$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/62306934E97911ED9BCB0A59C4F9AE02.roa File: 62306934E97911ED9BCB0A59C4F9AE02.roa (raw, json) Hash identifier: NnNaRF+D2a/d2dlaWY9gMoYaeBu+JafoVghWG7naaqE= Subject key identifier: 0B:FF:BB:CD:99:6E:47:A7:F3:50:40:EB:92:5A:0D:B0:1C:28:B9:54 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6F85 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/62306934E97911ED9BCB0A59C4F9AE02.roa Signing time: Wed 10 May 2023 16:39:12 +0000 ROA not before: Wed 10 May 2023 16:39:11 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 142520 IP address blocks: 103.85.88.0/22 maxlen: 23 103.85.88.0/23 maxlen: 24 103.85.91.0/24 maxlen: 24 103.159.38.0/24 maxlen: 24 2400:ada0::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 15:26:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28549 (0x6f85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:39:11 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc8af-ae14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:78:27:d4:8e:35:98:5e:a8:b6:9e:4c:8d:17: 2a:f9:b7:7b:51:e7:91:69:0a:fc:c8:b6:a3:83:c1: b2:e3:d1:50:cc:6e:6d:db:e1:4e:27:c8:54:a9:db: 73:00:20:16:c0:f4:a5:17:84:6a:a8:8a:bf:d2:2c: 9c:8e:cd:3e:05:3a:12:2a:75:a0:24:29:96:7a:71: 10:fb:91:bf:74:71:f4:af:37:4b:5d:fe:78:96:24: 35:1d:20:ec:05:86:63:6a:a5:7e:d2:6b:6e:df:81: 86:44:4f:7e:be:5a:f2:59:1c:dd:43:49:39:cb:82: a2:dc:04:97:0b:87:1d:11:7d:c6:75:4d:b6:84:ef: a0:1e:0a:dc:cb:66:cd:de:f7:98:6b:81:3c:71:39: 99:b7:5b:8a:72:26:ed:a6:33:be:1a:b2:c3:39:22: 80:bd:88:c6:0d:38:fe:72:f6:9a:04:21:a5:ef:c6: 3f:2d:2b:05:6b:80:fc:56:d3:50:23:8a:d3:30:85: 32:9a:a1:48:fa:5c:8b:27:c6:ed:b7:f0:5c:ef:cc: 67:74:14:4a:2c:cd:63:4a:43:e2:fb:18:ed:19:30: 49:44:eb:23:41:cc:d7:d7:f5:8f:79:67:4e:51:08: 75:3d:46:92:46:f0:fd:05:b9:1a:05:41:64:c2:69: 9b:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:FF:BB:CD:99:6E:47:A7:F3:50:40:EB:92:5A:0D:B0:1C:28:B9:54 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/62306934E97911ED9BCB0A59C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.85.88.0/22 103.159.38.0/24 IPv6: 2400:ada0::/32 Signature Algorithm: sha256WithRSAEncryption 1d:7b:a5:98:a3:d8:52:6c:3a:da:d1:5c:9e:29:f3:d1:aa:50: c3:65:00:82:68:73:60:a1:5f:5b:f7:15:c1:35:b2:11:73:d6: 44:ad:db:46:bc:ae:c4:5f:8b:ea:a3:bc:bf:e0:6b:46:f6:30: 21:a1:a5:0c:0a:5f:9b:3f:a9:b4:66:ee:b8:bb:b6:98:d6:3b: cb:6c:06:1e:ca:79:5f:c8:70:55:a0:7d:d7:79:76:71:76:ea: 06:54:bf:08:05:37:c5:1b:41:fe:80:c5:2f:41:b7:dd:fa:ad: 5a:38:98:60:4f:92:5e:40:7c:76:ad:01:65:8e:67:40:dc:6e: 89:f9:7a:cb:c8:d5:c5:e6:f8:ee:1e:10:fc:9e:82:37:cb:e2: 63:34:76:f1:50:fe:e1:7b:d4:2c:96:d7:a6:c8:cb:7e:39:d6: 31:21:78:0a:aa:e4:42:fa:d1:38:15:60:d6:ed:67:60:2b:5d: a5:38:67:a1:08:35:67:7f:c6:81:41:9c:e5:23:1f:85:90:20: 0d:c2:f4:4d:43:6a:e9:90:dd:2d:05:4a:76:2b:d2:ec:8e:71: f5:49:8a:03:4c:3b:76:a7:82:dd:88:9e:45:8d:bd:16:77:a4: 42:c1:ce:fb:43:0e:1d:c3:50:55:d5:8c:a0:2d:43:bd:6b:d4: 95:37:39:34 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICb4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYzOTExWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzhhZi1hZTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr3gn1I41mF6otp5MjRcq+bd7UeeRaQr8yLajg8Gy49FQzG5t2+FOJ8hUqdtz ACAWwPSlF4RqqIq/0iycjs0+BToSKnWgJCmWenEQ+5G/dHH0rzdLXf54liQ1HSDs BYZjaqV+0mtu34GGRE9+vlryWRzdQ0k5y4Ki3ASXC4cdEX3GdU22hO+gHgrcy2bN 3veYa4E8cTmZt1uKcibtpjO+GrLDOSKAvYjGDTj+cvaaBCGl78Y/LSsFa4D8VtNQ I4rTMIUymqFI+lyLJ8btt/Bc78xndBRKLM1jSkPi+xjtGTBJROsjQczX1/WPeWdO UQh1PUaSRvD9BbkaBUFkwmmb0QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAv/u82Z bken81BA65JaDbAcKLlUMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjIzMDY5MzRF OTc5MTFFRDlCQ0IwQTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnVVgDBABnnyYwDQQCAAIwBwMFACQAraAwDQYJKoZIhvcN AQELBQADggEBAB17pZij2FJsOtrRXJ4p89GqUMNlAIJoc2ChX1v3FcE1shFz1kSt 20a8rsRfi+qjvL/ga0b2MCGhpQwKX5s/qbRm7ri7tpjWO8tsBh7KeV/IcFWgfdd5 dnF26gZUvwgFN8UbQf6AxS9Bt936rVo4mGBPkl5AfHatAWWOZ0Dcbon5esvI1cXm +O4eEPyegjfL4mM0dvFQ/uF71CyW16bIy3451jEheAqq5EL60TgVYNbtZ2ArXaU4 Z6EINWd/xoFBnOUjH4WQIA3C9E1DaumQ3S0FSnYr0uyOcfVJigNMO3angt2InkWN vRZ3pELBzvtDDh3DUFXVjKAtQ71r1JU3OTQ= -----END CERTIFICATE-----Generated at Sun Apr 28 16:49:24 2024 by rpki-client on console-ams.rpki-client.org