$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6AE02C8880B011EB9581642AC4F9AE02.roa File: 6AE02C8880B011EB9581642AC4F9AE02.roa (raw, json) Hash identifier: O3V8wGSQ7/rHSHbrAmt641WlVcqeVvOMzpQPycNbCd8= Subject key identifier: 21:B2:D5:09:42:18:A2:FF:4F:A1:74:82:A4:C5:09:0F:2D:28:D9:A2 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6BA0 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6AE02C8880B011EB9581642AC4F9AE02.roa Signing time: Wed 10 May 2023 16:20:36 +0000 ROA not before: Wed 10 May 2023 16:20:36 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 135220 IP address blocks: 103.104.221.0/24 maxlen: 24 103.108.10.0/23 maxlen: 24 103.108.48.0/24 maxlen: 24 103.214.132.0/22 maxlen: 24 2404:c880::/32 maxlen: 36 2406:10c0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27552 (0x6ba0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:20:36 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc453-8873 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:de:e0:e4:b1:6e:46:81:b8:2e:47:c5:6a:3c: fe:82:98:f1:66:5b:78:86:3c:a0:f2:84:05:c0:12: d9:29:ea:b9:f2:fc:bc:f1:01:67:d6:ea:03:02:7f: f9:9f:92:c4:e9:f8:be:ec:32:da:3c:a1:51:c3:e4: 34:67:79:89:59:12:73:34:0c:68:b3:0e:1b:b8:2c: b4:51:11:64:51:d7:42:b5:03:22:b0:e3:90:cb:3a: 7c:12:9b:da:dd:55:a9:b4:35:f8:56:21:87:a5:d1: 21:69:2d:6f:d1:ea:c6:95:0d:f3:a7:20:57:4d:d0: 6a:c8:a1:d2:56:51:d8:d9:8d:d3:8d:75:1e:65:db: ec:87:33:57:98:cf:ab:cc:b2:31:28:0a:63:4c:2e: 50:7c:c5:1f:3c:4f:af:48:54:20:20:ee:fa:ce:91: 11:f7:1d:c8:29:56:68:d9:e2:01:f1:52:8d:83:33: 34:07:15:40:c3:db:86:67:3d:d1:f4:c9:49:8d:ae: cd:fe:3f:ef:85:82:6b:c2:c5:dd:80:0a:ea:a9:8f: 85:47:45:f1:cf:c4:53:84:57:1f:09:ec:d0:12:38: d6:8b:2a:2c:8d:4e:15:fb:38:1c:04:8d:02:68:2e: 7b:12:54:49:84:54:b6:c9:f7:b6:84:2c:02:1a:39: a6:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:B2:D5:09:42:18:A2:FF:4F:A1:74:82:A4:C5:09:0F:2D:28:D9:A2 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6AE02C8880B011EB9581642AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.104.221.0/24 103.108.10.0/23 103.108.48.0/24 103.214.132.0/22 IPv6: 2404:c880::/32 2406:10c0::/32 Signature Algorithm: sha256WithRSAEncryption 31:62:31:70:bf:a9:49:78:f1:b5:84:78:a7:5c:d2:a0:d9:7d: d7:86:7b:e9:f2:92:a2:fd:71:4f:f3:7b:5f:d1:8d:80:e4:5c: c2:8b:63:c5:26:0a:59:5f:9a:c7:f4:d1:b8:45:d8:0c:f8:57: 13:7c:b6:3f:ac:f8:cd:34:2a:af:e3:73:93:d3:d7:10:c3:30: 83:63:b2:20:cb:9d:cc:16:d6:97:a3:39:68:bb:37:84:23:43: 4c:d3:3c:40:42:58:3d:f2:4d:71:c4:5a:e7:5f:4c:6c:b4:76: 26:09:37:17:4c:aa:09:0f:c4:92:ed:b3:9f:08:53:04:7a:9a: 3d:65:cb:d5:18:0b:a1:d3:e2:69:ce:d5:4c:1d:ee:dc:a6:a2: 30:05:b6:19:77:db:43:96:61:ce:67:06:33:f1:13:df:e4:41: d8:83:1d:b6:c4:ad:58:61:7f:78:97:e4:f1:0f:18:e0:e9:53: fc:24:c3:23:07:e3:25:50:2b:e4:33:40:06:fd:2a:0c:4d:16: 67:5a:34:2e:2f:93:a3:b8:86:b6:c6:58:f5:36:e1:f6:8f:75: 66:22:52:89:6e:7f:f2:83:90:b7:76:b5:1a:dc:89:89:44:a4: 88:a9:26:c5:b1:f0:90:ba:cd:f2:c0:86:82:0c:fc:2f:a0:af: c4:da:49:6c -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICa6AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYyMDM2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzQ1My04ODczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyN7g5LFuRoG4LkfFajz+gpjxZlt4hjyg8oQFwBLZKeq58vy88QFn1uoDAn/5 n5LE6fi+7DLaPKFRw+Q0Z3mJWRJzNAxosw4buCy0URFkUddCtQMisOOQyzp8Epva 3VWptDX4ViGHpdEhaS1v0erGlQ3zpyBXTdBqyKHSVlHY2Y3TjXUeZdvshzNXmM+r zLIxKApjTC5QfMUfPE+vSFQgIO76zpER9x3IKVZo2eIB8VKNgzM0BxVAw9uGZz3R 9MlJja7N/j/vhYJrwsXdgArqqY+FR0Xxz8RThFcfCezQEjjWiyosjU4V+zgcBI0C aC57ElRJhFS2yfe2hCwCGjmmhQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFCGy1QlC GKL/T6F0gqTFCQ8tKNmiMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkFFMDJDODg4 MEIwMTFFQjk1ODE2NDJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MB4EAgABMBgDBABnaN0DBAFnbAoDBABnbDADBAJn1oQwFAQCAAIwDgMFACQE yIADBQAkBhDAMA0GCSqGSIb3DQEBCwUAA4IBAQAxYjFwv6lJePG1hHinXNKg2X3X hnvp8pKi/XFP83tf0Y2A5FzCi2PFJgpZX5rH9NG4RdgM+FcTfLY/rPjNNCqv43OT 09cQwzCDY7Igy53MFtaXozlouzeEI0NM0zxAQlg98k1xxFrnX0xstHYmCTcXTKoJ D8SS7bOfCFMEepo9ZcvVGAuh0+JpztVMHe7cpqIwBbYZd9tDlmHOZwYz8RPf5EHY gx22xK1YYX94l+TxDxjg6VP8JMMjB+MlUCvkM0AG/SoMTRZnWjQuL5OjuIa2xlj1 NuH2j3VmIlKJbn/yg5C3drUa3ImJRKSIqSbFsfCQus3ywIaCDPwvoK/E2kls -----END CERTIFICATE-----Generated at Sun Apr 28 15:51:24 2024 by rpki-client on console-fra.rpki-client.org