$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F5454BA0AC1F11EDB74B3C33C4F9AE02.roa File: F5454BA0AC1F11EDB74B3C33C4F9AE02.roa (raw, json) Hash identifier: /U3Cy9xR5/nlI/8GIygMQHfL8zUnPHBp6fUQA4VrOPg= Subject key identifier: 21:6A:AF:AC:C7:F7:DB:EE:CF:5E:10:32:69:3E:B8:01:F4:63:48:58 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 82C0 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F5454BA0AC1F11EDB74B3C33C4F9AE02.roa Signing time: Mon 12 Feb 2024 06:42:38 +0000 ROA not before: Mon 12 Feb 2024 06:42:38 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 134884 IP address blocks: 43.225.168.0/22 maxlen: 24 45.248.40.0/22 maxlen: 24 103.41.144.0/22 maxlen: 24 103.84.164.0/23 maxlen: 24 103.84.166.0/24 maxlen: 24 103.124.80.0/22 maxlen: 24 103.206.172.0/24 maxlen: 24 2001:df4:db00::/46 maxlen: 46 2001:df4:db00::/48 maxlen: 48 2001:df4:db01::/48 maxlen: 48 2001:df4:db02::/48 maxlen: 48 2001:df4:db03::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33472 (0x82c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Feb 12 06:42:38 2024 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=65c9bddd-2ca3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b5:b7:da:a7:0f:8d:0e:97:e2:53:62:59:77: c1:4c:a2:59:b2:cf:7e:77:16:c2:63:71:4f:3e:8c: 62:45:62:d9:e3:99:ac:63:7d:31:f4:39:19:76:fb: 2b:b5:18:79:f6:c5:ab:7d:46:43:ae:c3:a1:3c:6b: b8:57:95:bf:c0:83:9b:c2:53:9f:50:5a:d9:b0:67: 5e:3d:47:a3:ec:ae:2d:d8:aa:39:92:38:85:98:33: f9:cc:2c:45:31:ce:36:a8:d3:5d:45:a2:53:a4:00: 4b:3c:32:6f:c2:b4:0c:4f:a2:bd:00:bd:f5:6e:d0: fe:23:35:dc:90:c8:25:7a:c9:50:b3:e4:d2:bc:b9: cf:a5:4c:a2:c1:c6:71:d2:4e:01:a2:7e:ac:53:83: 58:b4:1b:ee:80:07:64:57:b7:ed:72:b3:bc:4b:ef: e6:2f:1b:42:c2:05:0a:d7:77:da:2f:d0:32:05:de: 5a:4a:02:a7:35:50:ac:5d:03:2f:2d:eb:cf:4e:84: 90:c0:75:ef:da:60:50:c2:aa:59:53:4b:95:e7:ad: ea:c6:b9:1d:a2:ad:79:79:b3:f7:cf:11:e3:75:d9: 80:96:04:52:00:1a:3a:a8:47:18:25:21:96:b5:51: 76:34:a2:75:27:05:5b:4d:88:dd:39:91:eb:02:12: 09:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:6A:AF:AC:C7:F7:DB:EE:CF:5E:10:32:69:3E:B8:01:F4:63:48:58 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F5454BA0AC1F11EDB74B3C33C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.225.168.0/22 45.248.40.0/22 103.41.144.0/22 103.84.164.0-103.84.166.255 103.124.80.0/22 103.206.172.0/24 IPv6: 2001:df4:db00::/46 Signature Algorithm: sha256WithRSAEncryption 97:67:61:00:7c:c4:5c:38:52:9d:f1:46:1d:50:f0:0c:75:69: 6b:46:2b:eb:c2:39:e7:53:79:b0:84:2d:64:52:06:f6:da:06: 1b:30:6f:4f:3c:c9:f1:10:86:bb:39:02:26:fe:9f:2b:77:7f: e1:11:bb:a6:67:c6:f5:a8:a2:83:a9:28:d8:b9:5f:89:ef:20: f6:23:d2:a5:ca:dc:25:10:74:7b:36:ab:0d:01:0d:93:01:74: 86:48:50:9a:cc:71:6c:9c:17:47:63:72:6b:f0:b3:f8:fd:aa: 67:c1:1a:6e:92:1b:0d:6f:bd:75:17:d8:8c:4c:2f:c7:fc:cd: b7:a0:f2:a7:ec:5a:81:8d:20:9b:5d:9f:38:db:ee:fa:24:e4: d6:07:02:e8:3d:13:90:2e:fe:d6:cd:68:9c:42:3c:ad:91:e7: 67:50:35:f4:21:47:03:92:aa:db:4c:f0:4f:b5:b7:77:3f:8c: 4f:49:b4:29:33:7e:97:8c:07:d1:ce:ec:19:44:58:cc:dc:96: 36:a5:3c:0e:32:3c:ab:a7:dd:12:15:4b:75:60:b2:db:47:ac: 98:6c:9e:e1:97:74:19:40:9c:37:e7:bb:31:44:8b:44:38:a2: fd:5a:dd:eb:ca:60:7f:0b:c0:4f:39:49:96:51:e0:ac:95:6c: a0:32:22:52 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgIDAILAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDIxMjA2NDIzOFoXDTI0MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjVjOWJkZGQtMmNhMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANG1t9qnD40Ol+JTYll3wUyiWbLPfncWwmNxTz6MYkVi2eOZrGN9MfQ5GXb7 K7UYefbFq31GQ67DoTxruFeVv8CDm8JTn1Ba2bBnXj1Ho+yuLdiqOZI4hZgz+cws RTHONqjTXUWiU6QASzwyb8K0DE+ivQC99W7Q/iM13JDIJXrJULPk0ry5z6VMosHG cdJOAaJ+rFODWLQb7oAHZFe37XKzvEvv5i8bQsIFCtd32i/QMgXeWkoCpzVQrF0D Ly3rz06EkMB179pgUMKqWVNLleet6sa5HaKteXmz988R43XZgJYEUgAaOqhHGCUh lrVRdjSidScFW02I3TmR6wISCZsCAwEAAaOCAswwggLIMB0GA1UdDgQWBBQhaq+s x/fb7s9eEDJpPrgB9GNIWDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y1NDU0QkEw QUMxRjExRURCNzRCM0MzM0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFYGCCsGAQUFBwEHAQH/ BEcwRTAyBAIAATAsAwQCK+GoAwQCLfgoAwQCZymQMAwDBAJnVKQDBABnVKYDBAJn fFADBABnzqwwDwQCAAIwCQMHAiABDfTbADANBgkqhkiG9w0BAQsFAAOCAQEAl2dh AHzEXDhSnfFGHVDwDHVpa0Yr68I551N5sIQtZFIG9toGGzBvTzzJ8RCGuzkCJv6f K3d/4RG7pmfG9aiig6ko2Llfie8g9iPSpcrcJRB0ezarDQENkwF0hkhQmsxxbJwX R2Nya/Cz+P2qZ8EabpIbDW+9dRfYjEwvx/zNt6Dyp+xagY0gm12fONvu+iTk1gcC 6D0TkC7+1s1onEI8rZHnZ1A19CFHA5Kq20zwT7W3dz+MT0m0KTN+l4wH0c7sGURY zNyWNqU8DjI8q6fdEhVLdWCy20esmGye4Zd0GUCcN+e7MUSLRDii/Vrd68pgfwvA TzlJllHgrJVsoDIiUg== -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:50 2024 by rpki-client on console-ams.rpki-client.org