$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E4E2428196411EE84B58B7DC4F9AE02.roa File: 3E4E2428196411EE84B58B7DC4F9AE02.roa (raw, json) Hash identifier: w4mV61AWSpu1PDCf6tWZEO3nCoUpIR/7wf83te8bLeA= Subject key identifier: E9:B4:91:1F:55:71:62:84:C0:51:7E:C8:2A:DF:34:30:D8:2E:C5:93 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 86A2 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E4E2428196411EE84B58B7DC4F9AE02.roa Signing time: Wed 24 Apr 2024 07:56:41 +0000 ROA not before: Wed 24 Apr 2024 07:56:41 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 135139 IP address blocks: 103.99.148.0/22 maxlen: 24 103.130.88.0/22 maxlen: 24 103.130.204.0/23 maxlen: 24 103.133.220.0/23 maxlen: 24 103.183.240.0/23 maxlen: 24 103.185.84.0/23 maxlen: 24 103.185.102.0/23 maxlen: 24 103.186.124.0/23 maxlen: 24 103.186.150.0/23 maxlen: 24 103.186.220.0/23 maxlen: 24 103.186.230.0/23 maxlen: 24 103.186.232.0/23 maxlen: 24 103.187.62.0/23 maxlen: 24 103.191.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34466 (0x86a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Apr 24 07:56:41 2024 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=6628bb39-5a3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:2a:58:c4:b0:9f:19:7f:63:3f:5a:2d:c5:77: 49:5f:e7:03:13:01:c0:db:73:e6:37:40:93:38:87: 9f:34:cd:0d:a4:42:32:a8:6d:17:93:58:b0:ba:a5: 39:39:83:36:cf:16:9c:d8:c3:30:8c:31:47:e5:9c: cc:4c:ad:91:06:cd:d5:5f:70:77:1b:85:6f:5d:50: e6:8b:a6:b1:d4:c8:ab:8a:0a:f7:08:1d:24:b5:33: 31:94:5b:44:c5:88:3c:80:f1:0d:21:c2:2d:7f:2d: ec:43:88:56:89:55:70:47:a5:d7:2d:ed:19:d9:ec: 75:08:99:79:23:b6:c3:1c:a5:96:a7:df:a3:9c:9e: d5:a3:86:ed:96:3b:41:07:eb:74:6e:9b:3c:fa:45: b3:99:9e:22:d2:f1:b4:54:9d:fc:5e:01:a4:8c:8d: d7:2f:39:cc:bd:6e:04:b3:a8:93:cb:64:5d:27:0c: 64:0d:68:1a:2c:c7:51:f3:e0:01:cc:41:e8:fc:a6: 4a:de:e2:93:d8:48:37:24:72:c4:e1:e7:78:b3:4f: 9e:a0:ec:db:23:e9:ee:36:ec:13:bb:ff:c8:71:90: 0c:9e:4b:80:f5:4e:4e:06:ba:a0:15:f1:d3:9e:37: dd:82:ca:c9:97:db:cf:fc:d5:8b:3f:a8:a5:4e:bb: f8:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:B4:91:1F:55:71:62:84:C0:51:7E:C8:2A:DF:34:30:D8:2E:C5:93 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E4E2428196411EE84B58B7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.148.0/22 103.130.88.0/22 103.130.204.0/23 103.133.220.0/23 103.183.240.0/23 103.185.84.0/23 103.185.102.0/23 103.186.124.0/23 103.186.150.0/23 103.186.220.0/23 103.186.230.0-103.186.233.255 103.187.62.0/23 103.191.138.0/23 Signature Algorithm: sha256WithRSAEncryption 44:1c:9a:91:79:a0:dd:3b:c3:a5:fb:93:1d:8a:36:d2:bf:83: 72:8b:6a:af:21:e8:4e:b8:61:5d:6b:0c:ff:43:b5:ed:06:83: 39:f9:09:f3:bb:aa:1d:1f:9d:a6:cf:df:41:0f:b9:c7:48:6a: 43:5b:c2:26:99:d2:a0:24:81:5b:0b:18:3e:d3:62:70:69:b4: 9e:61:a9:47:ab:1c:d5:20:33:ec:dc:04:0e:a6:32:9c:57:b9: 2e:17:9a:b0:70:b3:ae:f4:6a:6d:9f:26:aa:ff:8a:67:77:ed: b2:58:f3:32:47:2d:3b:71:bd:ae:58:19:eb:0b:f9:6e:84:7e: d2:0f:8c:f1:cd:20:f9:aa:81:c2:71:8d:0f:00:75:fc:3a:f5: 68:0e:7c:65:67:3a:fd:e5:43:bb:e1:d2:6e:10:b8:4b:cc:bb: 53:c8:bd:b8:14:98:b2:8c:77:64:e1:21:94:71:52:18:94:85: 7a:05:c1:e7:cb:70:40:7a:0e:2e:f1:1f:1f:62:00:1a:f0:1a: aa:25:98:2e:d7:b6:51:33:f0:ca:2d:eb:cd:4e:4d:35:d9:d9: 6e:ff:46:0f:6c:8a:2f:13:b3:9b:8f:55:31:0f:9f:5f:de:95: 77:03:b4:5d:4c:3b:01:70:05:f4:97:f8:66:2e:f8:1c:46:a1: 24:8f:78:f8 -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgIDAIaiMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDQyNDA3NTY0MVoXDTI0MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjYyOGJiMzktNWEzYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKcqWMSwnxl/Yz9aLcV3SV/nAxMBwNtz5jdAkziHnzTNDaRCMqhtF5NYsLql OTmDNs8WnNjDMIwxR+WczEytkQbN1V9wdxuFb11Q5oumsdTIq4oK9wgdJLUzMZRb RMWIPIDxDSHCLX8t7EOIVolVcEel1y3tGdnsdQiZeSO2wxyllqffo5ye1aOG7ZY7 QQfrdG6bPPpFs5meItLxtFSd/F4BpIyN1y85zL1uBLOok8tkXScMZA1oGizHUfPg AcxB6PymSt7ik9hINyRyxOHneLNPnqDs2yPp7jbsE7v/yHGQDJ5LgPVOTga6oBXx 05433YLKyZfbz/zViz+opU67+PECAwEAAaOCAuUwggLhMB0GA1UdDgQWBBTptJEf VXFihMBRfsgq3zQw2C7FkzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzNFNEUyNDI4 MTk2NDExRUU4NEI1OEI3REM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMG8GCCsGAQUFBwEHAQH/ BGAwXjBcBAIAATBWAwQCZ2OUAwQCZ4JYAwQBZ4LMAwQBZ4XcAwQBZ7fwAwQBZ7lU AwQBZ7lmAwQBZ7p8AwQBZ7qWAwQBZ7rcMAwDBAFnuuYDBAFnuugDBAFnuz4DBAFn v4owDQYJKoZIhvcNAQELBQADggEBAEQcmpF5oN07w6X7kx2KNtK/g3KLaq8h6E64 YV1rDP9Dte0Ggzn5CfO7qh0fnabP30EPucdIakNbwiaZ0qAkgVsLGD7TYnBptJ5h qUerHNUgM+zcBA6mMpxXuS4XmrBws670am2fJqr/imd37bJY8zJHLTtxva5YGesL +W6EftIPjPHNIPmqgcJxjQ8Adfw69WgOfGVnOv3lQ7vh0m4QuEvMu1PIvbgUmLKM d2ThIZRxUhiUhXoFwefLcEB6Di7xHx9iABrwGqolmC7XtlEz8Mot681OTTXZ2W7/ Rg9sii8Ts5uPVTEPn1/elXcDtF1MOwFwBfSX+GYu+BxGoSSPePg= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:30 2024 by rpki-client on console-ams.rpki-client.org