$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/63DC22FA9B7E11EB924D0A5AC4F9AE02.roa File: 63DC22FA9B7E11EB924D0A5AC4F9AE02.roa (raw, json) Hash identifier: TDw7tG9d3iBNw54svT+McBO1wGwjtCgJ1kYStsS52f8= Subject key identifier: AC:19:B1:9E:DC:AF:44:17:45:5F:33:49:CD:C3:C8:64:BD:64:E8:C5 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 69DF Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/63DC22FA9B7E11EB924D0A5AC4F9AE02.roa Signing time: Wed 10 May 2023 16:11:57 +0000 ROA not before: Wed 10 May 2023 16:11:57 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 131215 IP address blocks: 27.113.252.0/22 maxlen: 24 45.116.120.0/22 maxlen: 24 103.15.56.0/24 maxlen: 24 103.15.57.0/24 maxlen: 24 103.15.58.0/24 maxlen: 24 103.15.59.0/24 maxlen: 24 103.20.28.0/22 maxlen: 24 103.56.180.0/22 maxlen: 24 103.182.74.0/23 maxlen: 24 103.183.88.0/23 maxlen: 24 111.235.72.0/22 maxlen: 24 112.140.188.0/24 maxlen: 24 112.140.189.0/24 maxlen: 24 112.140.190.0/24 maxlen: 24 112.140.191.0/24 maxlen: 24 150.107.236.0/22 maxlen: 24 2001:df0:76c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27103 (0x69df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:11:57 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc24d-5a44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:4b:a7:ab:eb:93:27:1f:4d:68:f9:ce:68:51: 24:9e:4d:85:08:b7:fa:f8:45:92:49:f6:e5:65:5f: 4d:2f:b1:47:7f:44:67:87:9e:9f:33:35:10:b8:a4: 1b:78:95:d2:8d:ab:15:45:50:4f:c2:b2:ec:99:8a: 87:6b:ed:36:ea:09:2f:f4:e8:1e:0b:cd:b2:f0:17: 23:fd:7a:57:3b:ee:09:ea:8e:1e:7f:c6:6f:79:5d: 0f:f8:cc:b9:8e:9c:26:64:a7:c5:af:c0:b8:8d:61: ee:43:38:6f:22:df:ef:c4:c7:5c:dd:83:5b:88:2e: a9:22:12:c5:c5:f9:48:d0:d8:09:7e:a5:d0:ba:6c: 10:2a:8f:89:0d:62:88:74:b2:6f:38:51:1c:8c:b0: 22:d6:80:0c:64:9b:5f:c7:95:23:5a:4f:98:87:e4: 46:ef:83:a9:5b:a3:4d:22:f5:86:27:4c:8f:a9:df: b2:2b:7d:ad:3a:f1:7a:c3:d1:69:00:dd:5b:75:c5: b3:2b:0f:77:31:7b:32:f6:ff:8e:3b:19:10:b8:6d: 9e:a3:b6:5a:ae:f8:87:93:d1:4e:64:60:0a:dc:8a: e6:3e:b6:98:fb:90:dd:92:fb:f8:65:ac:ce:a5:c7: f4:79:1e:b0:7f:ba:93:fa:76:0f:ce:7d:40:c1:18: c2:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:19:B1:9E:DC:AF:44:17:45:5F:33:49:CD:C3:C8:64:BD:64:E8:C5 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/63DC22FA9B7E11EB924D0A5AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.113.252.0/22 45.116.120.0/22 103.15.56.0/22 103.20.28.0/22 103.56.180.0/22 103.182.74.0/23 103.183.88.0/23 111.235.72.0/22 112.140.188.0/22 150.107.236.0/22 IPv6: 2001:df0:76c0::/48 Signature Algorithm: sha256WithRSAEncryption 7a:de:d9:b1:1e:24:0b:de:a1:57:95:fa:f5:1e:e9:d3:80:ef: 4e:08:c4:34:5c:69:28:c6:36:3f:ce:27:2a:6d:89:24:bc:cb: 8f:20:3e:8c:ae:24:56:9c:20:aa:cb:59:da:18:87:ee:ad:a7: ed:80:d5:a4:a3:84:c6:8b:6e:04:2e:f6:97:85:8a:ad:fc:40: 4c:09:64:9d:b9:e2:46:a4:2b:3a:a6:8e:14:ab:ff:7d:51:fa: cb:9d:10:f4:91:bb:a7:b3:e9:9c:dc:be:83:01:1b:ff:c0:9a: 90:f4:54:d3:47:46:df:1b:9f:94:6b:30:6d:6f:28:18:01:da: 8a:6f:d1:7a:95:fa:e7:aa:8d:25:ab:fd:12:a4:f9:14:27:4c: 86:65:52:55:60:63:bb:7d:ce:58:db:b9:36:24:e5:a2:ee:80: 5d:f9:4f:c9:15:38:c5:40:6f:27:65:e1:b9:e7:0d:ac:27:50: a9:cf:c2:ba:55:be:47:28:17:c7:c5:19:15:04:f4:82:3e:7b: af:5f:6b:af:24:23:15:aa:7a:08:f4:ec:60:df:78:33:ec:0a: 2d:96:24:19:19:5b:da:1e:24:84:1a:01:75:ae:21:49:08:96: 6a:a1:71:37:0f:d2:9f:de:99:6c:22:71:ab:06:15:f9:07:49: 51:27:4c:da -----BEGIN CERTIFICATE----- MIIFuDCCBKCgAwIBAgICad8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYxMTU3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzI0ZC01YTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuUunq+uTJx9NaPnOaFEknk2FCLf6+EWSSfblZV9NL7FHf0Rnh56fMzUQuKQb eJXSjasVRVBPwrLsmYqHa+026gkv9OgeC82y8Bcj/XpXO+4J6o4ef8ZveV0P+My5 jpwmZKfFr8C4jWHuQzhvIt/vxMdc3YNbiC6pIhLFxflI0NgJfqXQumwQKo+JDWKI dLJvOFEcjLAi1oAMZJtfx5UjWk+Yh+RG74OpW6NNIvWGJ0yPqd+yK32tOvF6w9Fp AN1bdcWzKw93MXsy9v+OOxkQuG2eo7ZarviHk9FOZGAK3IrmPraY+5Ddkvv4ZazO pcf0eR6wf7qT+nYPzn1AwRjCPQIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFKwZsZ7c r0QXRV8zSc3DyGS9ZOjFMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjNEQzIyRkE5 QjdFMTFFQjkyNEQwQTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E VzBVMEIEAgABMDwDBAIbcfwDBAItdHgDBAJnDzgDBAJnFBwDBAJnOLQDBAFntkoD BAFnt1gDBAJv60gDBAJwjLwDBAKWa+wwDwQCAAIwCQMHACABDfB2wDANBgkqhkiG 9w0BAQsFAAOCAQEAet7ZsR4kC96hV5X69R7p04DvTgjENFxpKMY2P84nKm2JJLzL jyA+jK4kVpwgqstZ2hiH7q2n7YDVpKOExotuBC72l4WKrfxATAlknbniRqQrOqaO FKv/fVH6y50Q9JG7p7PpnNy+gwEb/8CakPRU00dG3xuflGswbW8oGAHaim/RepX6 56qNJav9EqT5FCdMhmVSVWBju33OWNu5NiTlou6AXflPyRU4xUBvJ2XhuecNrCdQ qc/CulW+RygXx8UZFQT0gj57r19rryQjFap6CPTsYN94M+wKLZYkGRlb2h4khBoB da4hSQiWaqFxNw/Sn96ZbCJxqwYV+QdJUSdM2g== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:35 2024 by rpki-client on console-ams.rpki-client.org