$ rpki-client -vvf rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa File: 907FFB3C5C8511EDA172EE5CC4F9AE02.roa (raw, json) Hash identifier: ROCn87h+nUYMOh/I3nf6jc72/YgblF40f3uoYcWM1Dk= Subject key identifier: 59:B9:45:85:FF:DF:AB:94:C2:A6:F6:2F:EF:21:2E:83:06:BA:D0:CB Certificate issuer: /CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Certificate serial: 0208 Authority key identifier: 24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa Signing time: Wed 31 Jan 2024 04:16:34 +0000 ROA not before: Wed 31 Jan 2024 04:16:34 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 12888 IP address blocks: 168.153.3.0/24 maxlen: 24 168.153.4.0/24 maxlen: 24 168.153.5.0/24 maxlen: 24 168.153.6.0/24 maxlen: 24 168.153.7.0/24 maxlen: 24 168.153.8.0/24 maxlen: 24 168.153.106.0/24 maxlen: 24 168.153.107.0/24 maxlen: 24 168.153.108.0/24 maxlen: 24 168.153.109.0/24 maxlen: 24 168.153.110.0/24 maxlen: 24 168.153.111.0/24 maxlen: 24 168.153.144.0/22 maxlen: 22 168.153.160.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 02:50:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 520 (0x208) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Validity Not Before: Jan 31 04:16:34 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=65b9c9a2-9c26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a6:ac:fb:f9:83:78:61:1f:57:fe:81:e8:d7: 38:4b:1e:1a:f0:01:71:71:b7:c7:33:26:d0:0f:10: db:d2:56:96:76:a6:51:3e:74:7c:52:b2:ee:9d:af: 59:06:4b:0d:b9:2f:cd:35:c8:d4:9f:c3:d4:04:61: f5:84:2b:1f:ca:b4:78:e8:8f:21:31:8f:3a:3a:6c: b5:1f:4b:c5:f0:df:a3:4f:18:f0:6c:89:45:32:ed: 7c:82:e6:3f:8f:b8:f0:c2:0d:d6:a3:e6:15:6a:03: a0:52:c1:33:fc:43:04:03:1b:52:53:b1:e2:31:b5: ff:d2:a2:f9:fd:7e:67:04:46:3e:e7:25:66:6d:fd: 8c:da:11:7f:09:4e:f0:22:b5:25:b7:fd:7f:ff:86: 10:3f:e1:2b:39:d3:d0:1b:f3:69:d1:e4:b6:53:83: a2:4e:48:df:55:c3:1b:d5:22:13:86:03:ca:17:41: c9:c8:af:21:e2:c5:52:31:10:bd:f3:a8:d8:b6:ae: cf:78:95:9a:98:32:e7:24:5a:c5:6f:23:37:cb:29: e2:d5:b2:68:9a:39:50:e4:40:df:38:6b:a8:28:90: 2a:a6:26:fb:fe:ec:45:ce:04:4f:ba:10:35:83:53: 8a:bf:b9:67:da:92:b6:08:e9:1c:ce:1b:60:07:7c: 14:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:B9:45:85:FF:DF:AB:94:C2:A6:F6:2F:EF:21:2E:83:06:BA:D0:CB X509v3 Authority Key Identifier: keyid:24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 168.153.3.0-168.153.8.255 168.153.106.0-168.153.111.255 168.153.144.0/22 168.153.160.0/22 Signature Algorithm: sha256WithRSAEncryption ce:cd:69:d9:e7:4b:88:0b:36:db:7d:10:01:87:35:ff:b4:c6: 1b:c6:a8:0f:05:2f:e0:8f:85:70:b1:1c:72:34:fa:e1:f5:9b: 57:25:a1:1b:4e:2b:09:6c:f2:cb:ee:d8:69:db:7e:3f:cf:72: 28:0a:f3:7b:0c:ba:09:3c:39:72:90:05:4f:85:f5:7d:94:4a: be:20:c4:8d:1b:51:60:05:af:a6:a9:7e:8d:57:d4:5d:0d:eb: f7:ed:0e:4c:bd:e6:d8:9e:b3:19:9d:d1:2a:0e:78:c1:97:d1: d7:bd:53:0a:5f:44:6f:43:6d:44:9a:39:ed:f6:65:89:b6:ad: 5d:92:60:f9:06:13:e4:61:cb:81:e3:a2:67:92:2f:1e:d3:4f: 5b:8d:f9:22:7c:6b:fd:d3:30:95:31:c6:9b:54:92:22:38:c5: 58:72:4d:c3:eb:93:4b:d2:82:10:c2:3a:3f:0f:cf:f2:57:ba: 3e:ea:87:a1:36:df:48:3c:08:9d:04:69:a9:cd:b8:2b:55:e9: b9:bd:28:57:20:0e:73:60:66:3d:f2:17:2f:5f:21:31:c3:cb: be:ad:92:76:0e:a3:4b:1e:7d:d9:d8:c5:51:84:34:6e:50:ea: 18:a3:01:92:aa:8b:5f:b6:1e:f2:94:cd:80:35:85:68:cb:c6: 5d:9e:05:16 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICAggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3MTMxMTAvBgNVBAUTKDI0QzhCQkY5MzBDRDJEMTIzOTlBQkRGOUM5Q0FCMTRC MUNENzlGNkIwHhcNMjQwMTMxMDQxNjM0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWI5YzlhMi05YzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw6as+/mDeGEfV/6B6Nc4Sx4a8AFxcbfHMybQDxDb0laWdqZRPnR8UrLuna9Z BksNuS/NNcjUn8PUBGH1hCsfyrR46I8hMY86Omy1H0vF8N+jTxjwbIlFMu18guY/ j7jwwg3Wo+YVagOgUsEz/EMEAxtSU7HiMbX/0qL5/X5nBEY+5yVmbf2M2hF/CU7w IrUlt/1//4YQP+ErOdPQG/Np0eS2U4OiTkjfVcMb1SIThgPKF0HJyK8h4sVSMRC9 86jYtq7PeJWamDLnJFrFbyM3yyni1bJomjlQ5EDfOGuoKJAqpib7/uxFzgRPuhA1 g1OKv7ln2pK2COkczhtgB3wUaQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFFm5RYX/ 36uUwqb2L+8hLoMGutDLMB8GA1UdIwQYMBaAFCTIu/kwzS0SOZq9+cnKsUsc159r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTcxMy8zNDk5NENCNEUw REExMUVDOTRDN0UwNjJDNEY5QUUwMi9KTWk3LVRETkxSSTVtcjM1eWNxeFN4elhu MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0pNaTctVEROTFJJNW1yMzV5Y3F4U3h6WG4ycy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUE3MTMvMzQ5OTRDQjRFMERBMTFFQzk0QzdFMDYyQzRGOUFFMDIvOTA3RkZCM0M1 Qzg1MTFFREExNzJFRTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMC4EAgABMCgwDAMEAKiZAwMEAKiZCDAMAwQBqJlqAwQEqJlgAwQCqJmQAwQC qJmgMA0GCSqGSIb3DQEBCwUAA4IBAQDOzWnZ50uICzbbfRABhzX/tMYbxqgPBS/g j4VwsRxyNPrh9ZtXJaEbTisJbPLL7thp234/z3IoCvN7DLoJPDlykAVPhfV9lEq+ IMSNG1FgBa+mqX6NV9RdDev37Q5MvebYnrMZndEqDnjBl9HXvVMKX0RvQ21Emjnt 9mWJtq1dkmD5BhPkYcuB46Jnki8e009bjfkifGv90zCVMcabVJIiOMVYck3D65NL 0oIQwjo/D8/yV7o+6oehNt9IPAidBGmpzbgrVem5vShXIA5zYGY98hcvXyExw8u+ rZJ2DqNLHn3Z2MVRhDRuUOoYowGSqotfth7ylM2ANYVoy8ZdngUW -----END CERTIFICATE-----Generated at Sat Jun 1 05:48:43 2024 by rpki-client on console-fra.rpki-client.org