$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/69270F98DC5E11EABC33397AC4F9AE02.roa File: 69270F98DC5E11EABC33397AC4F9AE02.roa (raw, json) Hash identifier: DcBbug32tVy9Tr/Fk1KMy9RGMB+qi2DNL+ZSpAA8ooU= Subject key identifier: F3:03:16:C4:F3:00:34:67:3E:6B:CB:12:CD:95:78:64:29:CF:B4:34 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 71B4 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/69270F98DC5E11EABC33397AC4F9AE02.roa Signing time: Wed 10 May 2023 16:49:34 +0000 ROA not before: Wed 10 May 2023 16:49:34 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 56272 IP address blocks: 43.254.108.0/22 maxlen: 24 103.3.228.0/22 maxlen: 24 103.249.80.0/22 maxlen: 24 103.249.204.0/22 maxlen: 24 180.235.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29108 (0x71b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:49:34 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bcb1d-a813 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:0f:e4:12:f6:02:70:f6:81:cf:c5:60:f9:a6: ee:ac:11:9b:cf:b6:ec:47:14:a1:48:f0:dd:9e:17: 75:6a:5e:b3:15:b7:f9:d8:86:8e:b1:dd:a1:dd:3c: 32:d6:67:55:94:47:6c:b5:c7:8a:76:73:fd:b4:f3: 0e:49:a9:27:57:6d:70:a3:f6:6f:00:3b:73:52:a2: 10:6b:0a:e1:9c:3d:b1:d5:20:bf:d7:1a:64:f5:91: 1c:7e:c3:ba:f6:64:a4:91:1e:16:9a:fb:ca:91:ec: 45:94:17:5d:7f:3d:9e:e1:c6:98:68:c1:90:c4:79: e7:3b:53:a6:c3:a1:30:ea:7f:68:06:8d:9c:f6:01: 58:73:23:b4:19:eb:2b:71:69:9f:26:90:d2:ae:90: b2:d1:ae:6c:b5:fe:6a:7e:8c:29:ec:56:1f:35:fb: d8:25:0a:7d:d4:78:a0:86:f7:66:f6:20:ed:47:77: 34:66:8f:c2:83:b2:58:5c:c5:ca:2e:ce:4a:65:e7: e0:5d:43:81:ac:88:5c:66:2c:d7:a6:a7:dc:18:80: dd:b0:30:39:1b:32:c1:a7:ee:75:05:69:3e:64:50: 17:d0:a3:48:80:29:cf:8e:ac:cc:53:11:e6:c2:85: 43:d7:a7:4c:df:2c:d4:00:46:cf:72:be:0c:3d:42: 55:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:03:16:C4:F3:00:34:67:3E:6B:CB:12:CD:95:78:64:29:CF:B4:34 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/69270F98DC5E11EABC33397AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.254.108.0/22 103.3.228.0/22 103.249.80.0/22 103.249.204.0/22 180.235.120.0/22 Signature Algorithm: sha256WithRSAEncryption 36:20:85:92:5d:18:27:17:42:1c:28:0d:cb:9b:f4:d3:49:96: 68:d6:29:99:46:e2:35:7c:fb:85:09:83:a8:37:3e:94:35:da: ae:e3:25:26:ff:33:e5:51:99:53:e9:b2:50:b5:55:af:2e:6c: 71:a0:73:8d:57:05:d9:55:7b:64:39:ce:30:5f:eb:25:c3:c3: ca:fd:70:3c:09:4a:0d:c5:eb:a4:d0:a8:5d:b2:42:f3:fe:bd: b3:4e:bd:a4:96:70:0a:4d:44:59:d6:3c:9c:13:35:e3:23:55: 1c:d5:f6:71:a9:c5:2f:dd:fd:44:03:93:4c:10:f8:be:fb:f3: 69:c0:6a:84:4e:e4:b9:cc:1e:98:8f:95:80:d3:b6:62:bb:1a: 47:e2:bf:36:e4:f5:e5:aa:5e:e0:96:95:ea:01:d9:2d:4e:64: a3:a2:bc:80:39:1d:07:6c:2f:10:1a:60:bb:c4:12:e4:d8:2b: 83:cc:1f:91:57:08:fa:ea:38:98:3f:b2:58:47:cf:b1:6b:d8: 0c:20:6e:bb:8c:84:a9:57:b9:9f:61:23:2d:4d:59:7a:be:f5: df:1e:31:1d:e7:00:7b:33:a1:f3:0b:3d:3c:8c:bb:23:c4:ef: 29:83:73:d7:9d:fb:3b:be:e5:4d:d0:3a:f3:b5:ee:55:fe:03: 42:9d:27:4f -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICcbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTY0OTM0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViY2IxZC1hODEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApQ/kEvYCcPaBz8Vg+aburBGbz7bsRxShSPDdnhd1al6zFbf52IaOsd2h3Twy 1mdVlEdstceKdnP9tPMOSaknV21wo/ZvADtzUqIQawrhnD2x1SC/1xpk9ZEcfsO6 9mSkkR4WmvvKkexFlBddfz2e4caYaMGQxHnnO1Omw6Ew6n9oBo2c9gFYcyO0Gesr cWmfJpDSrpCy0a5stf5qfowp7FYfNfvYJQp91Highvdm9iDtR3c0Zo/Cg7JYXMXK Ls5KZefgXUOBrIhcZizXpqfcGIDdsDA5GzLBp+51BWk+ZFAX0KNIgCnPjqzMUxHm woVD16dM3yzUAEbPcr4MPUJVIQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPMDFsTz ADRnPmvLEs2VeGQpz7Q0MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjkyNzBGOThE QzVFMTFFQUJDMzMzOTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAIr/mwDBAJnA+QDBAJn+VADBAJn+cwDBAK063gwDQYJKoZI hvcNAQELBQADggEBADYghZJdGCcXQhwoDcub9NNJlmjWKZlG4jV8+4UJg6g3PpQ1 2q7jJSb/M+VRmVPpslC1Va8ubHGgc41XBdlVe2Q5zjBf6yXDw8r9cDwJSg3F66TQ qF2yQvP+vbNOvaSWcApNRFnWPJwTNeMjVRzV9nGpxS/d/UQDk0wQ+L7782nAaoRO 5LnMHpiPlYDTtmK7Gkfivzbk9eWqXuCWleoB2S1OZKOivIA5HQdsLxAaYLvEEuTY K4PMH5FXCPrqOJg/slhHz7Fr2AwgbruMhKlXuZ9hIy1NWXq+9d8eMR3nAHszofML PTyMuyPE7ymDc9ed+zu+5U3QOvO17lX+A0KdJ08= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:36 2024 by rpki-client on console-ams.rpki-client.org