$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/75D86E70BCFC11EAB86EE937C4F9AE02.roa File: 75D86E70BCFC11EAB86EE937C4F9AE02.roa (raw, json) Hash identifier: 3ajaIogUCiDJHhzuArHqpIFt8TLJKdd4LWFvQKFslKY= Subject key identifier: 45:3C:9D:B3:B0:F3:1A:DF:13:2D:A0:94:22:3A:24:2A:C8:67:7A:11 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6BA6 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/75D86E70BCFC11EAB86EE937C4F9AE02.roa Signing time: Wed 10 May 2023 16:20:42 +0000 ROA not before: Wed 10 May 2023 16:20:42 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 135227 IP address blocks: 103.98.210.0/23 maxlen: 23 103.123.38.0/24 maxlen: 24 103.149.154.0/24 maxlen: 24 103.212.235.0/24 maxlen: 24 2403:9dc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27558 (0x6ba6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:20:42 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc45a-f168 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:48:5e:65:aa:79:ce:d6:0c:16:bb:89:9d:42: 3f:22:64:0c:b4:d5:63:12:6c:e8:3f:b3:ef:21:3d: 11:27:32:b9:a0:26:2f:d2:ce:0f:a5:a7:d4:bc:37: 01:7e:11:53:61:ad:7c:db:aa:8c:b7:53:70:27:66: 2d:1e:c2:57:ff:7c:8e:c0:39:91:20:44:78:30:34: 02:64:70:86:61:ce:52:9f:4b:30:0b:b3:86:52:7f: 52:37:92:ce:32:b0:e0:0b:d5:ec:d9:c2:53:32:8c: 93:e4:81:a7:63:11:98:55:6c:1a:cb:2b:08:da:15: fb:a9:a8:ed:3d:86:fe:09:17:1f:96:f0:ee:9e:99: 52:1d:62:0f:a7:96:56:41:85:c1:8c:cc:61:bd:ce: 95:bb:26:23:97:4e:4a:35:7e:d2:10:d0:32:63:76: 57:2e:e3:2a:7c:eb:54:88:e7:5a:23:00:53:fe:25: d7:2a:8a:b4:3a:38:86:1d:87:bd:7b:0b:72:18:39: bd:28:58:e0:4d:21:4f:15:72:bc:e1:3c:75:f7:f4: a5:31:49:79:ef:75:d7:f6:78:96:51:d9:ac:59:99: 22:7f:83:fc:d4:f3:c6:14:ab:92:03:8b:35:fd:95: 6a:16:4f:14:2e:71:ac:e5:82:38:28:5d:b7:3c:fd: f8:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:3C:9D:B3:B0:F3:1A:DF:13:2D:A0:94:22:3A:24:2A:C8:67:7A:11 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/75D86E70BCFC11EAB86EE937C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.98.210.0/23 103.123.38.0/24 103.149.154.0/24 103.212.235.0/24 IPv6: 2403:9dc0::/32 Signature Algorithm: sha256WithRSAEncryption 4f:83:af:96:58:58:40:7f:ef:58:53:07:77:c4:ef:cc:fc:7a: 15:3b:b3:89:de:97:29:62:ad:6b:67:05:7f:68:08:5a:35:54: 05:e0:c2:83:4f:ff:6a:77:c4:de:fa:8f:08:6d:37:fb:1a:a7: d6:78:93:57:b6:26:2d:d5:c2:3a:ef:ca:80:47:81:f5:5a:c5: 0d:e1:dc:e9:4e:48:66:64:5e:9d:72:14:60:b7:07:a1:84:e9: 18:d4:68:c5:59:82:a8:6e:bc:15:b8:b0:52:87:24:50:f7:09: 84:3e:7c:f4:4c:fa:b3:ce:2b:a8:5f:27:59:70:ce:43:fd:84: 34:76:ee:7c:56:5a:ae:84:f2:ae:46:95:b0:ce:e7:24:fb:0f: cd:07:6b:9c:40:07:0b:4c:c7:08:a3:52:ef:e6:02:23:ad:0f: 1a:2e:dc:42:87:0b:33:cd:bc:65:e5:5f:a5:74:72:d0:62:60: b4:a5:58:0e:28:58:28:f6:f1:2d:4d:60:27:04:4a:10:40:99: fb:29:3c:62:66:2c:83:5d:97:0a:56:fa:25:1a:85:08:d3:3d: a8:bf:05:bb:3d:8c:96:da:5c:31:2b:34:d1:19:cf:7f:df:b5: f3:17:80:c3:41:9b:90:36:d9:f5:be:93:68:5c:47:43:f5:32: 14:c0:de:79 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICa6YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYyMDQyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzQ1YS1mMTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv0heZap5ztYMFruJnUI/ImQMtNVjEmzoP7PvIT0RJzK5oCYv0s4PpafUvDcB fhFTYa1826qMt1NwJ2YtHsJX/3yOwDmRIER4MDQCZHCGYc5Sn0swC7OGUn9SN5LO MrDgC9Xs2cJTMoyT5IGnYxGYVWwayysI2hX7qajtPYb+CRcflvDunplSHWIPp5ZW QYXBjMxhvc6VuyYjl05KNX7SENAyY3ZXLuMqfOtUiOdaIwBT/iXXKoq0OjiGHYe9 ewtyGDm9KFjgTSFPFXK84Tx19/SlMUl573XX9niWUdmsWZkif4P81PPGFKuSA4s1 /ZVqFk8ULnGs5YI4KF23PP34dwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFEU8nbOw 8xrfEy2glCI6JCrIZ3oRMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNzVEODZFNzBC Q0ZDMTFFQUI4NkVFOTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAFnYtIDBABneyYDBABnlZoDBABn1OswDQQCAAIwBwMFACQD ncAwDQYJKoZIhvcNAQELBQADggEBAE+Dr5ZYWEB/71hTB3fE78z8ehU7s4nelyli rWtnBX9oCFo1VAXgwoNP/2p3xN76jwhtN/sap9Z4k1e2Ji3VwjrvyoBHgfVaxQ3h 3OlOSGZkXp1yFGC3B6GE6RjUaMVZgqhuvBW4sFKHJFD3CYQ+fPRM+rPOK6hfJ1lw zkP9hDR27nxWWq6E8q5GlbDO5yT7D80Ha5xABwtMxwijUu/mAiOtDxou3EKHCzPN vGXlX6V0ctBiYLSlWA4oWCj28S1NYCcEShBAmfspPGJmLINdlwpW+iUahQjTPai/ Bbs9jJbaXDErNNEZz3/ftfMXgMNBm5A22fW+k2hcR0P1MhTA3nk= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:37 2024 by rpki-client on console-ams.rpki-client.org