$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FF6A3C84B63A11ECA70FD111C4F9AE02.roa File: FF6A3C84B63A11ECA70FD111C4F9AE02.roa (raw, json) Hash identifier: ynzasXxZ7jtmI+VPVqEmX6hpsJTebHC4vrbEycUC/sE= Subject key identifier: 5E:0A:07:CD:72:10:7E:DB:0D:C6:32:2C:5E:46:CE:3F:E1:AC:73:01 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 6FEC Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FF6A3C84B63A11ECA70FD111C4F9AE02.roa Signing time: Wed 10 May 2023 16:41:07 +0000 ROA not before: Wed 10 May 2023 16:41:07 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 147226 IP address blocks: 103.170.228.0/23 maxlen: 24 103.177.182.0/23 maxlen: 24 2400:3be0::/32 maxlen: 32 2407:b940::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 15:38:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28652 (0x6fec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 10 16:41:07 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=645bc922-f13c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:91:ac:9b:31:07:10:8a:ca:b9:e3:5c:b7:af: 7b:b9:ef:75:81:c1:59:44:bc:3d:82:02:e4:8d:91: 05:7b:5b:80:0a:45:96:40:31:02:a0:4f:14:46:c5: 1b:cc:af:bc:43:f4:eb:d0:bb:be:49:d1:50:6e:8a: 64:2f:5b:bd:a1:bf:58:5d:14:ec:21:37:c1:97:1d: b2:3c:51:1b:2d:2d:91:91:6f:ac:53:4c:45:c3:04: c8:e5:17:af:eb:f8:4b:f4:c5:56:3f:fd:5d:4f:a3: 3c:92:9a:0f:e7:fe:b6:8b:7f:5c:1a:b2:f9:77:e6: fb:c9:68:1f:96:ef:53:cb:bf:4f:dd:2d:d2:4f:ee: c4:da:3b:ae:f1:d8:8e:fa:49:b9:cb:fe:d4:29:ef: e6:aa:e0:fb:73:ee:1e:09:a0:07:5c:b8:66:bd:08: 7f:dd:2b:f0:6e:d0:b9:95:1b:c0:73:6c:b4:7f:2c: b0:0e:5c:54:c0:21:9c:2c:78:fe:42:f4:73:c7:88: 83:65:a8:82:63:ef:02:e4:fb:b5:2b:9c:57:47:02: 8f:02:99:6a:f5:45:c7:0f:b5:6e:bb:04:b3:54:77: 44:64:12:84:e0:1a:ec:44:ca:cf:aa:75:64:9a:aa: a3:8b:26:a6:5d:1a:e0:e6:ed:98:d5:a5:78:4d:97: 1b:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:0A:07:CD:72:10:7E:DB:0D:C6:32:2C:5E:46:CE:3F:E1:AC:73:01 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FF6A3C84B63A11ECA70FD111C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.170.228.0/23 103.177.182.0/23 IPv6: 2400:3be0::/32 2407:b940::/32 Signature Algorithm: sha256WithRSAEncryption 70:80:1e:8e:f5:e4:06:5f:ad:88:0b:32:fe:0a:0c:ca:47:42: 60:f9:b9:15:f5:e6:6d:24:ea:7c:33:dc:ca:5c:2d:c1:a2:c2: 11:9c:17:5c:49:84:72:82:16:a3:7b:93:69:94:2e:50:ee:20: 88:3e:32:7e:e0:38:ac:ef:33:b5:0f:22:c4:34:67:de:c7:ef: 37:10:2f:f8:b0:16:b2:42:33:b5:d9:64:d3:dc:70:44:d4:56: 29:fb:ee:15:68:4a:bf:ce:d9:a3:34:eb:81:26:b7:74:17:63: 15:ad:85:44:05:ef:5d:2c:bc:d4:fe:d4:97:b8:56:f3:ff:6f: 79:a4:8e:34:0c:cb:62:39:e6:ff:12:c3:ee:19:7f:d8:a4:16: 0c:d1:d0:d4:8d:2f:90:dc:29:84:84:de:50:7e:7b:0a:47:13: d3:15:cc:a2:c7:40:b7:82:28:13:ad:82:bc:18:4c:26:61:a1: e2:83:1c:ae:84:f8:2b:4d:3e:3e:3a:0e:da:d1:0a:29:81:8e: 73:dc:c8:a6:a3:95:da:b4:98:4f:ef:df:ee:31:a8:26:49:64: 4a:17:57:ff:b5:01:be:ee:d4:ef:50:aa:2a:5d:07:7c:7f:b6: 8f:14:83:33:ab:6b:f1:85:64:7c:9c:b8:7e:b7:d7:52:ba:fb: 88:aa:fd:5d -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgICb+wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz RTNBQkM4MjMwHhcNMjMwNTEwMTY0MTA3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDViYzkyMi1mMTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv5GsmzEHEIrKueNct697ue91gcFZRLw9ggLkjZEFe1uACkWWQDECoE8URsUb zK+8Q/Tr0Lu+SdFQbopkL1u9ob9YXRTsITfBlx2yPFEbLS2RkW+sU0xFwwTI5Rev 6/hL9MVWP/1dT6M8kpoP5/62i39cGrL5d+b7yWgflu9Ty79P3S3ST+7E2juu8diO +km5y/7UKe/mquD7c+4eCaAHXLhmvQh/3SvwbtC5lRvAc2y0fyywDlxUwCGcLHj+ QvRzx4iDZaiCY+8C5Pu1K5xXRwKPAplq9UXHD7VuuwSzVHdEZBKE4BrsRMrPqnVk mqqjiyamXRrg5u2Y1aV4TZcbGwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFF4KB81y EH7bDcYyLF5Gzj/hrHMBMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5 Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRkY2QTNDODRC NjNBMTFFQ0E3MEZEMTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E LDAqMBIEAgABMAwDBAFnquQDBAFnsbYwFAQCAAIwDgMFACQAO+ADBQAkB7lAMA0G CSqGSIb3DQEBCwUAA4IBAQBwgB6O9eQGX62ICzL+CgzKR0Jg+bkV9eZtJOp8M9zK XC3BosIRnBdcSYRyghaje5NplC5Q7iCIPjJ+4Dis7zO1DyLENGfex+83EC/4sBay QjO12WTT3HBE1FYp++4VaEq/ztmjNOuBJrd0F2MVrYVEBe9dLLzU/tSXuFbz/295 pI40DMtiOeb/EsPuGX/YpBYM0dDUjS+Q3CmEhN5QfnsKRxPTFcyix0C3gigTrYK8 GEwmYaHigxyuhPgrTT4+Og7a0QopgY5z3Mimo5XatJhP79/uMagmSWRKF1f/tQG+ 7tTvUKoqXQd8f7aPFIMzq2vxhWR8nLh+t9dSuvuIqv1d -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:51 2024 by rpki-client on console-ams.rpki-client.org