$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4949BF9C95C711EEBB51B61FC4F9AE02.roa File: 4949BF9C95C711EEBB51B61FC4F9AE02.roa (raw, json) Hash identifier: NkudKwvmmRv/+RpJy/Mm/7W0bdTsHV5lluc9S4otgkM= Subject key identifier: C0:A8:FE:09:63:2A:07:DA:9E:B3:80:AD:03:51:04:34:38:BB:33:E9 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 85E9 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4949BF9C95C711EEBB51B61FC4F9AE02.roa Signing time: Thu 04 Apr 2024 11:26:47 +0000 ROA not before: Thu 04 Apr 2024 11:26:47 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 150046 IP address blocks: 103.147.128.0/24 maxlen: 24 103.163.60.0/24 maxlen: 24 103.163.126.0/23 maxlen: 24 103.191.114.0/23 maxlen: 24 2001:df0:ffc0::/48 maxlen: 48 2001:df6:1780::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34281 (0x85e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Apr 4 11:26:47 2024 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=660e8e77-66dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:d8:ec:6d:31:ad:fb:2c:eb:75:5d:6c:21:7c: 23:9e:52:d3:c0:e2:21:d0:88:e5:88:b8:bd:8b:01: 04:04:d6:f7:d7:95:76:f2:9f:49:ba:1b:9d:2f:88: 91:74:87:09:1f:ac:48:0c:92:cf:90:ac:9e:e3:f9: 1e:fe:4d:21:b5:90:d3:89:2d:07:a0:6d:a7:9f:c7: e4:2a:50:43:ac:14:4c:c2:c9:e2:a6:da:aa:e9:c3: 3d:6d:36:b1:85:df:5e:3f:3d:9e:42:8e:1d:f5:f7: 13:fe:06:05:56:55:41:f2:50:7c:7e:6e:74:66:f3: 0a:74:8e:09:47:89:a1:7b:ac:e7:e6:6f:85:da:ef: 97:c7:d1:39:2c:78:a1:87:27:5c:84:ea:31:80:44: 77:4e:dc:46:9b:c6:08:c2:59:4a:d7:d8:bd:1e:b1: dc:7f:e1:47:c8:78:ae:94:13:0c:c3:92:56:34:4e: 9b:d2:2b:47:e1:44:c5:c7:75:61:ce:f2:00:3f:2f: 83:86:f3:9e:38:74:a8:1c:a2:b9:9c:3b:c6:26:2a: ea:9d:b4:eb:0a:70:f6:f3:3b:fc:72:9e:90:6e:a4: 1d:0f:8a:a7:8b:ce:86:24:07:14:52:96:58:b2:9a: d0:90:b9:09:e4:38:65:8f:1c:7c:d9:11:8c:d4:81: 48:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:A8:FE:09:63:2A:07:DA:9E:B3:80:AD:03:51:04:34:38:BB:33:E9 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4949BF9C95C711EEBB51B61FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.147.128.0/24 103.163.60.0/24 103.163.126.0/23 103.191.114.0/23 IPv6: 2001:df0:ffc0::/48 2001:df6:1780::/48 Signature Algorithm: sha256WithRSAEncryption 0f:77:66:c0:c5:48:0e:d2:93:1e:ae:92:8d:f4:ef:82:6f:6b: c1:ee:c9:81:c9:74:b0:e6:e2:31:d8:1e:2f:9c:35:07:9a:9b: 36:61:7a:78:b9:1f:ed:fc:25:c7:e4:b2:d8:04:0b:00:8e:ef: f4:9b:cf:62:75:ca:55:46:42:54:d4:6e:b8:91:b5:25:0d:36: d4:52:20:a2:a5:bc:f4:75:1e:0c:15:7b:43:33:f6:a5:19:0e: 0c:48:45:15:df:93:d7:f6:95:3a:3b:04:32:c3:27:fb:a8:61: df:cb:ea:2b:5b:39:53:35:7d:74:b4:01:ea:0c:7d:c3:92:5d: d8:cc:97:94:ae:74:66:a6:da:cf:7f:31:fd:74:75:32:b5:14: 66:de:c3:83:45:28:ca:94:5e:12:83:93:88:fa:7b:78:c7:c8: 3e:db:00:02:1e:07:58:a4:56:66:68:a6:4f:ab:e9:56:d3:87: f9:62:65:42:f9:e3:ce:63:98:e9:57:2e:a8:e6:e4:5f:e2:63: 76:3a:5f:0e:03:68:f1:16:aa:8e:9d:28:8a:22:5e:9b:93:a7: ca:f7:fd:74:70:8b:ce:42:58:3d:c6:ed:ea:17:19:12:61:f9: 9f:23:cc:33:08:e9:ca:55:a9:a8:9e:ae:c6:46:7b:01:be:19: 8b:08:a8:67 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIDAIXpMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDQwNDExMjY0N1oXDTI0MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjYwZThlNzctNjZkZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOnY7G0xrfss63VdbCF8I55S08DiIdCI5Yi4vYsBBATW99eVdvKfSbobnS+I kXSHCR+sSAySz5CsnuP5Hv5NIbWQ04ktB6Btp5/H5CpQQ6wUTMLJ4qbaqunDPW02 sYXfXj89nkKOHfX3E/4GBVZVQfJQfH5udGbzCnSOCUeJoXus5+Zvhdrvl8fROSx4 oYcnXITqMYBEd07cRpvGCMJZStfYvR6x3H/hR8h4rpQTDMOSVjROm9IrR+FExcd1 Yc7yAD8vg4bznjh0qByiuZw7xiYq6p206wpw9vM7/HKekG6kHQ+Kp4vOhiQHFFKW WLKa0JC5CeQ4ZY8cfNkRjNSBSIECAwEAAaOCAsEwggK9MB0GA1UdDgQWBBTAqP4J YyoH2p6zgK0DUQQ0OLsz6TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQ5NDlCRjlD OTVDNzExRUVCQjUxQjYxRkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEsGCCsGAQUFBwEHAQH/ BDwwOjAeBAIAATAYAwQAZ5OAAwQAZ6M8AwQBZ6N+AwQBZ79yMBgEAgACMBIDBwAg AQ3w/8ADBwAgAQ32F4AwDQYJKoZIhvcNAQELBQADggEBAA93ZsDFSA7Skx6uko30 74Jva8HuyYHJdLDm4jHYHi+cNQeamzZheni5H+38JcfkstgECwCO7/Sbz2J1ylVG QlTUbriRtSUNNtRSIKKlvPR1HgwVe0Mz9qUZDgxIRRXfk9f2lTo7BDLDJ/uoYd/L 6itbOVM1fXS0AeoMfcOSXdjMl5SudGam2s9/Mf10dTK1FGbew4NFKMqUXhKDk4j6 e3jHyD7bAAIeB1ikVmZopk+r6VbTh/liZUL5485jmOlXLqjm5F/iY3Y6Xw4DaPEW qo6dKIoiXpuTp8r3/XRwi85CWD3G7eoXGRJh+Z8jzDMI6cpVqaiersZGewG+GYsI qGc= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:31 2024 by rpki-client on console-ams.rpki-client.org