$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AA526544C51011EBABAA0685C4F9AE02.roa File: AA526544C51011EBABAA0685C4F9AE02.roa (raw, json) Hash identifier: Pk1XMdFacENXsxQnV54KmU43c/8ccE9NrT/h/jJK7RI= Subject key identifier: BA:9C:AE:28:D7:B3:EE:2D:36:F2:B5:8D:B6:6C:10:97:19:40:2A:8F Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 72BE Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AA526544C51011EBABAA0685C4F9AE02.roa Signing time: Thu 25 May 2023 13:02:18 +0000 ROA not before: Thu 25 May 2023 13:02:18 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 139508 IP address blocks: 103.146.232.0/24 maxlen: 24 103.146.233.0/24 maxlen: 24 103.172.220.0/23 maxlen: 24 103.250.187.0/24 maxlen: 24 2001:df1:b8c0::/48 maxlen: 48 2001:df2:6a40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29374 (0x72be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 25 13:02:18 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=646f5c5a-6698 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9b:f8:97:c6:9c:a8:01:6f:c8:2a:41:59:b0: 4b:2e:f4:5b:92:6b:0a:70:c7:67:11:20:3d:71:85: 0f:0a:f5:17:2a:40:fa:ec:75:d6:dd:e0:26:7b:78: 55:60:df:0d:04:41:87:8c:8b:e9:c9:6e:5b:81:01: 63:34:20:82:2a:fb:2c:55:2a:b1:e3:10:61:54:67: 7e:e0:22:ce:b0:a3:bc:eb:9e:2c:34:3b:39:53:1b: d9:de:5b:43:54:cb:7b:ee:45:68:24:dc:4d:58:07: 94:09:82:76:83:99:3c:e1:fa:3b:32:25:0b:26:32: 2f:88:8c:c7:d7:dd:17:03:a9:9e:58:28:e8:4c:e5: 76:c8:8c:f7:8b:52:50:a1:71:da:e0:d9:dc:16:55: b1:15:bc:23:29:24:5a:c5:57:85:70:1d:cb:a0:bb: 75:19:48:96:88:cb:ff:80:38:e5:58:6d:1c:ac:e8: 9c:f3:3e:91:ea:79:00:6c:18:f3:85:92:01:0d:5a: 8d:39:5b:7b:1c:3d:1c:f5:38:97:d5:1e:5f:5f:2a: 5a:ed:1a:b6:36:db:ca:94:24:37:b6:e1:7b:3a:bc: 61:d6:bd:57:63:d7:ae:cd:0b:43:b8:a6:92:b2:6a: 96:e0:5f:0c:a3:31:9a:8c:26:11:51:42:16:81:7d: 79:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:9C:AE:28:D7:B3:EE:2D:36:F2:B5:8D:B6:6C:10:97:19:40:2A:8F X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AA526544C51011EBABAA0685C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.146.232.0/23 103.172.220.0/23 103.250.187.0/24 IPv6: 2001:df1:b8c0::/48 2001:df2:6a40::/48 Signature Algorithm: sha256WithRSAEncryption ac:d1:91:53:0f:68:82:19:ba:5d:7a:b5:cd:45:27:f1:68:18: b4:e9:19:37:e2:b0:22:54:2b:0c:df:6b:b6:c3:c5:db:2b:41: d8:76:0c:40:93:e6:11:15:68:03:50:9c:84:07:e6:0c:86:59: 36:b4:b8:34:54:3b:d7:04:ad:03:2e:e3:fe:f6:bf:77:a9:18: 69:71:f7:48:40:40:25:b0:07:c8:ef:35:b5:71:43:4d:fb:29: e7:33:0f:40:22:92:4f:51:22:db:a0:b5:96:f7:36:e8:85:47: 77:81:ac:8e:17:c6:b5:22:e4:db:fa:60:f6:6e:57:0a:99:b8: 35:57:ff:8e:7c:76:d0:f6:32:61:05:cc:91:77:10:ea:8b:dc: bb:06:11:33:14:fb:3a:a4:88:95:4f:f9:ba:a5:89:29:f5:6c: 5b:16:9b:42:32:03:23:a5:60:d7:22:7d:05:e6:bf:5a:52:03: d7:76:3b:ed:d2:15:41:c3:c4:de:17:b9:25:87:58:20:bf:60: 4b:f3:55:1d:ae:06:08:1b:40:49:24:77:bb:5b:9d:af:a9:60: 34:25:bc:0f:03:a2:36:cc:15:55:9a:ad:dd:a6:46:82:0e:e5: 5a:56:8b:1a:61:08:19:be:01:d8:fa:bb:29:29:37:9a:f4:51: 05:dd:f2:4a -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgICcr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTI1MTMwMjE4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDZmNWM1YS02Njk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnJv4l8acqAFvyCpBWbBLLvRbkmsKcMdnESA9cYUPCvUXKkD67HXW3eAme3hV YN8NBEGHjIvpyW5bgQFjNCCCKvssVSqx4xBhVGd+4CLOsKO8654sNDs5UxvZ3ltD VMt77kVoJNxNWAeUCYJ2g5k84fo7MiULJjIviIzH190XA6meWCjoTOV2yIz3i1JQ oXHa4NncFlWxFbwjKSRaxVeFcB3LoLt1GUiWiMv/gDjlWG0crOic8z6R6nkAbBjz hZIBDVqNOVt7HD0c9TiX1R5fXypa7Rq2NtvKlCQ3tuF7Orxh1r1XY9euzQtDuKaS smqW4F8MozGajCYRUUIWgX15JwIDAQABo4ICuzCCArcwHQYDVR0OBBYEFLqcrijX s+4tNvK1jbZsEJcZQCqPMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQUE1MjY1NDRD NTEwMTFFQkFCQUEwNjg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E NjA0MBgEAgABMBIDBAFnkugDBAFnrNwDBABn+rswGAQCAAIwEgMHACABDfG4wAMH ACABDfJqQDANBgkqhkiG9w0BAQsFAAOCAQEArNGRUw9oghm6XXq1zUUn8WgYtOkZ N+KwIlQrDN9rtsPF2ytB2HYMQJPmERVoA1CchAfmDIZZNrS4NFQ71wStAy7j/va/ d6kYaXH3SEBAJbAHyO81tXFDTfsp5zMPQCKST1Ei26C1lvc26IVHd4GsjhfGtSLk 2/pg9m5XCpm4NVf/jnx20PYyYQXMkXcQ6ovcuwYRMxT7OqSIlU/5uqWJKfVsWxab QjIDI6Vg1yJ9Bea/WlID13Y77dIVQcPE3he5JYdYIL9gS/NVHa4GCBtASSR3u1ud r6lgNCW8DwOiNswVVZqt3aZGgg7lWlaLGmEIGb4B2Pq7KSk3mvRRBd3ySg== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:41 2024 by rpki-client on console-ams.rpki-client.org