$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DB31BE6E0DDF11EBADAEA40AC4F9AE02.roa File: DB31BE6E0DDF11EBADAEA40AC4F9AE02.roa (raw, json) Hash identifier: tBa2DoWCp03OvQvm/eOwEIhMcFiFKyBUumS1ywmup+s= Subject key identifier: C0:88:22:17:63:DC:E8:E0:32:3E:21:AD:C4:12:4B:83:F1:E6:60:0C Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6DCB Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DB31BE6E0DDF11EBADAEA40AC4F9AE02.roa Signing time: Wed 10 May 2023 16:31:05 +0000 ROA not before: Wed 10 May 2023 16:31:05 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 139478 IP address blocks: 103.142.149.0/24 maxlen: 24 103.145.100.0/24 maxlen: 24 2400:6160::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28107 (0x6dcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:31:05 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc6c9-6822 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:35:9d:70:c5:d4:27:82:5a:5b:29:be:b2:24: b5:1b:e9:06:f9:6c:82:55:ef:a9:ad:09:53:94:9a: 70:e8:6e:2a:11:b2:87:45:8f:ac:9f:4c:bd:22:77: a8:41:71:ff:d2:da:59:68:74:1b:66:07:ed:3e:97: 16:14:c8:cd:9e:c8:81:ee:98:34:c4:39:c5:78:ed: 10:14:22:b4:09:e8:64:c3:13:22:97:16:38:68:bb: 91:87:ec:6d:9c:29:4d:f0:01:e1:f2:3d:9e:ff:62: f0:81:08:e7:7e:f5:83:a3:34:53:0c:58:e1:ac:af: 89:00:b6:f6:59:5c:a8:bf:29:e9:43:83:ea:a9:5c: 5b:31:0b:3c:88:e7:a8:89:e1:a4:fa:4a:2b:9e:7d: 6f:1f:fe:ab:da:ea:67:ba:07:41:7f:c6:6d:32:e2: 25:a6:ab:8c:8e:02:3a:3f:b6:c6:2e:0b:17:36:7e: 31:01:ef:e2:4a:72:57:7a:59:3d:62:72:fa:98:24: e0:fe:d8:ff:85:53:37:9c:9c:c6:ae:b4:c8:05:65: 13:09:7c:11:d9:17:59:14:29:b9:84:08:26:c1:6e: 63:7c:fb:29:e6:95:05:3a:f8:ad:86:c8:96:28:28: 20:e6:25:34:bb:f6:5b:66:58:7f:6b:ec:49:ad:2d: ec:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:88:22:17:63:DC:E8:E0:32:3E:21:AD:C4:12:4B:83:F1:E6:60:0C X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DB31BE6E0DDF11EBADAEA40AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.142.149.0/24 103.145.100.0/24 IPv6: 2400:6160::/32 Signature Algorithm: sha256WithRSAEncryption a7:15:2a:91:9a:e3:d1:66:e8:28:df:22:d6:ce:48:b1:bb:ef: 25:a7:dd:2a:b7:7d:00:5d:8c:30:29:24:bf:9a:d1:38:9b:e4: f3:24:6f:87:3d:5b:d7:e7:5c:86:88:5c:30:9b:7f:2f:ea:b8: 27:49:5b:53:08:b8:9a:18:4c:fc:fa:b2:2b:a2:36:1e:83:fa: a3:46:f1:c3:b6:2b:b2:a7:d3:cc:d5:c6:43:1c:76:69:54:b3: df:ea:d7:0f:3f:a8:49:5c:fe:9c:bb:d2:52:c9:de:41:f8:d2: 4c:84:9a:9d:5f:de:57:1d:6c:39:f8:22:85:a4:f9:79:f1:d9: 5e:75:45:64:c2:98:b1:aa:e3:dd:d6:9d:46:e6:a4:07:eb:8d: f6:bf:73:25:55:41:46:a8:21:69:fa:6a:0c:ca:ff:40:f4:ed: 0a:5d:b3:03:e4:26:62:7b:2b:b8:ca:b9:c0:36:08:b7:05:b0: be:d7:fa:f0:9b:29:c3:8a:7b:42:e4:c3:d0:53:30:65:f1:d1: f4:82:21:a3:af:12:b7:28:4f:af:b4:ba:3d:21:e0:26:89:a2: bb:e6:4d:cb:2e:e9:79:7a:65:72:fa:24:78:ed:13:1f:27:06: 97:10:b8:f1:23:61:c1:65:f3:c9:76:2a:6b:83:07:fd:9a:1d: d0:d6:bf:a2 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICbcswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTYzMTA1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzZjOS02ODIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxjWdcMXUJ4JaWym+siS1G+kG+WyCVe+prQlTlJpw6G4qEbKHRY+sn0y9Ineo QXH/0tpZaHQbZgftPpcWFMjNnsiB7pg0xDnFeO0QFCK0CehkwxMilxY4aLuRh+xt nClN8AHh8j2e/2LwgQjnfvWDozRTDFjhrK+JALb2WVyovynpQ4PqqVxbMQs8iOeo ieGk+kornn1vH/6r2upnugdBf8ZtMuIlpquMjgI6P7bGLgsXNn4xAe/iSnJXelk9 YnL6mCTg/tj/hVM3nJzGrrTIBWUTCXwR2RdZFCm5hAgmwW5jfPsp5pUFOvithsiW KCgg5iU0u/ZbZlh/a+xJrS3s5QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMCIIhdj 3OjgMj4hrcQSS4Px5mAMMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvREIzMUJFNkUw RERGMTFFQkFEQUVBNDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBABnjpUDBABnkWQwDQQCAAIwBwMFACQAYWAwDQYJKoZIhvcN AQELBQADggEBAKcVKpGa49Fm6CjfItbOSLG77yWn3Sq3fQBdjDApJL+a0Tib5PMk b4c9W9fnXIaIXDCbfy/quCdJW1MIuJoYTPz6siuiNh6D+qNG8cO2K7Kn08zVxkMc dmlUs9/q1w8/qElc/py70lLJ3kH40kyEmp1f3lcdbDn4IoWk+Xnx2V51RWTCmLGq 493WnUbmpAfrjfa/cyVVQUaoIWn6agzK/0D07QpdswPkJmJ7K7jKucA2CLcFsL7X +vCbKcOKe0Lkw9BTMGXx0fSCIaOvErcoT6+0uj0h4CaJorvmTcsu6Xl6ZXL6JHjt Ex8nBpcQuPEjYcFl88l2KmuDB/2aHdDWv6I= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:47 2024 by rpki-client on console-ams.rpki-client.org