$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8649EB6CF30E11EDAD4C2045C4F9AE02.roa File: 8649EB6CF30E11EDAD4C2045C4F9AE02.roa (raw, json) Hash identifier: sCApfN6W64DazI7K1K4NOf1/Qtxvs/ENcMrHg+rLnz0= Subject key identifier: 16:1F:7E:3F:D2:2E:CE:EF:CC:B8:AF:95:FD:04:6F:47:31:D8:30:16 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 721C Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8649EB6CF30E11EDAD4C2045C4F9AE02.roa Signing time: Mon 15 May 2023 10:52:03 +0000 ROA not before: Mon 15 May 2023 10:52:03 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 148001 IP address blocks: 160.202.192.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29212 (0x721c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 15 10:52:03 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=64620ed3-52fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:9d:6e:b9:c7:30:12:4e:29:d6:93:30:74:08: f9:c1:ab:ae:f6:6a:17:ff:07:f6:4d:55:df:84:e7: 78:bb:7c:5f:2d:30:d1:12:65:1b:71:b6:c7:60:fe: 03:e8:ca:c3:46:91:37:3a:17:29:1d:ba:c5:2e:d3: e1:48:70:42:b2:26:f7:22:2f:92:6d:b8:cf:07:2c: eb:82:c0:b9:f7:d5:e2:11:f1:a8:fc:0c:4e:cd:c9: 0c:9d:88:39:a5:c0:d4:ec:f7:03:99:54:e5:1e:9c: 44:53:86:3c:f2:5e:a1:1e:c3:ed:19:fc:61:c8:93: a1:42:e6:70:59:72:be:9c:33:e7:68:89:70:d7:ad: 9f:f8:73:65:36:a4:1f:ab:60:db:b5:2e:45:52:bc: 62:02:66:31:9d:d0:7f:55:76:48:08:15:a4:0d:18: 7d:73:9b:11:61:6a:92:34:d7:d5:a5:85:a6:c2:06: 06:09:4c:52:af:59:fe:1c:72:a8:08:a3:ca:87:1e: b1:84:21:2b:3d:84:59:92:b0:08:55:58:a2:5b:0d: e0:73:8d:55:23:0c:8f:65:6c:b7:18:62:a1:c3:9e: 34:fd:eb:17:a8:f4:2d:32:50:64:94:4c:37:b1:09: c9:3b:7d:c8:2d:bd:b6:26:d0:1e:a7:cd:46:78:af: 06:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:1F:7E:3F:D2:2E:CE:EF:CC:B8:AF:95:FD:04:6F:47:31:D8:30:16 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8649EB6CF30E11EDAD4C2045C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.202.192.0/20 Signature Algorithm: sha256WithRSAEncryption 70:c1:dc:8a:17:df:90:24:6f:c8:87:6f:59:ab:92:66:d4:27: 15:9f:42:78:5a:1b:b6:6a:bf:97:62:fb:12:24:f7:f1:6d:7e: 4e:81:95:98:d0:95:f6:26:3d:be:13:2e:19:01:5d:6d:19:22: 08:ac:9e:f3:37:f6:45:88:e4:85:63:1c:c9:92:b0:9a:eb:a9: 88:96:1e:e4:4a:ba:79:00:95:73:8b:e3:42:31:d9:d7:ea:25: be:51:37:88:26:80:be:3a:47:3b:4b:56:f4:45:12:b7:0f:71: e7:97:71:bf:df:07:9c:2c:19:dd:9b:4a:0e:c9:a7:e5:82:a5: e4:87:f9:10:44:26:dc:e6:f8:c5:dc:51:a1:d1:28:1c:c3:0a: a4:1a:87:05:b7:da:92:48:ae:8b:be:3c:f5:07:c1:a5:15:df: c0:9e:f6:95:ff:60:69:0b:82:9f:41:03:86:cb:df:03:a7:0f: a4:b0:ac:46:39:f5:87:22:9c:4f:c5:e5:d7:8f:3f:89:4d:ec: 71:97:6f:71:71:85:ba:d5:cb:0b:4a:50:91:50:21:ee:61:94: 85:c2:ca:7d:72:63:4b:50:fd:9f:f2:6b:90:07:90:81:63:4a: ab:fd:63:bb:8e:20:fe:7e:bd:7f:bd:73:f6:d8:8a:25:8a:d8: 48:87:80:48 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICchwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTE1MTA1MjAzWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDYyMGVkMy01MmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtp1uuccwEk4p1pMwdAj5wauu9moX/wf2TVXfhOd4u3xfLTDREmUbcbbHYP4D 6MrDRpE3OhcpHbrFLtPhSHBCsib3Ii+SbbjPByzrgsC599XiEfGo/AxOzckMnYg5 pcDU7PcDmVTlHpxEU4Y88l6hHsPtGfxhyJOhQuZwWXK+nDPnaIlw162f+HNlNqQf q2DbtS5FUrxiAmYxndB/VXZICBWkDRh9c5sRYWqSNNfVpYWmwgYGCUxSr1n+HHKo CKPKhx6xhCErPYRZkrAIVViiWw3gc41VIwyPZWy3GGKhw540/esXqPQtMlBklEw3 sQnJO33ILb22JtAep81GeK8GIQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBYffj/S Ls7vzLivlf0Eb0cx2DAWMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvODY0OUVCNkNG MzBFMTFFREFENEMyMDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBASgysAwDQYJKoZIhvcNAQELBQADggEBAHDB3IoX35Akb8iH b1mrkmbUJxWfQnhaG7Zqv5di+xIk9/Ftfk6BlZjQlfYmPb4TLhkBXW0ZIgisnvM3 9kWI5IVjHMmSsJrrqYiWHuRKunkAlXOL40Ix2dfqJb5RN4gmgL46RztLVvRFErcP ceeXcb/fB5wsGd2bSg7Jp+WCpeSH+RBEJtzm+MXcUaHRKBzDCqQahwW32pJIrou+ PPUHwaUV38Ce9pX/YGkLgp9BA4bL3wOnD6SwrEY59YcinE/F5dePP4lN7HGXb3Fx hbrVywtKUJFQIe5hlIXCyn1yY0tQ/Z/ya5AHkIFjSqv9Y7uOIP5+vX+9c/bYiiWK 2EiHgEg= -----END CERTIFICATE-----Generated at Sun Apr 28 15:51:27 2024 by rpki-client on console-fra.rpki-client.org