$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8F08AFD8B91311EEA79C1D5AC4F9AE02.roa File: 8F08AFD8B91311EEA79C1D5AC4F9AE02.roa (raw, json) Hash identifier: 29TKUS2uig8XnOToPm51xpTPYKffYLbNsGqvBdpe3vc= Subject key identifier: C1:7D:0E:0D:0F:83:B8:96:C7:02:68:25:E3:15:1C:23:5A:E9:6F:81 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 81AB Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8F08AFD8B91311EEA79C1D5AC4F9AE02.roa Signing time: Mon 22 Jan 2024 10:50:46 +0000 ROA not before: Mon 22 Jan 2024 10:50:46 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 146872 IP address blocks: 103.77.80.0/23 maxlen: 24 103.155.67.0/24 maxlen: 24 103.173.46.0/23 maxlen: 24 103.210.144.0/22 maxlen: 24 139.5.48.0/22 maxlen: 24 2001:df1:1440::/48 maxlen: 48 2407:e1c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33195 (0x81ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jan 22 10:50:46 2024 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=65ae4886-c7f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:05:f2:b9:ac:05:b0:40:ef:07:95:91:ab:0b: c7:2e:b0:07:66:01:77:29:93:10:8d:f6:49:5d:d3: 3c:31:b6:6c:90:6a:e7:dd:4c:fd:23:9b:ff:32:6b: 65:95:94:2a:6c:46:ea:cc:fa:e5:5f:0b:cc:e2:23: 18:90:2e:15:4b:09:9f:24:95:8b:2f:e1:d4:fb:45: 33:d4:d6:80:c2:d7:b0:5a:76:ee:3b:e9:b9:c2:59: 58:0b:fc:21:e9:09:81:7d:fa:1a:7d:f4:d4:0c:56: 39:12:6b:d9:17:f2:9a:82:0f:32:20:9c:fd:66:2c: 8e:04:60:4c:94:e4:4c:db:2b:0d:cf:e2:a9:22:05: 2e:0b:b6:91:b4:8a:93:5b:c5:7c:ec:e8:2a:11:ee: 56:fc:bc:50:9d:2a:ca:70:6e:2f:36:d7:5c:7c:7a: 57:53:f6:65:6a:be:d4:7f:b6:c7:57:85:da:d7:95: 6f:5b:5a:f8:20:7d:2e:b9:a5:fb:35:b0:57:56:a5: b6:9f:e0:d5:9e:4c:a5:1e:eb:93:0f:ed:57:8c:5d: 6a:2c:46:38:09:41:2c:8a:41:d6:aa:9d:32:54:15: 2f:84:4c:49:af:cc:04:e1:b0:70:56:ab:54:55:0c: e1:a1:ed:05:de:62:27:92:80:16:4b:8d:3e:ce:8d: bd:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:7D:0E:0D:0F:83:B8:96:C7:02:68:25:E3:15:1C:23:5A:E9:6F:81 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8F08AFD8B91311EEA79C1D5AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.77.80.0/23 103.155.67.0/24 103.173.46.0/23 103.210.144.0/22 139.5.48.0/22 IPv6: 2001:df1:1440::/48 2407:e1c0::/32 Signature Algorithm: sha256WithRSAEncryption 45:23:99:b8:25:b5:94:57:65:c8:f8:6b:a3:c8:b7:2f:ac:18: 52:9b:f2:ad:d7:b9:df:a2:6c:ac:5b:0a:97:c2:b4:ef:bd:53: b5:e8:bd:54:3f:b1:0e:b0:2d:a7:b6:5a:33:61:7f:55:f9:33: 3e:12:f7:1a:ec:bf:98:c8:b9:76:c2:21:e7:a5:89:cd:57:81: 38:73:1c:ab:1d:77:b8:f8:c7:00:7a:36:86:e5:7e:83:d7:a0: fa:40:6c:2f:b0:8d:20:3a:1f:55:8a:7c:66:80:11:70:5b:c9: 54:3f:d4:c9:61:36:a2:1c:59:cf:9f:42:57:c9:62:c7:5b:3a: 4b:f9:e0:ff:b2:df:a1:2d:7e:ea:4e:26:12:31:20:10:e8:5c: 0f:ff:15:5f:e0:ac:b5:23:89:d1:d5:78:b8:9f:1c:19:eb:c3: 39:8d:a4:9d:66:d1:2e:a0:a5:15:0e:2d:f8:89:26:73:c0:63: df:87:1c:bc:e5:33:75:8a:11:73:3d:6d:28:c2:7b:ba:9e:87: 5f:2e:91:07:ae:0c:b8:02:29:9d:a0:d4:c3:1f:dc:de:af:1a: f3:36:eb:3f:74:b3:23:9e:f7:75:f8:f3:59:0d:66:61:a0:59: 99:87:bb:10:06:3d:51:7f:bb:dd:43:88:1b:1f:2a:c5:f0:f3: ad:61:0c:3a -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgIDAIGrMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDEyMjEwNTA0NloXDTI0MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjVhZTQ4ODYtYzdmNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4F8rmsBbBA7weVkasLxy6wB2YBdymTEI32SV3TPDG2bJBq591M/SOb/zJr ZZWUKmxG6sz65V8LzOIjGJAuFUsJnySViy/h1PtFM9TWgMLXsFp27jvpucJZWAv8 IekJgX36Gn301AxWORJr2RfymoIPMiCc/WYsjgRgTJTkTNsrDc/iqSIFLgu2kbSK k1vFfOzoKhHuVvy8UJ0qynBuLzbXXHx6V1P2ZWq+1H+2x1eF2teVb1ta+CB9Lrml +zWwV1altp/g1Z5MpR7rkw/tV4xdaixGOAlBLIpB1qqdMlQVL4RMSa/MBOGwcFar VFUM4aHtBd5iJ5KAFkuNPs6NvdkCAwEAAaOCAsUwggLBMB0GA1UdDgQWBBTBfQ4N D4O4lscCaCXjFRwjWulvgTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzhGMDhBRkQ4 QjkxMzExRUVBNzlDMUQ1QUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME8GCCsGAQUFBwEHAQH/ BEAwPjAkBAIAATAeAwQBZ01QAwQAZ5tDAwQBZ60uAwQCZ9KQAwQCiwUwMBYEAgAC MBADBwAgAQ3xFEADBQAkB+HAMA0GCSqGSIb3DQEBCwUAA4IBAQBFI5m4JbWUV2XI +GujyLcvrBhSm/Kt17nfomysWwqXwrTvvVO16L1UP7EOsC2ntlozYX9V+TM+Evca 7L+YyLl2wiHnpYnNV4E4cxyrHXe4+McAejaG5X6D16D6QGwvsI0gOh9VinxmgBFw W8lUP9TJYTaiHFnPn0JXyWLHWzpL+eD/st+hLX7qTiYSMSAQ6FwP/xVf4Ky1I4nR 1Xi4nxwZ68M5jaSdZtEuoKUVDi34iSZzwGPfhxy85TN1ihFzPW0ownu6nodfLpEH rgy4AimdoNTDH9zerxrzNus/dLMjnvd1+PNZDWZhoFmZh7sQBj1Rf7vdQ4gbHyrF 8POtYQw6 -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:39 2024 by rpki-client on console-ams.rpki-client.org