr7/VZnVpasotNmKVXPxns/kvh S94iuMckBhq58RADDqm8gs8vy2jzz/s+HPRiJmOYgcZor1PbGhYO8Fn783YPm0BA tEPCVgdsBlyEKqw0m4YYtyhFBIPaDW9nfiDcf1rkhbUik08I9PAwefqSL/m1SQg8 oGxHG87Z6NHWj98cW/DfOT8yfbmawJDsZgSEUQmLpXbqACiefUz7EpzFQeMVgfYI 36UfOCN+CqrX8QeQvwsc0HaRvksAgImrg3PWjYwKndXMS//LxEtl3y0T4r4= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:30 2024 by rpki-client on console-ams.rpki-client.org