$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/1ABB6C4E17DB11EE92B1C26FC4F9AE02.roa File: 1ABB6C4E17DB11EE92B1C26FC4F9AE02.roa (raw, json) Hash identifier: kH6YTyg5VZFCMs5Bi0gDr+yta9bat2gmJ7apVoefsTU= Subject key identifier: F7:6F:7E:82:8F:57:65:90:FF:32:D6:A8:CC:31:7C:44:44:C7:75:70 Certificate issuer: /CN=A911CA78/serialNumber=3E7232048DCBD2C69BAB225B8A42216046C18B25 Certificate serial: 66 Authority key identifier: 3E:72:32:04:8D:CB:D2:C6:9B:AB:22:5B:8A:42:21:60:46:C1:8B:25 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PnIyBI3L0sabqyJbikIhYEbBiyU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/1ABB6C4E17DB11EE92B1C26FC4F9AE02.roa Signing time: Mon 04 Dec 2023 20:08:20 +0000 ROA not before: Mon 04 Dec 2023 20:08:20 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 4788 IP address blocks: 147.158.0.0/16 maxlen: 16 147.158.0.0/17 maxlen: 17 147.158.0.0/18 maxlen: 18 147.158.128.0/19 maxlen: 19 147.158.160.0/19 maxlen: 19 147.158.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.crl rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PnIyBI3L0sabqyJbikIhYEbBiyU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 20:20:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 102 (0x66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CA78/serialNumber=3E7232048DCBD2C69BAB225B8A42216046C18B25 Validity Not Before: Dec 4 20:08:20 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=656e31b4-090f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:17:ff:51:a1:17:a3:8a:fd:65:07:77:a7:5c: b1:96:dd:58:10:0e:6f:15:2c:2b:04:7d:7f:f6:05: 24:26:4e:3d:e4:37:00:b3:cc:5a:87:bb:82:22:b6: f5:99:65:58:e5:37:81:d7:ad:3f:8b:d7:c5:3e:45: c1:cb:0e:cb:ed:dd:7a:37:04:45:29:41:c0:f1:46: c8:3c:cf:ac:77:d3:a7:02:50:22:10:4b:ff:f4:95: 00:e0:84:1a:79:24:f3:5f:55:74:2d:c8:ab:07:c7: 96:dd:51:76:d7:bb:a2:e5:9b:53:4c:99:d2:c2:86: 8b:a2:9f:e5:c5:fb:69:fd:7d:41:ec:29:72:66:1e: 40:ab:6e:a3:63:6e:13:de:52:84:b0:55:8c:af:74: 53:fa:31:af:c0:61:1a:7b:cc:e7:7a:34:1a:4f:3e: 55:5c:4b:01:25:ef:8b:c4:b4:39:41:72:e1:f0:0b: 50:df:4a:5f:9b:56:04:9b:19:6f:a9:59:d1:8d:6e: 0b:4f:d4:f8:54:c6:65:9b:13:91:e3:9a:d3:d4:cb: 01:85:39:40:65:06:4d:be:cf:00:a1:ca:b7:00:ff: b5:4b:cc:da:d6:c3:b8:94:76:f8:42:c3:fe:3a:82: 3f:42:38:07:8d:97:ad:5f:26:1a:85:62:8e:ff:d6: 53:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:6F:7E:82:8F:57:65:90:FF:32:D6:A8:CC:31:7C:44:44:C7:75:70 X509v3 Authority Key Identifier: keyid:3E:72:32:04:8D:CB:D2:C6:9B:AB:22:5B:8A:42:21:60:46:C1:8B:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/PnIyBI3L0sabqyJbikIhYEbBiyU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PnIyBI3L0sabqyJbikIhYEbBiyU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/028F58FE16D911EE9F175315C4F9AE02/1ABB6C4E17DB11EE92B1C26FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 147.158.0.0/16 Signature Algorithm: sha256WithRSAEncryption 20:7a:80:68:7c:c1:d9:44:01:a5:b6:00:27:b4:0d:af:e6:dd: 67:68:3e:ed:05:e0:07:c8:88:7c:e3:c0:56:52:82:45:c9:79: 43:73:37:1c:51:84:b4:9d:22:f4:5f:dc:20:d2:3a:f0:65:bf: 69:cc:24:c3:47:09:d6:8f:78:e4:da:05:96:e6:a2:53:ad:85: 5f:36:21:63:97:99:2f:2b:c1:0b:55:52:57:f9:93:b2:7f:16: c7:f7:95:e1:0b:ab:7d:d4:84:23:5d:e5:a7:e8:38:f4:d6:3e: 33:1b:34:7d:b0:c1:71:9b:93:16:74:07:11:3b:c5:c3:84:92: 9d:3a:fb:9d:13:4a:79:6d:a5:df:e1:46:80:4f:c2:e7:c7:64: 50:58:b8:92:21:b9:05:61:16:27:9d:e1:97:31:bc:c8:fb:0d: b5:53:14:d2:93:d5:8b:58:ef:18:0b:08:1c:54:1b:e1:53:0d: d7:f3:ec:8d:c4:e4:b4:7f:1c:38:ff:10:a4:60:bf:f6:56:e3: e9:ee:1b:30:ed:2d:92:ab:b6:49:79:28:b2:f3:4b:a8:b0:90: 4e:95:49:7e:74:84:b1:00:ab:94:c6:a9:9f:64:43:c1:b7:03: de:b8:6d:82:80:bb:67:e7:47:d6:9f:46:a1:4e:14:23:70:f4: 13:55:53:c7 -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgIBZjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx Q0E3ODExMC8GA1UEBRMoM0U3MjMyMDQ4RENCRDJDNjlCQUIyMjVCOEE0MjIxNjA0 NkMxOEIyNTAeFw0yMzEyMDQyMDA4MjBaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY1NmUzMWI0LTA5MGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4F/9RoRejiv1lB3enXLGW3VgQDm8VLCsEfX/2BSQmTj3kNwCzzFqHu4IitvWZ ZVjlN4HXrT+L18U+RcHLDsvt3Xo3BEUpQcDxRsg8z6x306cCUCIQS//0lQDghBp5 JPNfVXQtyKsHx5bdUXbXu6Llm1NMmdLChouin+XF+2n9fUHsKXJmHkCrbqNjbhPe UoSwVYyvdFP6Ma/AYRp7zOd6NBpPPlVcSwEl74vEtDlBcuHwC1DfSl+bVgSbGW+p WdGNbgtP1PhUxmWbE5HjmtPUywGFOUBlBk2+zwChyrcA/7VLzNrWw7iUdvhCw/46 gj9COAeNl61fJhqFYo7/1lO3AgMBAAGjggKUMIICkDAdBgNVHQ4EFgQU929+go9X ZZD/MtaozDF8RETHdXAwHwYDVR0jBBgwFoAUPnIyBI3L0sabqyJbikIhYEbBiyUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFDQTc4LzAyOEY1OEZFMTZE OTExRUU5RjE3NTMxNUM0RjlBRTAyL1BuSXlCSTNMMHNhYnF5SmJpa0loWUViQml5 VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUG5JeUJJM0wwc2FicXlKYmlrSWhZRWJCaXlVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Q0E3OC8wMjhGNThGRTE2RDkxMUVFOUYxNzUzMTVDNEY5QUUwMi8xQUJCNkM0RTE3 REIxMUVFOTJCMUMyNkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQP MA0wCwQCAAEwBQMDAJOeMA0GCSqGSIb3DQEBCwUAA4IBAQAgeoBofMHZRAGltgAn tA2v5t1naD7tBeAHyIh848BWUoJFyXlDczccUYS0nSL0X9wg0jrwZb9pzCTDRwnW j3jk2gWW5qJTrYVfNiFjl5kvK8ELVVJX+ZOyfxbH95XhC6t91IQjXeWn6Dj01j4z GzR9sMFxm5MWdAcRO8XDhJKdOvudE0p5baXf4UaAT8Lnx2RQWLiSIbkFYRYnneGX MbzI+w21UxTSk9WLWO8YCwgcVBvhUw3X8+yNxOS0fxw4/xCkYL/2VuPp7hsw7S2S q7ZJeSiy80uosJBOlUl+dISxAKuUxqmfZEPBtwPeuG2CgLtn50fWn0ahThQjcPQT VVPH -----END CERTIFICATE-----Generated at Thu May 2 22:13:15 2024 by rpki-client on console-fra.rpki-client.org