$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3F4549A0E44A11ED9BF02C16C4F9AE02.roa File: 3F4549A0E44A11ED9BF02C16C4F9AE02.roa (raw, json) Hash identifier: 7kMtZD9CMgjkbosV8ndtwzdrZvxiQUW7UJYiw1fSD2I= Subject key identifier: DB:54:E9:A2:9D:3F:66:21:82:96:E9:30:6E:8D:C8:20:51:D5:71:C8 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6B85 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3F4549A0E44A11ED9BF02C16C4F9AE02.roa Signing time: Wed 10 May 2023 16:20:05 +0000 ROA not before: Wed 10 May 2023 16:20:05 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 135175 IP address blocks: 103.77.154.0/24 maxlen: 24 103.77.155.0/24 maxlen: 24 103.216.145.0/24 maxlen: 24 103.216.146.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27525 (0x6b85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:20:05 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc434-41e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ea:3a:8a:b7:c8:8e:8a:c5:8b:90:5c:ba:87: ae:ec:2d:2d:4b:88:4a:24:bc:4f:a6:f1:de:2f:cd: ae:ba:c7:47:d8:00:78:aa:bf:5b:66:a4:27:70:bf: 6b:6f:21:e8:a6:20:a7:19:c8:5c:f9:1b:97:83:53: 50:91:1a:a4:83:b4:2b:79:ab:07:87:87:8d:84:8a: 30:98:32:60:2b:42:ca:c1:f3:36:cc:2d:57:8c:1e: 91:d2:9f:bf:7b:2b:75:40:85:fd:99:7a:fb:1b:6e: 3d:da:88:c7:56:cb:ca:b3:c6:13:e9:df:42:d7:f1: 16:5b:2c:1d:8a:a9:b7:3f:f9:bc:5e:1b:10:9c:4c: 14:86:0c:0d:de:67:a6:98:1b:f0:6e:f0:d1:87:70: ff:7a:b0:80:a1:36:66:7b:b8:e2:e8:9e:f0:bf:a7: a4:b2:4a:91:0b:b7:15:ce:2e:72:ce:5d:8b:c5:4d: 18:46:72:ea:f7:b0:88:52:85:5d:85:33:0a:c8:df: 60:c7:72:f2:6d:48:0e:65:8e:a6:cf:e0:8b:17:66: 4b:8a:02:b8:f8:bb:c4:a8:1a:32:ad:48:9d:51:10: 62:6c:47:7f:07:d5:05:02:87:a3:ea:04:7c:e4:50: 74:66:01:09:4c:90:49:4c:e5:ba:ea:44:3c:32:f5: 72:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:54:E9:A2:9D:3F:66:21:82:96:E9:30:6E:8D:C8:20:51:D5:71:C8 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3F4549A0E44A11ED9BF02C16C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.77.154.0/23 103.216.145.0-103.216.146.255 Signature Algorithm: sha256WithRSAEncryption 77:50:12:5f:ae:56:63:b5:df:de:ad:71:68:d2:ad:25:e5:a6: 19:41:62:43:f3:ca:b3:43:9a:83:67:59:48:f8:b8:44:fa:5c: f5:af:07:60:ba:b5:1b:28:9f:7c:73:e8:f9:48:f6:12:22:c9: 25:39:e7:93:a1:e7:0e:6e:cd:17:05:9f:f6:39:91:1c:0f:5c: 70:ab:f2:0d:2e:79:17:88:11:0e:57:3d:2e:76:bc:dd:cc:e7: c7:dc:a9:4a:8f:9a:7f:73:e1:3d:42:cf:d6:63:70:13:58:09: e5:02:18:9a:b4:74:26:46:e9:28:1a:ee:e1:8f:de:e3:92:74: 77:f7:3c:3f:fb:f0:40:84:ee:20:f4:54:56:2e:52:a3:4a:3d: 8d:2e:ce:60:56:0b:b8:ab:ea:b4:da:0b:12:e3:a1:6a:b4:cc: a4:1b:e3:58:03:47:c5:3e:1a:93:e5:56:f9:99:1d:4e:68:74: 8c:ab:d8:f7:ab:a2:c7:c9:ee:2e:35:b8:50:d7:ef:96:3c:96: e6:75:6f:ed:28:09:8d:e6:7a:86:7a:58:19:b8:4e:83:de:af: d9:01:b2:58:d8:57:38:6f:3f:92:f2:62:c4:03:c6:2d:df:34: fc:50:ab:fe:6d:61:c0:1c:5c:4e:01:af:76:5e:d8:78:11:3b: f9:1e:e0:ec -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICa4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYyMDA1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzQzNC00MWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvOo6irfIjorFi5Bcuoeu7C0tS4hKJLxPpvHeL82uusdH2AB4qr9bZqQncL9r byHopiCnGchc+RuXg1NQkRqkg7QreasHh4eNhIowmDJgK0LKwfM2zC1XjB6R0p+/ eyt1QIX9mXr7G2492ojHVsvKs8YT6d9C1/EWWywdiqm3P/m8XhsQnEwUhgwN3mem mBvwbvDRh3D/erCAoTZme7ji6J7wv6ekskqRC7cVzi5yzl2LxU0YRnLq97CIUoVd hTMKyN9gx3LybUgOZY6mz+CLF2ZLigK4+LvEqBoyrUidURBibEd/B9UFAoej6gR8 5FB0ZgEJTJBJTOW66kQ8MvVycQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFNtU6aKd P2YhgpbpMG6NyCBR1XHIMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0Y0NTQ5QTBF NDRBMTFFRDlCRjAyQzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQDBAFnTZowDAMEAGfYkQMEAGfYkjANBgkqhkiG9w0BAQsFAAOC AQEAd1ASX65WY7Xf3q1xaNKtJeWmGUFiQ/PKs0Oag2dZSPi4RPpc9a8HYLq1Gyif fHPo+Uj2EiLJJTnnk6HnDm7NFwWf9jmRHA9ccKvyDS55F4gRDlc9Lna83cznx9yp So+af3PhPULP1mNwE1gJ5QIYmrR0JkbpKBru4Y/e45J0d/c8P/vwQITuIPRUVi5S o0o9jS7OYFYLuKvqtNoLEuOharTMpBvjWANHxT4ak+VW+ZkdTmh0jKvY96uix8nu LjW4UNfvljyW5nVv7SgJjeZ6hnpYGbhOg96v2QGyWNhXOG8/kvJixAPGLd80/FCr /m1hwBxcTgGvdl7YeBE7+R7g7A== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:30 2024 by rpki-client on console-ams.rpki-client.org