$ rpki-client -vvf rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/17EA0C7A38DF11EF8EEDB25EC4F9AE02.roa File: 17EA0C7A38DF11EF8EEDB25EC4F9AE02.roa (raw, json) Hash identifier: sflqoJJiQSUE3/D/FoYHXfA8MjGPanF4iuCvuWOV/9c= Subject key identifier: A4:3A:87:11:B2:D9:4E:2B:5F:C4:28:35:B2:2A:EB:1D:B3:1A:D3:07 Certificate issuer: /CN=A9186D9F/serialNumber=43F7423F93D6BA09694059FB23DEF8528D26499D Certificate serial: 0B Authority key identifier: 43:F7:42:3F:93:D6:BA:09:69:40:59:FB:23:DE:F8:52:8D:26:49:9D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Q_dCP5PWuglpQFn7I974Uo0mSZ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/17EA0C7A38DF11EF8EEDB25EC4F9AE02.roa Signing time: Wed 03 Jul 2024 01:53:50 +0000 ROA not before: Wed 03 Jul 2024 01:53:50 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 142125 IP address blocks: 160.22.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/Q_dCP5PWuglpQFn7I974Uo0mSZ0.crl rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/Q_dCP5PWuglpQFn7I974Uo0mSZ0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Q_dCP5PWuglpQFn7I974Uo0mSZ0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9186D9F/serialNumber=43F7423F93D6BA09694059FB23DEF8528D26499D Validity Not Before: Jul 3 01:53:50 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=6684af2e-1d83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:cb:4f:2f:9f:09:39:0b:d7:0f:f6:f0:ae:6c: 15:f3:7f:ee:69:e5:b9:00:33:0e:dc:f8:82:9b:83: 6b:53:00:f3:e3:6a:f9:ca:7a:c9:46:06:aa:e2:7d: 43:88:be:6b:d2:77:23:51:08:f3:bc:39:32:68:6a: dc:4f:66:61:df:da:0a:4e:d8:41:01:f6:c5:5b:82: 07:01:6d:20:29:96:c4:24:20:ad:10:18:80:43:b7: 2a:76:93:22:e7:3a:7a:d0:c5:4a:98:7b:b1:5a:69: 91:9e:71:3b:91:be:9e:9f:ad:8a:58:41:b3:51:c3: 0e:ff:cb:b8:e1:af:63:c4:0a:34:1d:cf:30:95:86: 7f:62:2d:82:74:36:fe:57:91:49:eb:a4:f6:ff:af: 2e:d2:04:3f:82:63:6d:1c:74:0c:9a:45:78:2d:1e: 2e:2f:a4:9b:43:81:74:bc:42:88:ce:77:4f:a4:27: 35:72:92:3d:e6:28:60:18:97:7c:a2:ef:03:e8:0f: 28:15:4a:e5:a6:2f:c9:eb:7f:0b:81:ed:fb:ba:6f: 76:fa:c5:8e:62:26:45:db:dc:5c:97:52:1a:a4:a7: b5:40:8f:66:0b:64:d1:f4:4c:e2:fa:1c:b9:51:fb: 9e:71:70:33:18:9e:d9:43:83:f7:68:1b:98:19:51: c0:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:3A:87:11:B2:D9:4E:2B:5F:C4:28:35:B2:2A:EB:1D:B3:1A:D3:07 X509v3 Authority Key Identifier: keyid:43:F7:42:3F:93:D6:BA:09:69:40:59:FB:23:DE:F8:52:8D:26:49:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/Q_dCP5PWuglpQFn7I974Uo0mSZ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Q_dCP5PWuglpQFn7I974Uo0mSZ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186D9F/A936E4402E0411EF86F29D79C4F9AE02/17EA0C7A38DF11EF8EEDB25EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.22.42.0/24 Signature Algorithm: sha256WithRSAEncryption 88:81:14:e7:2f:14:22:e0:40:39:9b:75:9b:fa:f8:85:91:f7: da:08:8b:a8:25:85:01:ba:e3:74:85:3f:d7:f6:e9:1f:eb:7a: 2f:14:86:9f:2c:95:36:f1:2d:5a:95:0c:c7:32:eb:7e:c4:43: d9:26:e4:92:d3:76:68:06:4d:76:13:e0:46:b0:c5:b2:bb:f2: 3a:05:3d:d2:06:59:27:70:f8:fb:14:dc:63:58:08:69:16:dd: 51:be:8c:a6:21:5d:00:bc:c9:d7:a7:fa:de:ee:a0:e7:5f:ae: b3:09:6d:14:18:a3:f2:3f:d5:a3:16:d2:c6:87:fd:d9:b8:76: bf:a7:53:3c:fb:5e:e0:0f:f4:7c:fa:f0:e0:b3:88:8a:fa:cf: 1b:9b:d6:da:cb:53:bd:fa:7c:91:5d:df:57:5e:9c:1d:fc:6b: 75:9a:db:65:17:54:83:d3:62:86:92:d0:81:65:9f:91:cb:66: 96:0a:e6:4d:f3:1c:75:bb:18:d0:a8:30:b6:a4:d5:05:d2:fa: 6a:c6:f7:f5:5c:4b:b8:c1:ea:4b:de:22:02:dc:1a:5e:60:d3: 29:6b:f8:62:2d:47:61:c0:a8:d0:41:35:32:f5:c5:8b:7d:f3: d0:33:87:3f:44:54:39:06:e9:6f:ae:e9:e4:7a:13:5b:5b:08: b5:67:cf:28 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 NkQ5RjExMC8GA1UEBRMoNDNGNzQyM0Y5M0Q2QkEwOTY5NDA1OUZCMjNERUY4NTI4 RDI2NDk5RDAeFw0yNDA3MDMwMTUzNTBaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2ODRhZjJlLTFkODMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCgy08vnwk5C9cP9vCubBXzf+5p5bkAMw7c+IKbg2tTAPPjavnKeslGBqrifUOI vmvSdyNRCPO8OTJoatxPZmHf2gpO2EEB9sVbggcBbSAplsQkIK0QGIBDtyp2kyLn OnrQxUqYe7FaaZGecTuRvp6frYpYQbNRww7/y7jhr2PECjQdzzCVhn9iLYJ0Nv5X kUnrpPb/ry7SBD+CY20cdAyaRXgtHi4vpJtDgXS8QojOd0+kJzVykj3mKGAYl3yi 7wPoDygVSuWmL8nrfwuB7fu6b3b6xY5iJkXb3FyXUhqkp7VAj2YLZNH0TOL6HLlR +55xcDMYntlDg/doG5gZUcD7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUpDqHEbLZ TitfxCg1sirrHbMa0wcwHwYDVR0jBBgwFoAUQ/dCP5PWuglpQFn7I974Uo0mSZ0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg2RDlGL0E5MzZFNDQwMkUw NDExRUY4NkYyOUQ3OUM0RjlBRTAyL1FfZENQNVBXdWdscFFGbjdJOTc0VW8wbVNa MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUV9kQ1A1UFd1Z2xwUUZuN0k5NzRVbzBtU1owLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NkQ5Ri9BOTM2RTQ0MDJFMDQxMUVGODZGMjlENzlDNEY5QUUwMi8xN0VBMEM3QTM4 REYxMUVGOEVFREIyNUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKAWKjANBgkqhkiG9w0BAQsFAAOCAQEAiIEU5y8UIuBAOZt1 m/r4hZH32giLqCWFAbrjdIU/1/bpH+t6LxSGnyyVNvEtWpUMxzLrfsRD2SbkktN2 aAZNdhPgRrDFsrvyOgU90gZZJ3D4+xTcY1gIaRbdUb6MpiFdALzJ16f63u6g51+u swltFBij8j/VoxbSxof92bh2v6dTPPte4A/0fPrw4LOIivrPG5vW2stTvfp8kV3f V16cHfxrdZrbZRdUg9NihpLQgWWfkctmlgrmTfMcdbsY0KgwtqTVBdL6asb39VxL uMHqS94iAtwaXmDTKWv4Yi1HYcCo0EE1MvXFi33z0DOHP0RUOQbpb67p5HoTW1sI tWfPKA== -----END CERTIFICATE-----Generated at Sat Nov 23 06:21:27 2024 by rpki-client on console-fra.rpki-client.org