$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CB42B95CBD4511EB9A852313C4F9AE02.roa File: CB42B95CBD4511EB9A852313C4F9AE02.roa (raw, json) Hash identifier: deDgSxXZ+lDXxS5z9v64KALlEpAD9L0MHHioMz0G1cU= Subject key identifier: E2:78:78:BB:9C:15:86:7E:19:E4:C5:10:BD:4F:9D:25:CE:44:41:0C Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7151 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CB42B95CBD4511EB9A852313C4F9AE02.roa Signing time: Wed 10 May 2023 16:47:38 +0000 ROA not before: Wed 10 May 2023 16:47:38 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 17771 IP address blocks: 45.127.188.0/22 maxlen: 24 49.238.32.0/19 maxlen: 24 103.246.44.0/22 maxlen: 24 202.63.96.0/19 maxlen: 24 2405:1e00::/32 maxlen: 32 2405:1e00::/40 maxlen: 48 2405:1e00:100::/40 maxlen: 48 2405:1e00:200::/40 maxlen: 48 2405:1e00:300::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29009 (0x7151) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:47:38 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bcaaa-302f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:9f:24:c1:f5:88:1d:f9:c2:6a:ba:a3:58:0a: b4:42:ce:9a:0a:c9:26:e8:b3:57:fa:9f:e4:ce:c8: a4:07:16:9f:55:69:7e:c2:f8:3f:57:9b:49:5b:73: 50:d7:a9:d2:62:30:2e:6e:07:22:99:b4:10:87:35: f0:0d:84:55:57:e5:d3:3a:65:02:d5:68:91:74:b2: 85:93:5b:0c:94:97:f0:80:02:22:b0:3a:ee:3e:08: 4c:36:4e:ae:5f:0e:8c:71:42:9d:53:ce:b6:fb:16: 11:42:fe:e9:28:c4:78:e1:a8:31:64:9e:9a:eb:d0: 6f:74:bf:7b:02:0b:05:c9:d9:b6:db:cc:ab:4f:3c: 04:7f:8d:f2:08:ae:08:ab:16:d7:21:bc:78:12:ef: 03:42:24:2e:f6:93:7c:b7:bf:ee:6b:82:99:78:7f: 5e:3b:87:a9:b5:e8:83:67:7f:8e:fb:71:6d:7e:44: 39:cb:c4:83:58:d7:f0:57:fe:cf:e9:28:ae:b0:40: f2:6d:13:ee:c4:84:a4:7c:a0:25:13:46:96:72:40: e4:a5:e4:fc:80:d4:6a:02:53:7f:92:42:54:79:b4: f6:64:70:af:a8:14:4a:9a:55:e8:a0:fb:56:d5:43: e9:53:b6:6c:b2:11:e0:81:51:ee:f1:23:c9:73:00: d0:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:78:78:BB:9C:15:86:7E:19:E4:C5:10:BD:4F:9D:25:CE:44:41:0C X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CB42B95CBD4511EB9A852313C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.127.188.0/22 49.238.32.0/19 103.246.44.0/22 202.63.96.0/19 IPv6: 2405:1e00::/32 Signature Algorithm: sha256WithRSAEncryption 72:2c:15:a6:fa:ae:9e:33:89:eb:a8:73:e1:e6:42:f5:03:2e: a6:ff:72:6d:b1:02:c3:13:ef:d5:d9:63:28:58:c9:b7:f1:80: 46:f6:de:3a:1e:90:1f:7f:a9:ce:38:0c:c8:56:7d:b5:02:be: 92:35:3b:c4:8d:82:a7:85:41:a8:1f:e5:14:a4:f0:9e:32:10: 75:8c:83:4a:16:35:87:c5:60:c2:7f:a2:18:cf:f2:17:fa:96: da:dd:ae:52:b7:08:98:72:11:11:e5:d7:28:d7:09:e0:34:b1: 86:46:37:28:83:e0:66:0c:49:8c:b6:a7:b2:2b:be:0e:03:88: 64:e1:04:5a:46:de:79:82:d0:a9:42:33:86:d6:f7:b7:66:cc: b7:e5:35:f0:f9:49:fd:80:13:d5:77:4b:bf:19:d0:3f:11:fb: 81:21:9b:41:f6:61:3c:9b:5d:d2:55:b6:96:6c:35:d7:f3:8b: c0:53:9b:ae:b1:f5:c0:f6:7f:53:d4:54:bf:10:9c:83:72:d2: 47:cd:55:91:e9:b4:9e:6c:f0:ab:d2:55:83:79:f2:71:9f:e3: b7:83:06:a3:65:e5:0f:12:3a:53:33:bf:9c:58:0c:a1:41:48: 33:ec:b7:cb:28:6f:55:25:a9:13:f7:10:4f:07:88:9e:e1:83: 20:3c:64:e4 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICcVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTY0NzM4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViY2FhYS0zMDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAup8kwfWIHfnCarqjWAq0Qs6aCskm6LNX+p/kzsikBxafVWl+wvg/V5tJW3NQ 16nSYjAubgcimbQQhzXwDYRVV+XTOmUC1WiRdLKFk1sMlJfwgAIisDruPghMNk6u Xw6McUKdU862+xYRQv7pKMR44agxZJ6a69BvdL97AgsFydm228yrTzwEf43yCK4I qxbXIbx4Eu8DQiQu9pN8t7/ua4KZeH9eO4epteiDZ3+O+3FtfkQ5y8SDWNfwV/7P 6SiusEDybRPuxISkfKAlE0aWckDkpeT8gNRqAlN/kkJUebT2ZHCvqBRKmlXooPtW 1UPpU7ZsshHggVHu8SPJcwDQ/wIDAQABo4ICtjCCArIwHQYDVR0OBBYEFOJ4eLuc FYZ+GeTFEL1PnSXOREEMMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQ0I0MkI5NUNC RDQ1MTFFQjlBODUyMzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAItf7wDBAUx7iADBAJn9iwDBAXKP2AwDQQCAAIwBwMFACQF HgAwDQYJKoZIhvcNAQELBQADggEBAHIsFab6rp4zieuoc+HmQvUDLqb/cm2xAsMT 79XZYyhYybfxgEb23joekB9/qc44DMhWfbUCvpI1O8SNgqeFQagf5RSk8J4yEHWM g0oWNYfFYMJ/ohjP8hf6ltrdrlK3CJhyERHl1yjXCeA0sYZGNyiD4GYMSYy2p7Ir vg4DiGThBFpG3nmC0KlCM4bW97dmzLflNfD5Sf2AE9V3S78Z0D8R+4Ehm0H2YTyb XdJVtpZsNdfzi8BTm66x9cD2f1PUVL8QnINy0kfNVZHptJ5s8KvSVYN58nGf47eD BqNl5Q8SOlMzv5xYDKFBSDPst8sob1UlqRP3EE8HiJ7hgyA8ZOQ= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:46 2024 by rpki-client on console-ams.rpki-client.org