$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/61E31770789311EEA4F98D4AC4F9AE02.roa File: 61E31770789311EEA4F98D4AC4F9AE02.roa (raw, json) Hash identifier: sSPOBllidx9w8fJa2J8TPO2buDvpeBTYy2jqrpxJmYo= Subject key identifier: 45:7E:10:2E:B7:07:3D:64:D5:4B:D3:5F:25:CC:DC:B3:89:D8:6D:DD Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7CEA Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/61E31770789311EEA4F98D4AC4F9AE02.roa Signing time: Wed 01 Nov 2023 08:52:23 +0000 ROA not before: Wed 01 Nov 2023 08:52:23 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 151692 IP address blocks: 43.228.172.0/23 maxlen: 24 2001:df3:1440::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31978 (0x7cea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Nov 1 08:52:23 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=654211c7-8571 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c1:e1:d3:ab:87:0d:96:37:a8:29:0e:1c:d6: a6:ed:e2:f4:98:3b:55:d2:8b:8e:7e:66:b1:9a:ba: 39:9c:c6:24:f0:43:9d:36:05:26:ef:22:47:d5:93: 76:53:59:a1:da:d3:f8:c8:2b:2e:58:cb:2d:cc:e0: d0:ab:82:4c:66:69:e9:ba:20:15:74:c6:30:76:ec: 1f:2e:e5:b5:f5:c2:73:98:03:84:a6:1c:1c:e1:f1: 73:b1:6c:53:23:c3:86:bc:48:d5:06:2e:3c:3b:df: 99:0e:16:47:d3:92:8e:ef:10:a9:82:26:35:13:64: 48:3e:bd:e4:66:dd:3b:d6:a5:f1:57:da:bf:7d:c2: c0:2e:a4:93:ac:f4:0d:ed:45:59:57:70:af:f0:e8: 15:ce:a7:3e:2e:2e:d2:57:4c:3a:d1:68:11:4f:e3: dc:76:b3:9c:fe:ef:b4:a8:4e:71:86:7f:22:b7:bc: 15:58:dd:13:86:62:37:68:71:e5:fb:73:03:a9:2d: f9:1f:ec:28:a6:17:02:37:4a:ca:c1:44:95:25:85: 38:76:3e:33:87:5c:8d:67:5d:82:e4:99:83:78:55: 80:30:d1:47:aa:48:ee:97:53:55:08:07:50:40:5b: 63:44:3a:80:6a:21:92:9c:fc:2f:d6:4d:41:e2:45: cb:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:7E:10:2E:B7:07:3D:64:D5:4B:D3:5F:25:CC:DC:B3:89:D8:6D:DD X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/61E31770789311EEA4F98D4AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.172.0/23 IPv6: 2001:df3:1440::/48 Signature Algorithm: sha256WithRSAEncryption 49:75:8b:b6:af:0d:54:2f:59:87:25:9c:77:45:0d:54:ab:dd: 92:d7:ba:05:74:cb:37:b5:72:e0:2b:39:f9:fc:9f:d2:1e:bb: 54:90:0d:3d:0d:ff:ed:65:44:ba:ee:7b:5e:1f:10:32:8b:fd: ab:f3:87:07:b0:60:62:01:4d:4f:ef:0c:b7:09:db:ed:a4:50: 04:f9:32:19:c5:5e:90:8b:3d:de:66:de:4f:06:09:39:a4:73: c5:99:9b:8f:72:3a:03:92:b0:34:7d:e8:32:60:58:a1:dd:31: 81:82:07:7d:3f:52:bc:c7:a6:a9:09:bc:47:8f:db:ae:7c:89: 1d:2f:36:49:65:a6:99:68:e6:bc:7f:6c:8d:a2:98:94:6a:ef: 82:4f:53:66:fd:21:ad:57:8e:2b:7d:fb:df:ba:8b:43:b9:0e: 1d:fa:54:69:95:87:1b:90:75:bb:00:74:60:dd:1e:28:58:99: 58:e2:93:2e:93:65:12:6b:a1:b5:4f:b6:20:b4:ec:2a:6c:e5: c9:75:38:d5:c9:e5:a7:36:c5:b8:4f:db:18:54:f1:3e:a5:cb: 45:38:cc:dc:de:c4:b7:aa:66:d2:53:31:d2:99:18:1b:81:e7: f3:55:a2:cf:dd:90:eb:ab:eb:7e:31:ad:68:14:01:08:c2:c0: 9f:c5:12:64 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICfOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMxMTAxMDg1MjIzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTQyMTFjNy04NTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3sHh06uHDZY3qCkOHNam7eL0mDtV0ouOfmaxmro5nMYk8EOdNgUm7yJH1ZN2 U1mh2tP4yCsuWMstzODQq4JMZmnpuiAVdMYwduwfLuW19cJzmAOEphwc4fFzsWxT I8OGvEjVBi48O9+ZDhZH05KO7xCpgiY1E2RIPr3kZt071qXxV9q/fcLALqSTrPQN 7UVZV3Cv8OgVzqc+Li7SV0w60WgRT+PcdrOc/u+0qE5xhn8it7wVWN0ThmI3aHHl +3MDqS35H+wophcCN0rKwUSVJYU4dj4zh1yNZ12C5JmDeFWAMNFHqkjul1NVCAdQ QFtjRDqAaiGSnPwv1k1B4kXLawIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFEV+EC63 Bz1k1UvTXyXM3LOJ2G3dMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjFFMzE3NzA3 ODkzMTFFRUE0Rjk4RDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAEr5KwwDwQCAAIwCQMHACABDfMUQDANBgkqhkiG9w0BAQsF AAOCAQEASXWLtq8NVC9ZhyWcd0UNVKvdkte6BXTLN7Vy4Cs5+fyf0h67VJANPQ3/ 7WVEuu57Xh8QMov9q/OHB7BgYgFNT+8Mtwnb7aRQBPkyGcVekIs93mbeTwYJOaRz xZmbj3I6A5KwNH3oMmBYod0xgYIHfT9SvMemqQm8R4/brnyJHS82SWWmmWjmvH9s jaKYlGrvgk9TZv0hrVeOK33737qLQ7kOHfpUaZWHG5B1uwB0YN0eKFiZWOKTLpNl EmuhtU+2ILTsKmzlyXU41cnlpzbFuE/bGFTxPqXLRTjM3N7Et6pm0lMx0pkYG4Hn 81Wiz92Q66vrfjGtaBQBCMLAn8USZA== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:34 2024 by rpki-client on console-ams.rpki-client.org