$ rpki-client -vvf rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa File: D9AD698C961211ECB515C474C4F9AE02.roa (raw, json) Hash identifier: UZE4B7TQF7OmOrR/d21Mir8aueARJYHSHmfJPdIjU8c= Subject key identifier: D6:71:F8:2D:3A:02:69:98:60:23:E0:FE:38:23:77:8C:66:7E:44:1F Certificate issuer: /CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Certificate serial: 026D Authority key identifier: 77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa Signing time: Thu 31 Aug 2023 02:33:21 +0000 ROA not before: Thu 31 Aug 2023 02:33:21 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 133199 IP address blocks: 43.242.128.0/24 maxlen: 24 43.242.129.0/24 maxlen: 24 43.242.130.0/24 maxlen: 24 43.242.131.0/24 maxlen: 24 103.251.88.0/24 maxlen: 24 103.251.89.0/24 maxlen: 24 103.251.90.0/24 maxlen: 24 103.251.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 May 2024 03:15:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 621 (0x26d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F20B/serialNumber=7703A6D56C718021BD9C89EB3C4BED817ED56AE5 Validity Not Before: Aug 31 02:33:21 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64effbf1-3303 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:20:5e:88:da:ab:5a:f4:7e:10:fb:f1:8a:76: aa:ec:1a:9b:fb:84:53:24:22:2f:49:94:49:78:6e: f3:ed:d7:5b:bd:84:6c:e9:8a:5d:55:66:33:c0:d7: 1e:d6:ff:86:91:da:b7:e7:8a:4b:14:c5:ec:88:c4: ad:45:f4:74:8c:4f:23:e1:7a:05:02:1f:a5:55:e4: f7:de:18:51:8a:45:56:bd:ce:91:23:4e:84:8c:96: d1:64:b4:a1:27:4b:81:2d:9c:e6:d9:a0:81:ff:26: 38:ba:15:3c:cc:b0:a2:d8:45:fd:16:d7:46:6f:f5: f9:64:d5:cb:b1:f8:47:98:8a:b8:17:0c:0d:04:95: f7:0f:e0:51:bd:a2:d5:58:47:46:22:72:47:c3:c9: c4:36:15:c6:df:01:46:37:5b:ca:a1:2d:66:50:76: b0:06:9c:f1:e2:30:2f:77:e6:e4:0e:9d:96:d3:ba: 3a:f9:3f:95:6f:cc:5f:f9:a1:66:ab:f6:2e:66:46: 54:78:4b:38:a5:cf:33:f7:66:22:2b:7f:4d:c9:36: f5:d5:a6:da:3e:dc:3b:2b:97:36:b7:3c:16:02:ab: 03:78:00:ef:36:f6:62:a0:48:31:b8:12:cd:ee:c5: 0f:ce:e4:3b:1f:a2:5d:0a:c7:76:d1:0e:31:39:a3: 37:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:71:F8:2D:3A:02:69:98:60:23:E0:FE:38:23:77:8C:66:7E:44:1F X509v3 Authority Key Identifier: keyid:77:03:A6:D5:6C:71:80:21:BD:9C:89:EB:3C:4B:ED:81:7E:D5:6A:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/dwOm1WxxgCG9nInrPEvtgX7VauU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwOm1WxxgCG9nInrPEvtgX7VauU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F20B/19E4DBF6960F11EC890A446DC4F9AE02/D9AD698C961211ECB515C474C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.242.128.0/22 103.251.88.0/22 Signature Algorithm: sha256WithRSAEncryption 2f:3c:49:ac:f5:32:68:34:85:3c:4a:bf:30:13:84:70:7d:dc: b1:fa:ac:b8:04:04:2b:99:00:71:1d:4a:b2:ba:9b:5c:dd:d4: da:f8:9d:35:a9:a8:73:ed:ed:d6:d9:59:42:f8:af:8c:4d:a9: 45:19:74:a4:f0:95:cb:0a:51:20:be:34:e2:d7:06:30:96:2a: 71:e1:78:d7:5b:a6:88:28:04:06:a1:68:39:39:51:1a:af:3f: dc:7f:8b:65:ab:32:c8:16:02:5f:29:1e:34:4f:16:75:ed:1d: 2e:ee:d2:84:14:09:f8:91:5b:6f:45:38:fd:13:0a:93:ed:f1: 95:ae:5e:a8:16:d1:98:9d:4e:a3:ff:e0:e2:b8:c1:57:08:42: 8c:d2:cb:ba:ea:e2:9f:8f:30:53:2d:be:9a:04:80:0f:86:7e: 63:ba:3d:72:93:74:b4:15:08:c9:9d:4d:58:fa:81:0b:b1:9d: 0f:cb:36:50:50:37:c2:3c:01:59:c5:3a:a9:aa:5f:c1:90:57: 7a:1a:0d:19:33:7f:e4:ec:54:12:1e:d6:8b:b4:8b:4d:c0:03: bc:5d:63:29:5e:18:5f:4b:9b:3f:40:f2:16:07:ec:d5:d7:4d: b7:28:8f:cd:d1:a9:42:42:41:74:4b:52:3a:2b:ea:53:e0:f0: af:0b:f0:4e -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAm0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEYyMEIxMTAvBgNVBAUTKDc3MDNBNkQ1NkM3MTgwMjFCRDlDODlFQjNDNEJFRDgx N0VENTZBRTUwHhcNMjMwODMxMDIzMzIxWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGVmZmJmMS0zMzAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAySBeiNqrWvR+EPvxinaq7Bqb+4RTJCIvSZRJeG7z7ddbvYRs6YpdVWYzwNce 1v+Gkdq354pLFMXsiMStRfR0jE8j4XoFAh+lVeT33hhRikVWvc6RI06EjJbRZLSh J0uBLZzm2aCB/yY4uhU8zLCi2EX9FtdGb/X5ZNXLsfhHmIq4FwwNBJX3D+BRvaLV WEdGInJHw8nENhXG3wFGN1vKoS1mUHawBpzx4jAvd+bkDp2W07o6+T+Vb8xf+aFm q/YuZkZUeEs4pc8z92YiK39NyTb11abaPtw7K5c2tzwWAqsDeADvNvZioEgxuBLN 7sUPzuQ7H6JdCsd20Q4xOaM3DwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNZx+C06 AmmYYCPg/jgjd4xmfkQfMB8GA1UdIwQYMBaAFHcDptVscYAhvZyJ6zxL7YF+1Wrl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjIwQi8xOUU0REJGNjk2 MEYxMUVDODkwQTQ0NkRDNEY5QUUwMi9kd09tMVd4eGdDRzluSW5yUEV2dGdYN1Zh dVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2R3T20xV3h4Z0NHOW5JbnJQRXZ0Z1g3VmF1VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEYyMEIvMTlFNERCRjY5NjBGMTFFQzg5MEE0NDZEQzRGOUFFMDIvRDlBRDY5OEM5 NjEyMTFFQ0I1MTVDNDc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr8oADBAJn+1gwDQYJKoZIhvcNAQELBQADggEBAC88Saz1 Mmg0hTxKvzAThHB93LH6rLgEBCuZAHEdSrK6m1zd1Nr4nTWpqHPt7dbZWUL4r4xN qUUZdKTwlcsKUSC+NOLXBjCWKnHheNdbpogoBAahaDk5URqvP9x/i2WrMsgWAl8p HjRPFnXtHS7u0oQUCfiRW29FOP0TCpPt8ZWuXqgW0ZidTqP/4OK4wVcIQozSy7rq 4p+PMFMtvpoEgA+GfmO6PXKTdLQVCMmdTVj6gQuxnQ/LNlBQN8I8AVnFOqmqX8GQ V3oaDRkzf+TsVBIe1ou0i03AA7xdYyleGF9Lmz9A8hYH7NXXTbcoj83RqUJCQXRL Ujor6lPg8K8L8E4= -----END CERTIFICATE-----Generated at Thu Apr 25 03:53:11 2024 by rpki-client on console-fra.rpki-client.org