$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/54167E4C02DB11EBB4DBB51CC4F9AE02.roa File: 54167E4C02DB11EBB4DBB51CC4F9AE02.roa (raw, json) Hash identifier: LFJ2Fi19Zh5dEqAQ1xTB83A+o/AtMANvXXzA7Ttwwao= Subject key identifier: A4:35:C7:CC:11:47:61:4A:5B:5C:40:54:07:39:78:AE:3F:49:8C:C4 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 69E3 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/54167E4C02DB11EBB4DBB51CC4F9AE02.roa Signing time: Wed 10 May 2023 16:12:01 +0000 ROA not before: Wed 10 May 2023 16:12:01 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 131459 IP address blocks: 43.250.40.0/22 maxlen: 24 103.5.112.0/22 maxlen: 24 103.242.136.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27107 (0x69e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:12:01 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc251-8f94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:02:74:70:f7:7c:64:9e:0a:46:8c:ed:78:aa: 41:38:98:da:3e:0d:b1:07:97:b0:77:fe:c6:4d:a6: 1d:45:f1:63:e3:6a:08:40:67:f1:e2:a0:b4:a1:2d: 0d:f6:a4:f5:ad:49:9f:3c:48:6d:02:61:a2:80:63: 7f:65:52:f9:ac:b2:4f:26:10:f6:f8:82:7a:9d:f6: 73:e1:3d:18:79:9a:37:01:3b:ea:c4:18:23:4e:98: 98:cf:f1:f5:bf:21:d0:0a:b7:d7:4a:32:72:0c:89: 96:ea:e6:20:3c:c1:6f:44:73:3b:26:cd:80:c6:f9: 85:0d:19:25:9d:4f:94:80:2c:df:06:3c:28:5f:58: ee:41:e3:80:9d:37:5e:6b:eb:72:c5:94:db:5b:fd: 4c:89:c5:f6:a5:5a:8e:e9:e6:81:b7:2f:0e:24:0f: f1:5e:2b:2f:5f:c9:58:c1:c4:6f:cc:51:89:c3:0b: 66:b7:83:b0:b2:8f:d7:17:0f:08:67:9b:d7:5c:a8: 1b:2c:9a:45:68:88:59:15:66:38:4b:75:d5:a0:80: c2:58:ad:40:1b:f3:31:4a:3f:ac:7c:69:8c:0e:79: 3c:22:e7:9a:05:10:b5:b2:b2:a9:6f:1d:00:60:fc: a3:5e:ac:7e:3e:80:e5:36:a8:16:31:b5:a2:b2:a5: fd:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:35:C7:CC:11:47:61:4A:5B:5C:40:54:07:39:78:AE:3F:49:8C:C4 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/54167E4C02DB11EBB4DBB51CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.250.40.0/22 103.5.112.0/22 103.242.136.0/22 Signature Algorithm: sha256WithRSAEncryption 63:32:e4:c8:b7:a1:7a:52:64:2b:6d:7b:f0:9d:3f:a4:01:83: 9b:36:2d:1e:a1:db:c2:f8:ca:02:10:d6:1a:5c:a3:35:65:25: bf:0a:bf:3b:96:b2:53:33:52:83:a2:0f:e5:cd:4e:43:2e:08: e1:0e:e4:67:ae:b0:5c:c1:fc:ba:04:90:d8:79:1e:13:65:e0: b4:1a:90:db:56:b9:6d:d1:50:da:77:e0:14:6b:85:6c:f2:62: 05:55:8c:2a:7b:f2:11:99:3c:92:fc:51:50:8f:75:1d:e9:51: 9f:8e:07:e6:f1:0a:ea:86:75:68:4f:c2:b4:2f:5a:fe:db:36: 22:87:83:41:34:57:24:4b:86:b8:bd:22:dc:b6:cf:e5:59:f5: b7:3b:85:32:a0:3b:0c:03:17:9e:d3:06:aa:f2:e4:2f:2b:a6: ce:cb:b2:f9:8f:12:15:69:19:51:da:08:be:46:aa:9c:de:7f: 8e:4d:2e:7a:fd:72:ba:67:31:99:04:73:04:99:8b:57:ab:e7: 25:ab:67:2f:fc:93:b4:a1:e7:e5:f5:07:b7:cf:1f:c4:ce:ee: 4e:0f:58:99:fc:ce:a0:44:8f:a8:d0:26:d8:c1:65:db:aa:57: 9d:8c:ea:35:e8:19:93:45:78:8b:3a:7b:58:18:12:56:e0:d9: 7a:27:ad:fc -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICaeMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYxMjAxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzI1MS04Zjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvgJ0cPd8ZJ4KRozteKpBOJjaPg2xB5ewd/7GTaYdRfFj42oIQGfx4qC0oS0N 9qT1rUmfPEhtAmGigGN/ZVL5rLJPJhD2+IJ6nfZz4T0YeZo3ATvqxBgjTpiYz/H1 vyHQCrfXSjJyDImW6uYgPMFvRHM7Js2AxvmFDRklnU+UgCzfBjwoX1juQeOAnTde a+tyxZTbW/1MicX2pVqO6eaBty8OJA/xXisvX8lYwcRvzFGJwwtmt4Owso/XFw8I Z5vXXKgbLJpFaIhZFWY4S3XVoIDCWK1AG/MxSj+sfGmMDnk8IueaBRC1srKpbx0A YPyjXqx+PoDlNqgWMbWisqX9uwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKQ1x8wR R2FKW1xAVAc5eK4/SYzEMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTQxNjdFNEMw MkRCMTFFQkI0REJCNTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBAIr+igDBAJnBXADBAJn8ogwDQYJKoZIhvcNAQELBQADggEB AGMy5Mi3oXpSZCtte/CdP6QBg5s2LR6h28L4ygIQ1hpcozVlJb8KvzuWslMzUoOi D+XNTkMuCOEO5GeusFzB/LoEkNh5HhNl4LQakNtWuW3RUNp34BRrhWzyYgVVjCp7 8hGZPJL8UVCPdR3pUZ+OB+bxCuqGdWhPwrQvWv7bNiKHg0E0VyRLhri9Ity2z+VZ 9bc7hTKgOwwDF57TBqry5C8rps7LsvmPEhVpGVHaCL5Gqpzef45NLnr9crpnMZkE cwSZi1er5yWrZy/8k7Sh5+X1B7fPH8TO7k4PWJn8zqBEj6jQJtjBZduqV52M6jXo GZNFeIs6e1gYElbg2Xonrfw= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:33 2024 by rpki-client on console-ams.rpki-client.org