$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3EE51F18BCFB11EAB65E512FC4F9AE02.roa File: 3EE51F18BCFB11EAB65E512FC4F9AE02.roa (raw, json) Hash identifier: nXwyjZp44urSDPr3mnV5R68ZhJh+iFusduvSDpSsA3A= Subject key identifier: 1D:21:D8:B4:3A:5F:13:FC:68:BF:A0:FF:C1:3A:3C:74:FA:69:ED:EC Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7199 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3EE51F18BCFB11EAB65E512FC4F9AE02.roa Signing time: Wed 10 May 2023 16:49:02 +0000 ROA not before: Wed 10 May 2023 16:49:02 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 45884 IP address blocks: 43.252.204.0/22 maxlen: 24 103.242.152.0/22 maxlen: 24 203.217.144.0/22 maxlen: 24 2407:ff00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29081 (0x7199) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:49:02 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bcafe-8eab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:87:cd:f5:94:ff:1e:80:fc:43:1f:b1:25:26: f4:97:bb:3d:3b:01:6b:87:3e:9c:c5:fb:bb:fd:da: 47:5f:b8:d1:d4:81:1e:a0:0c:ff:94:7e:27:c8:cd: a9:76:52:f4:32:61:6c:50:82:62:ea:ae:95:3f:0f: e3:88:dc:53:9b:88:31:a3:e7:42:10:f6:1e:1d:b5: b6:09:ec:e3:08:72:cb:65:2c:72:32:f2:ed:ce:f9: 71:da:fc:1a:cc:8f:ca:b7:43:d2:09:44:14:59:0d: a0:7d:57:df:54:04:3b:49:f2:99:28:12:46:81:42: 04:59:2d:6a:87:24:74:a7:64:d8:d5:60:01:29:eb: 1a:03:2b:9e:37:1e:7c:09:df:2f:73:50:10:75:f0: 46:5f:9e:f6:5b:31:38:e2:45:66:b6:be:b6:e6:8f: 47:18:0d:4d:83:ce:96:71:fe:43:d3:07:08:67:2a: 2e:7d:57:81:0b:04:6e:be:d0:75:45:b8:9e:0b:8d: 96:d4:46:ea:09:a3:64:fa:71:ec:dc:17:6a:77:5d: c9:09:bc:56:52:16:78:42:12:9e:5f:0d:31:6e:10: fc:8d:c5:a1:48:87:7d:aa:5b:8d:a3:36:e6:4a:ae: c6:e6:f2:35:f8:4b:42:0c:f8:e3:a9:e7:da:bb:0d: 04:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:21:D8:B4:3A:5F:13:FC:68:BF:A0:FF:C1:3A:3C:74:FA:69:ED:EC X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3EE51F18BCFB11EAB65E512FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.252.204.0/22 103.242.152.0/22 203.217.144.0/22 IPv6: 2407:ff00::/32 Signature Algorithm: sha256WithRSAEncryption 88:73:48:96:df:d5:26:4f:d6:6d:eb:e6:8e:e7:ee:9b:95:14: ed:ba:a4:74:41:19:50:3b:3e:a9:55:3e:78:ea:94:06:ee:51: 40:1f:a5:1c:f7:c3:c1:21:84:da:57:ba:f4:26:4b:5e:1c:3b: d9:3a:d8:40:33:75:4d:ce:1b:33:82:6a:f6:bd:7f:1d:aa:d8: a4:79:b3:a2:cf:23:c1:e9:99:d4:78:1b:6f:c9:b6:52:fc:40: 10:88:76:43:a4:ed:4a:c9:ed:7a:d0:0a:23:a3:fc:2d:b5:ae: 47:c4:4e:98:08:1b:16:8d:4c:5b:bd:73:0c:2f:77:3c:46:40: 45:07:ea:dc:6a:0d:16:24:10:1d:01:db:88:7f:9f:af:fb:22: a9:0b:60:9f:5c:ca:0b:b2:5a:e9:c3:f3:5b:a2:32:90:25:61: 1b:4a:b8:a1:3c:d9:e6:2e:7b:0a:7d:29:60:36:55:5d:e8:9c: 83:43:c3:3a:e5:1f:8b:7f:a0:58:e1:48:fb:18:5c:2e:de:e5: 49:71:72:f7:c7:ad:56:e0:af:2d:a6:53:b2:d2:7a:ee:39:a7: 69:37:4b:10:6a:2a:e0:e2:d5:d5:e7:5c:67:17:b5:f7:b5:80: 7e:43:7d:ea:b0:52:60:14:5c:3a:aa:8b:06:66:57:8d:31:f8: d6:22:0f:99 -----BEGIN CERTIFICATE----- MIIFjDCCBHSgAwIBAgICcZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTY0OTAyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViY2FmZS04ZWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArYfN9ZT/HoD8Qx+xJSb0l7s9OwFrhz6cxfu7/dpHX7jR1IEeoAz/lH4nyM2p dlL0MmFsUIJi6q6VPw/jiNxTm4gxo+dCEPYeHbW2CezjCHLLZSxyMvLtzvlx2vwa zI/Kt0PSCUQUWQ2gfVffVAQ7SfKZKBJGgUIEWS1qhyR0p2TY1WABKesaAyueNx58 Cd8vc1AQdfBGX572WzE44kVmtr625o9HGA1Ng86Wcf5D0wcIZyoufVeBCwRuvtB1 RbieC42W1EbqCaNk+nHs3Bdqd13JCbxWUhZ4QhKeXw0xbhD8jcWhSId9qluNozbm Sq7G5vI1+EtCDPjjqefauw0EJQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFB0h2LQ6 XxP8aL+g/8E6PHT6ae3sMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0VFNTFGMThC Q0ZCMTFFQUI2NUU1MTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E KzApMBgEAgABMBIDBAIr/MwDBAJn8pgDBALL2ZAwDQQCAAIwBwMFACQH/wAwDQYJ KoZIhvcNAQELBQADggEBAIhzSJbf1SZP1m3r5o7n7puVFO26pHRBGVA7PqlVPnjq lAbuUUAfpRz3w8EhhNpXuvQmS14cO9k62EAzdU3OGzOCava9fx2q2KR5s6LPI8Hp mdR4G2/JtlL8QBCIdkOk7UrJ7XrQCiOj/C21rkfETpgIGxaNTFu9cwwvdzxGQEUH 6txqDRYkEB0B24h/n6/7IqkLYJ9cyguyWunD81uiMpAlYRtKuKE82eYuewp9KWA2 VV3onINDwzrlH4t/oFjhSPsYXC7e5UlxcvfHrVbgry2mU7LSeu45p2k3SxBqKuDi 1dXnXGcXtfe1gH5DfeqwUmAUXDqqiwZmV40x+NYiD5k= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:30 2024 by rpki-client on console-ams.rpki-client.org