$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/620553F8F7E011EAAF46DF4CC4F9AE02.roa File: 620553F8F7E011EAAF46DF4CC4F9AE02.roa (raw, json) Hash identifier: IZbldwun6Nbyw5D5uqM3eyMrEryo1gmleo8gN/ximQA= Subject key identifier: AD:6B:A3:5C:05:4D:CD:77:6E:B1:4F:69:1A:1C:81:03:6D:1D:2C:E3 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7AF7 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/620553F8F7E011EAAF46DF4CC4F9AE02.roa Signing time: Tue 03 Oct 2023 04:44:59 +0000 ROA not before: Tue 03 Oct 2023 04:44:59 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 138315 IP address blocks: 103.134.44.0/22 maxlen: 22 103.134.44.0/24 maxlen: 24 103.134.45.0/24 maxlen: 24 103.134.46.0/24 maxlen: 24 103.134.47.0/24 maxlen: 24 103.191.64.0/23 maxlen: 24 2400:e020::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31479 (0x7af7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Oct 3 04:44:59 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=651b9c4b-19f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:49:cb:cd:5f:65:f3:7d:a4:9c:4f:d5:7d:03: b2:a2:e3:4a:a6:c6:b1:94:a9:59:30:fc:48:53:93: 16:1c:43:e1:8e:3c:f3:16:a8:7c:ff:0a:fa:2c:da: 3e:d6:7e:57:6c:c6:d8:75:a0:63:89:6e:52:8e:bd: 8b:b4:76:90:d6:9c:3f:6a:ef:08:cb:2c:7b:c9:7c: d8:28:7a:53:e1:bf:32:58:b6:c3:0f:2b:f3:ea:0d: 82:a2:3a:5a:3f:18:0e:59:cc:32:a8:f6:01:13:ed: 53:1a:bc:aa:9f:f6:c9:9d:03:8b:4d:69:11:55:57: 7c:62:1f:4c:4b:e8:14:30:8b:c5:9f:2e:80:c0:73: 93:56:0f:6a:be:57:15:8a:fe:28:dc:18:79:f9:18: b9:ab:66:aa:6c:77:bc:ad:bf:04:42:1d:12:67:d4: 03:01:15:a2:f7:0c:96:e0:32:28:5f:d4:78:7e:6c: 2b:1d:d5:13:7c:ce:27:b8:e4:4e:04:e9:9e:69:53: fa:d3:f7:84:28:c9:3b:b8:76:73:0e:ac:64:77:0f: ae:68:dd:86:86:d7:87:86:cd:01:46:06:e5:98:7b: 39:48:0b:1e:2b:45:27:26:8f:fa:61:75:5d:1d:4a: e1:e8:14:5c:df:1a:8a:56:32:1b:b2:89:4a:cd:10: 42:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:6B:A3:5C:05:4D:CD:77:6E:B1:4F:69:1A:1C:81:03:6D:1D:2C:E3 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/620553F8F7E011EAAF46DF4CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.134.44.0/22 103.191.64.0/23 IPv6: 2400:e020::/32 Signature Algorithm: sha256WithRSAEncryption 7a:79:d0:74:2a:31:59:73:72:c0:4f:bd:14:d9:2b:62:bd:40: 1f:c3:7b:38:a8:1f:e4:1f:3f:00:95:fb:d8:cb:12:a6:84:d6: e8:50:09:0d:64:2c:a9:7c:72:3e:f1:af:ff:82:ae:74:26:ba: 61:9e:cd:34:d0:3a:81:be:16:0a:a9:d1:99:56:06:0b:5f:3c: 35:6b:43:7a:c6:88:2e:29:9c:d6:e0:cf:61:7d:85:f1:68:85: 23:1f:e7:70:a6:35:3e:a0:54:51:4b:43:46:1f:1e:b5:52:91: bb:03:8f:7d:2f:16:37:d0:67:02:37:08:ae:d8:18:b3:dd:0b: 12:ae:b7:c1:b6:23:2d:a3:3a:c7:af:e0:c8:53:88:0a:1e:36: 5a:2c:22:f5:3c:98:07:17:95:43:2f:1d:54:82:2b:f0:eb:fd: 65:06:62:b4:5c:d8:d7:13:21:f3:cb:28:95:55:8a:b3:3e:16: f6:4e:a8:b2:fb:b7:04:e7:6d:c0:d7:0e:9d:52:cf:ae:54:29: 43:95:b6:59:9d:0e:29:47:b1:46:af:4c:eb:60:92:7a:26:9b: 18:02:96:c0:aa:b7:c6:2c:f7:46:a4:f7:cf:7e:df:d5:96:2f: 58:2a:f0:dc:1c:48:f1:17:96:20:4b:95:4e:ef:93:b5:a0:c5: fe:c4:83:3b -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICevcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMxMDAzMDQ0NDU5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTFiOWM0Yi0xOWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvEnLzV9l832knE/VfQOyouNKpsaxlKlZMPxIU5MWHEPhjjzzFqh8/wr6LNo+ 1n5XbMbYdaBjiW5Sjr2LtHaQ1pw/au8Iyyx7yXzYKHpT4b8yWLbDDyvz6g2Cojpa PxgOWcwyqPYBE+1TGryqn/bJnQOLTWkRVVd8Yh9MS+gUMIvFny6AwHOTVg9qvlcV iv4o3Bh5+Ri5q2aqbHe8rb8EQh0SZ9QDARWi9wyW4DIoX9R4fmwrHdUTfM4nuORO BOmeaVP60/eEKMk7uHZzDqxkdw+uaN2GhteHhs0BRgblmHs5SAseK0UnJo/6YXVd HUrh6BRc3xqKVjIbsolKzRBC3QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFK1ro1wF Tc13brFPaRocgQNtHSzjMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjIwNTUzRjhG N0UwMTFFQUFGNDZERjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnhiwDBAFnv0AwDQQCAAIwBwMFACQA4CAwDQYJKoZIhvcN AQELBQADggEBAHp50HQqMVlzcsBPvRTZK2K9QB/DezioH+QfPwCV+9jLEqaE1uhQ CQ1kLKl8cj7xr/+CrnQmumGezTTQOoG+Fgqp0ZlWBgtfPDVrQ3rGiC4pnNbgz2F9 hfFohSMf53CmNT6gVFFLQ0YfHrVSkbsDj30vFjfQZwI3CK7YGLPdCxKut8G2Iy2j Osev4MhTiAoeNlosIvU8mAcXlUMvHVSCK/Dr/WUGYrRc2NcTIfPLKJVVirM+FvZO qLL7twTnbcDXDp1Sz65UKUOVtlmdDilHsUavTOtgknommxgClsCqt8Ys90ak989+ 39WWL1gq8NwcSPEXliBLlU7vk7Wgxf7Egzs= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:34 2024 by rpki-client on console-ams.rpki-client.org