$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6D937530CF8711EC9B283587C4F9AE02.roa File: 6D937530CF8711EC9B283587C4F9AE02.roa (raw, json) Hash identifier: rsQQJVWyz2gpKkoj/O0uEiw5kSBQo8P4tNy/YFZ97/M= Subject key identifier: 12:BD:36:4A:6D:5B:4A:E5:8D:1E:2E:D7:5D:DF:C2:5F:EE:F3:47:BB Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6D96 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6D937530CF8711EC9B283587C4F9AE02.roa Signing time: Wed 10 May 2023 16:30:05 +0000 ROA not before: Wed 10 May 2023 16:30:05 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 138730 IP address blocks: 36.255.132.0/22 maxlen: 24 103.108.120.0/22 maxlen: 24 103.118.116.0/22 maxlen: 24 103.209.140.0/22 maxlen: 24 103.234.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28054 (0x6d96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:30:05 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc68d-7800 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:4d:4a:b6:7f:0a:69:0b:82:82:9d:e4:b4:9b: 62:c9:8a:b0:4d:ef:04:f1:79:8e:53:cf:8a:08:30: b7:75:fd:d5:ef:35:d4:ff:6b:99:06:30:27:93:4e: b5:3d:cf:02:65:9e:8c:55:32:3b:01:7b:75:c2:d6: e8:1f:f8:a1:fd:d1:3c:e1:d3:41:05:42:3d:81:36: 70:e6:be:ca:fb:b0:7e:3f:a7:24:d9:fd:7f:75:72: e5:4e:ff:25:de:c9:dd:23:a6:b2:2a:59:5a:39:af: 9b:91:75:b8:70:34:d5:29:dd:fa:70:9f:9f:12:c5: c6:8d:ba:f6:20:57:b0:4d:8c:e1:e6:8e:21:3d:59: a2:f9:7b:58:f6:8d:49:74:0a:c9:69:09:03:b7:83: d3:85:b2:a7:c9:7c:e0:e9:2d:13:68:8b:e4:36:1f: ee:51:b4:0e:d1:6c:9a:b8:28:0a:83:c8:0f:b0:22: 09:e2:7f:44:b4:60:26:b6:8d:6e:8b:c8:13:78:ab: b3:5f:4f:0b:de:a2:77:99:73:5d:9e:05:ce:da:1c: e4:42:1d:a7:08:c1:a1:43:ea:ea:2f:f5:dd:88:81: 65:c5:ef:fb:3c:eb:26:87:c5:4d:3e:19:a9:0c:0b: 11:51:6e:b8:83:bb:7d:b2:27:22:e3:78:fe:ea:62: 32:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:BD:36:4A:6D:5B:4A:E5:8D:1E:2E:D7:5D:DF:C2:5F:EE:F3:47:BB X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6D937530CF8711EC9B283587C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.255.132.0/22 103.108.120.0/22 103.118.116.0/22 103.209.140.0/22 103.234.64.0/22 Signature Algorithm: sha256WithRSAEncryption 2e:96:d0:10:60:cb:d3:21:07:46:aa:a8:d5:a7:e4:d7:16:c5: 4e:e5:73:bd:66:ff:51:5c:ce:66:30:67:35:10:fb:4b:e1:f2: 54:dc:0a:6b:11:4d:12:1a:7e:7f:17:d0:6f:7e:20:4b:83:2a: d6:e9:74:07:d0:09:65:0d:4f:14:fa:58:eb:c1:e8:18:65:99: 43:ea:73:6b:ca:d3:36:4b:b2:ce:95:10:b8:c0:18:35:d0:43: a2:84:7b:47:2a:1d:43:e6:18:69:ba:78:a3:f0:17:ac:5a:ac: ff:87:7a:d9:89:62:15:59:5b:a8:8d:41:f4:3f:30:9e:b4:3e: 33:f1:b3:e5:99:8c:c2:f5:0d:88:1a:74:5a:5d:11:74:5b:f0: 82:c8:04:0a:3e:68:3b:41:3f:56:7f:47:ec:13:13:69:93:05: 6b:43:68:4e:e4:4d:2f:89:82:54:44:a2:73:fa:33:48:c4:b7: 52:34:6a:d3:14:42:a6:bf:9a:5c:21:b5:a6:3c:50:1f:94:ef: 05:57:f5:c5:d4:24:54:5c:69:e9:15:7a:5f:f0:a1:db:2b:1b: df:e1:13:1b:e4:21:82:11:2f:bb:04:02:e7:d5:11:5d:67:22: 19:59:78:f3:ee:5a:b3:65:a5:f7:c0:a5:37:04:4e:b2:43:cc: 35:a0:8f:e2 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICbZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYzMDA1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzY4ZC03ODAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuk1Ktn8KaQuCgp3ktJtiyYqwTe8E8XmOU8+KCDC3df3V7zXU/2uZBjAnk061 Pc8CZZ6MVTI7AXt1wtboH/ih/dE84dNBBUI9gTZw5r7K+7B+P6ck2f1/dXLlTv8l 3sndI6ayKllaOa+bkXW4cDTVKd36cJ+fEsXGjbr2IFewTYzh5o4hPVmi+XtY9o1J dArJaQkDt4PThbKnyXzg6S0TaIvkNh/uUbQO0WyauCgKg8gPsCIJ4n9EtGAmto1u i8gTeKuzX08L3qJ3mXNdngXO2hzkQh2nCMGhQ+rqL/XdiIFlxe/7POsmh8VNPhmp DAsRUW64g7t9sici43j+6mIyjQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFBK9Nkpt W0rljR4u113fwl/u80e7MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkQ5Mzc1MzBD Rjg3MTFFQzlCMjgzNTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAIk/4QDBAJnbHgDBAJndnQDBAJn0YwDBAJn6kAwDQYJKoZI hvcNAQELBQADggEBAC6W0BBgy9MhB0aqqNWn5NcWxU7lc71m/1FczmYwZzUQ+0vh 8lTcCmsRTRIafn8X0G9+IEuDKtbpdAfQCWUNTxT6WOvB6BhlmUPqc2vK0zZLss6V ELjAGDXQQ6KEe0cqHUPmGGm6eKPwF6xarP+HetmJYhVZW6iNQfQ/MJ60PjPxs+WZ jML1DYgadFpdEXRb8ILIBAo+aDtBP1Z/R+wTE2mTBWtDaE7kTS+JglREonP6M0jE t1I0atMUQqa/mlwhtaY8UB+U7wVX9cXUJFRcaekVel/wodsrG9/hExvkIYIRL7sE AufVEV1nIhlZePPuWrNlpffApTcETrJDzDWgj+I= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:36 2024 by rpki-client on console-ams.rpki-client.org