$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/771F9B50BCFC11EAB86EE937C4F9AE02.roa File: 771F9B50BCFC11EAB86EE937C4F9AE02.roa (raw, json) Hash identifier: 0kHzaC8bjws84cpAamXVap139l7geUH5OYP0GEuk0HM= Subject key identifier: A6:77:3F:3E:2B:86:B4:E9:57:B6:F5:3D:16:FB:1E:AE:0C:55:C5:90 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 731F Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/771F9B50BCFC11EAB86EE937C4F9AE02.roa Signing time: Thu 01 Jun 2023 09:12:11 +0000 ROA not before: Thu 01 Jun 2023 09:12:11 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 135697 IP address blocks: 103.74.227.0/24 maxlen: 24 103.78.201.0/24 maxlen: 24 103.97.210.0/23 maxlen: 24 103.121.114.0/24 maxlen: 24 103.121.115.0/24 maxlen: 24 103.157.194.0/24 maxlen: 24 103.157.195.0/24 maxlen: 24 103.158.182.0/24 maxlen: 24 103.158.183.0/24 maxlen: 24 103.163.200.0/23 maxlen: 24 103.164.210.0/23 maxlen: 24 103.173.220.0/23 maxlen: 24 103.207.88.0/23 maxlen: 24 103.211.104.0/23 maxlen: 24 2406:f40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29471 (0x731f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jun 1 09:12:11 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=647860eb-9fd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:54:4f:5c:19:8a:b9:f0:cc:7d:47:cd:11:5d: 56:60:85:b0:3e:c9:a0:16:e6:bf:bb:68:e1:78:d9: 43:c1:6a:b8:34:a8:74:c9:f8:d9:9e:9d:8e:7a:4a: 96:2c:e6:c8:10:18:aa:da:18:c1:eb:8b:c1:08:ec: 5c:fe:f7:23:f6:98:19:32:d4:af:37:11:27:1c:3d: e7:62:6b:15:b0:2b:59:16:b9:ae:d0:86:77:56:38: 0d:a3:f3:d4:29:06:81:2b:9b:52:96:33:69:18:4d: cf:ec:18:f6:b1:4f:6a:26:bc:b0:2f:cf:c2:b7:5f: 4a:e8:14:5b:61:7d:9d:42:36:fb:2f:3c:93:7c:cb: 65:2f:8d:c9:2b:54:f2:62:7c:6f:5a:0c:e1:c8:a4: 85:af:ca:8b:06:71:a7:40:2b:ea:b4:66:cd:c7:a3: eb:cf:e1:92:80:c3:28:a6:8d:02:9f:42:99:56:e4: 38:28:ff:8c:b5:8f:4b:af:0e:4e:ae:6a:8c:94:96: 9b:56:f8:9b:70:40:b9:64:ec:29:ec:c1:08:87:8b: 04:4e:3f:35:d9:a5:e1:f3:d2:5b:65:60:d7:a6:8f: 5c:b4:6a:42:29:38:9e:ee:7c:da:60:be:ab:b2:78: 7f:54:90:0f:35:82:a7:e2:0e:c7:a6:8f:15:72:c6: e4:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:77:3F:3E:2B:86:B4:E9:57:B6:F5:3D:16:FB:1E:AE:0C:55:C5:90 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/771F9B50BCFC11EAB86EE937C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.74.227.0/24 103.78.201.0/24 103.97.210.0/23 103.121.114.0/23 103.157.194.0/23 103.158.182.0/23 103.163.200.0/23 103.164.210.0/23 103.173.220.0/23 103.207.88.0/23 103.211.104.0/23 IPv6: 2406:f40::/32 Signature Algorithm: sha256WithRSAEncryption 4f:8f:29:0e:c7:49:2b:b3:ab:f2:43:b3:f7:20:51:b3:ce:b4: c9:2f:fb:9e:c6:f4:23:d0:98:e5:61:6a:64:c6:0d:43:24:fa: 01:10:81:a9:a8:44:23:78:6f:ee:72:92:a9:f7:ab:8f:5a:38: 6f:d7:73:60:81:42:50:bf:22:13:33:ad:96:8c:17:1b:4f:0e: 87:e9:54:0e:4f:e2:8f:f7:10:e4:c5:1a:f0:94:c7:ec:ff:ee: 80:1c:a7:9b:e1:89:fc:ae:c8:df:ea:0f:53:b7:06:0e:ed:f4: 9c:91:37:8d:c9:79:0c:7a:d7:b8:b1:73:bb:22:5b:bb:45:67: c3:a7:2f:3f:f8:90:37:2e:10:01:b6:4a:73:a7:06:94:a5:d6: c6:70:0f:77:76:eb:51:90:17:d4:92:2d:0e:8b:c5:96:d5:5b: 9a:f2:99:69:02:95:5e:ea:7b:14:eb:a2:21:f1:f8:f3:38:f9: b8:ae:4b:06:00:ec:3f:f8:77:26:38:bb:aa:34:02:53:47:d0: 76:0b:45:4b:1b:e8:b0:1d:36:c8:04:3c:05:71:24:0d:5c:17: fc:5c:4b:72:28:75:5f:5f:64:2d:84:1a:39:58:c1:00:c4:93: 20:56:2a:ad:89:75:0d:c7:36:96:09:7d:9a:62:d0:5f:06:5c: 2b:c8:39:08 -----BEGIN CERTIFICATE----- MIIFvDCCBKSgAwIBAgICcx8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNjAxMDkxMjExWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDc4NjBlYi05ZmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz1RPXBmKufDMfUfNEV1WYIWwPsmgFua/u2jheNlDwWq4NKh0yfjZnp2OekqW LObIEBiq2hjB64vBCOxc/vcj9pgZMtSvNxEnHD3nYmsVsCtZFrmu0IZ3VjgNo/PU KQaBK5tSljNpGE3P7Bj2sU9qJrywL8/Ct19K6BRbYX2dQjb7LzyTfMtlL43JK1Ty YnxvWgzhyKSFr8qLBnGnQCvqtGbNx6Prz+GSgMMopo0Cn0KZVuQ4KP+MtY9Lrw5O rmqMlJabVvibcEC5ZOwp7MEIh4sETj812aXh89JbZWDXpo9ctGpCKTie7nzaYL6r snh/VJAPNYKn4g7Hpo8VcsbkNQIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFKZ3Pz4r hrTpV7b1PRb7Hq4MVcWQMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNzcxRjlCNTBC Q0ZDMTFFQUI4NkVFOTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E WzBZMEgEAgABMEIDBABnSuMDBABnTskDBAFnYdIDBAFneXIDBAFnncIDBAFnnrYD BAFno8gDBAFnpNIDBAFnrdwDBAFnz1gDBAFn02gwDQQCAAIwBwMFACQGD0AwDQYJ KoZIhvcNAQELBQADggEBAE+PKQ7HSSuzq/JDs/cgUbPOtMkv+57G9CPQmOVhamTG DUMk+gEQgamoRCN4b+5ykqn3q49aOG/Xc2CBQlC/IhMzrZaMFxtPDofpVA5P4o/3 EOTFGvCUx+z/7oAcp5vhifyuyN/qD1O3Bg7t9JyRN43JeQx617ixc7siW7tFZ8On Lz/4kDcuEAG2SnOnBpSl1sZwD3d261GQF9SSLQ6LxZbVW5rymWkClV7qexTroiHx +PM4+biuSwYA7D/4dyY4u6o0AlNH0HYLRUsb6LAdNsgEPAVxJA1cF/xcS3IodV9f ZC2EGjlYwQDEkyBWKq2JdQ3HNpYJfZpi0F8GXCvIOQg= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:37 2024 by rpki-client on console-ams.rpki-client.org