$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E21C1400348A11EBBF128620C4F9AE02.roa File: E21C1400348A11EBBF128620C4F9AE02.roa (raw, json) Hash identifier: 4MnnyPH1NF9o9rzjlDu+3UbwJOAw7OcLBWbsH6YnA3w= Subject key identifier: 17:F6:DE:8B:FD:6C:F2:81:E2:FB:A9:79:43:05:3A:A6:6C:1C:17:2F Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 7B9B Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E21C1400348A11EBBF128620C4F9AE02.roa Signing time: Wed 11 Oct 2023 05:56:38 +0000 ROA not before: Wed 11 Oct 2023 05:56:38 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 141253 IP address blocks: 103.145.172.0/24 maxlen: 24 103.157.16.0/24 maxlen: 24 103.158.181.0/24 maxlen: 24 103.161.3.0/24 maxlen: 24 103.169.52.0/23 maxlen: 24 103.170.62.0/24 maxlen: 24 103.188.95.0/24 maxlen: 24 2001:df5:b280::/48 maxlen: 48 2400:d960::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31643 (0x7b9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Oct 11 05:56:38 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=65263915-44d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:85:bc:8f:02:d6:e2:1e:38:33:96:9e:e2:50: 7c:53:cc:78:b8:ce:06:f2:46:08:5e:bc:f5:e3:9f: 4b:4c:7b:45:3d:63:7e:3c:bd:65:85:db:a2:70:68: 94:b5:5e:a9:b9:33:57:6a:b9:d1:28:04:34:47:ba: 11:57:aa:57:2e:8a:22:8e:35:89:c6:a0:89:5c:84: cf:32:27:c0:e0:45:66:a6:f2:01:76:06:bb:47:ef: 82:37:20:42:f2:bf:dd:6c:74:dc:9b:bf:b4:99:91: c8:1a:8a:64:5a:12:39:c5:d1:bc:89:a0:5a:83:02: ef:1d:d2:44:3d:6e:3f:ab:26:3f:f7:a7:8d:c9:6e: 2a:53:55:19:04:b4:3a:11:8f:51:57:a1:d0:b0:8d: 45:64:4d:d5:5c:89:0b:0f:0b:ef:f1:d1:65:d6:81: d4:89:02:fe:6a:0f:d2:cd:a9:31:0c:d2:33:9e:35: cf:02:27:2d:31:0b:6f:12:63:43:6c:0a:16:01:e7: 72:78:44:53:b2:b0:d6:59:3f:76:6a:49:49:9d:9a: 7b:78:16:22:df:39:71:2d:ba:4e:13:5d:ac:f3:5f: 36:eb:7f:4a:9e:99:47:6d:c1:8c:48:35:cd:42:f8: 09:81:32:b3:20:8f:9b:a8:e0:8b:23:a0:34:13:64: 3a:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:F6:DE:8B:FD:6C:F2:81:E2:FB:A9:79:43:05:3A:A6:6C:1C:17:2F X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E21C1400348A11EBBF128620C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.145.172.0/24 103.157.16.0/24 103.158.181.0/24 103.161.3.0/24 103.169.52.0/23 103.170.62.0/24 103.188.95.0/24 IPv6: 2001:df5:b280::/48 2400:d960::/32 Signature Algorithm: sha256WithRSAEncryption a5:cd:dd:76:9f:1f:46:4c:a8:99:94:b3:2a:d7:f8:16:af:2b: 07:5c:15:01:f8:23:a0:43:a9:de:d2:bb:98:34:5b:7e:93:55: 1e:3e:56:f1:2f:d0:77:02:ea:ae:2e:5a:0c:4a:ce:cb:53:12: d6:a2:8b:c4:34:9a:c4:b7:75:9b:11:68:0a:6c:a0:ec:79:f0: ea:86:19:52:ff:d7:c4:c3:86:d7:ab:3c:af:9e:dc:bd:5e:16: 74:bd:b9:09:e3:a1:69:ba:69:a5:b4:10:5f:9e:2f:79:19:35: 96:1e:a5:8e:bb:44:cf:72:d0:29:9c:48:a3:c3:9a:41:6e:67: af:82:13:31:40:7f:b5:34:e0:d8:f3:81:67:b5:9d:e0:04:bb: 5e:14:be:28:76:61:ef:44:e1:c0:ba:51:73:55:61:97:39:6d: 69:83:07:bd:6b:22:b7:45:4c:92:20:d9:f7:34:9e:f8:2f:67: 14:c9:6d:dd:d5:59:b0:12:5c:f9:3f:5e:97:4f:8b:2a:83:da: f9:44:02:1d:74:05:2d:27:19:86:56:50:47:45:a9:54:60:3c: 64:ff:59:9d:c5:af:94:5b:11:88:0e:cc:9e:dc:a7:2e:79:c7: 63:73:b4:00:6a:8a:9c:48:48:75:c4:93:b9:5b:86:84:64:e7: d4:2e:c9:c7 -----BEGIN CERTIFICATE----- MIIFrTCCBJWgAwIBAgICe5swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMxMDExMDU1NjM4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTI2MzkxNS00NGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA14W8jwLW4h44M5ae4lB8U8x4uM4G8kYIXrz1459LTHtFPWN+PL1lhduicGiU tV6puTNXarnRKAQ0R7oRV6pXLooijjWJxqCJXITPMifA4EVmpvIBdga7R++CNyBC 8r/dbHTcm7+0mZHIGopkWhI5xdG8iaBagwLvHdJEPW4/qyY/96eNyW4qU1UZBLQ6 EY9RV6HQsI1FZE3VXIkLDwvv8dFl1oHUiQL+ag/SzakxDNIznjXPAictMQtvEmND bAoWAedyeERTsrDWWT92aklJnZp7eBYi3zlxLbpOE12s8182639KnplHbcGMSDXN QvgJgTKzII+bqOCLI6A0E2Q6UwIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFBf23ov9 bPKB4vupeUMFOqZsHBcvMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTIxQzE0MDAz NDhBMTFFQkJGMTI4NjIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E TDBKMDAEAgABMCoDBABnkawDBABnnRADBABnnrUDBABnoQMDBAFnqTQDBABnqj4D BABnvF8wFgQCAAIwEAMHACABDfWygAMFACQA2WAwDQYJKoZIhvcNAQELBQADggEB AKXN3XafH0ZMqJmUsyrX+BavKwdcFQH4I6BDqd7Su5g0W36TVR4+VvEv0HcC6q4u WgxKzstTEtaii8Q0msS3dZsRaApsoOx58OqGGVL/18TDhterPK+e3L1eFnS9uQnj oWm6aaW0EF+eL3kZNZYepY67RM9y0CmcSKPDmkFuZ6+CEzFAf7U04NjzgWe1neAE u14Uvih2Ye9E4cC6UXNVYZc5bWmDB71rIrdFTJIg2fc0nvgvZxTJbd3VWbASXPk/ XpdPiyqD2vlEAh10BS0nGYZWUEdFqVRgPGT/WZ3Fr5RbEYgOzJ7cpy55x2NztABq ipxISHXEk7lbhoRk59Quycc= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:48 2024 by rpki-client on console-ams.rpki-client.org