$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/46ED3F32885A11EE9633A30CC4F9AE02.roa File: 46ED3F32885A11EE9633A30CC4F9AE02.roa (raw, json) Hash identifier: ce4pA0Dg7p+iHFsXlgRJ43fCDcDybrhNOqiZD0BB85E= Subject key identifier: 07:77:AA:C2:17:CE:F7:CA:C9:04:16:EC:39:21:E8:D3:0D:18:04:F8 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7E72 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/46ED3F32885A11EE9633A30CC4F9AE02.roa Signing time: Tue 21 Nov 2023 10:39:42 +0000 ROA not before: Tue 21 Nov 2023 10:39:41 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 58972 IP address blocks: 103.89.60.0/22 maxlen: 24 103.187.74.0/23 maxlen: 24 2406:c940::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32370 (0x7e72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Nov 21 10:39:41 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=655c88ed-ee23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:31:86:0f:ee:44:5a:b2:25:85:dd:3a:bc:80: d2:cb:4d:71:7a:4c:7b:a2:15:62:96:62:55:58:07: 67:34:e9:75:d2:54:41:2b:ff:3e:55:12:9b:4b:25: 4f:50:ce:06:7f:2a:db:32:3d:64:a8:1e:19:6e:10: b0:73:48:fd:06:93:25:c4:d0:a9:8a:be:8e:4a:88: 67:cb:fc:7d:4f:64:2a:51:a8:57:4a:93:80:30:57: f4:24:9c:e4:76:0d:ab:de:d1:38:3c:9e:50:d7:45: f7:fd:77:76:2a:da:e6:87:d8:93:78:c3:5d:da:02: 1b:e3:5c:3c:a3:49:82:58:cb:b0:80:3a:69:c8:d8: a2:52:89:35:b6:ee:1c:b6:6f:48:03:4e:85:6e:38: c4:fa:bd:cc:88:f5:4b:66:c6:cb:e3:ca:2f:e6:97: 9f:a8:fa:82:00:4c:df:c4:54:ec:90:f6:1e:a3:d5: 4a:fd:88:a1:25:d1:63:63:06:f1:12:03:51:78:48: d9:cb:b8:d5:7b:f3:95:64:6c:2b:f8:4d:b9:e1:33: 64:be:7d:a7:21:93:22:11:82:d3:74:3f:ed:6c:d5: 08:d8:56:01:5a:01:c0:06:de:6e:b6:a6:9d:68:f3: e0:7d:0c:22:6a:5e:c3:33:2d:d4:a5:40:ab:98:3d: 4c:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:77:AA:C2:17:CE:F7:CA:C9:04:16:EC:39:21:E8:D3:0D:18:04:F8 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/46ED3F32885A11EE9633A30CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.89.60.0/22 103.187.74.0/23 IPv6: 2406:c940::/32 Signature Algorithm: sha256WithRSAEncryption 31:54:82:55:fc:26:a6:44:ce:65:ca:cd:d8:09:c7:9c:f5:b0: e1:f3:58:ab:04:81:06:a3:1a:14:cb:69:3c:04:c2:bb:5d:9a: 4c:24:bb:60:b5:df:f5:f0:d4:66:a2:34:2e:34:93:b7:26:9a: 35:5b:0a:fe:fb:43:0b:34:b4:ec:f2:b3:49:33:c7:91:04:1a: bd:dc:e0:fd:24:54:c6:cc:77:14:13:be:6a:0f:eb:d2:b9:6b: 2b:35:92:9a:97:56:98:35:70:56:cc:19:20:da:e0:e5:1d:73: fe:e6:23:8d:52:9c:a1:b1:24:aa:3d:57:a8:b9:f2:54:4e:c3: 60:49:5e:6f:fc:2f:1b:40:66:d5:ae:6f:ae:31:c7:24:98:05: 26:11:bb:37:4c:2d:5a:ef:41:59:52:33:34:80:7c:fa:2e:c4: 46:9a:8b:e4:53:26:47:0b:29:a1:db:17:21:31:40:89:b6:9d: ee:9d:a3:d2:09:a2:51:31:cd:ec:5f:e4:16:6c:3e:46:54:c9: 24:76:9c:98:77:15:98:54:a0:27:34:b2:24:a5:9c:39:d5:c3: d5:b2:ae:eb:70:16:22:cc:4c:3d:31:c4:4d:6b:ae:62:5e:ce: 81:f8:a9:5a:5c:14:68:67:42:9c:68:ff:c2:c8:bc:bb:1e:df: 9e:c1:ab:4f -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICfnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMxMTIxMTAzOTQxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTVjODhlZC1lZTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwjGGD+5EWrIlhd06vIDSy01xekx7ohVilmJVWAdnNOl10lRBK/8+VRKbSyVP UM4GfyrbMj1kqB4ZbhCwc0j9BpMlxNCpir6OSohny/x9T2QqUahXSpOAMFf0JJzk dg2r3tE4PJ5Q10X3/Xd2Ktrmh9iTeMNd2gIb41w8o0mCWMuwgDppyNiiUok1tu4c tm9IA06FbjjE+r3MiPVLZsbL48ov5pefqPqCAEzfxFTskPYeo9VK/YihJdFjYwbx EgNReEjZy7jVe/OVZGwr+E254TNkvn2nIZMiEYLTdD/tbNUI2FYBWgHABt5utqad aPPgfQwial7DMy3UpUCrmD1MaQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAd3qsIX zvfKyQQW7Dkh6NMNGAT4MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDZFRDNGMzI4 ODVBMTFFRTk2MzNBMzBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnWTwDBAFnu0owDQQCAAIwBwMFACQGyUAwDQYJKoZIhvcN AQELBQADggEBADFUglX8JqZEzmXKzdgJx5z1sOHzWKsEgQajGhTLaTwEwrtdmkwk u2C13/Xw1GaiNC40k7cmmjVbCv77Qws0tOzys0kzx5EEGr3c4P0kVMbMdxQTvmoP 69K5ays1kpqXVpg1cFbMGSDa4OUdc/7mI41SnKGxJKo9V6i58lROw2BJXm/8LxtA ZtWub64xxySYBSYRuzdMLVrvQVlSMzSAfPouxEaai+RTJkcLKaHbFyExQIm2ne6d o9IJolExzexf5BZsPkZUySR2nJh3FZhUoCc0siSlnDnVw9WyrutwFiLMTD0xxE1r rmJezoH4qVpcFGhnQpxo/8LIvLse357Bq08= -----END CERTIFICATE-----Generated at Sun Apr 28 15:51:19 2024 by rpki-client on console-fra.rpki-client.org