$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa File: B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa (raw, json) Hash identifier: a0NH5wp4HNks2+m4hfx7zhLI5guHxytTYFO6xK/58YU= Subject key identifier: 88:1C:A1:3A:69:73:08:45:8A:84:58:7C:AC:5E:9C:BE:48:D7:80:AF Certificate issuer: /CN=A91B1FA8/serialNumber=0DEEED1362143C362F24F97C67C8E4ECE2C7A561 Certificate serial: 1247 Authority key identifier: 0D:EE:ED:13:62:14:3C:36:2F:24:F9:7C:67:C8:E4:EC:E2:C7:A5:61 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa Signing time: Mon 26 Feb 2024 17:55:36 +0000 ROA not before: Mon 26 Feb 2024 17:55:36 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 4764 IP address blocks: 144.6.0.0/16 maxlen: 22 159.196.0.0/18 maxlen: 23 159.196.64.0/18 maxlen: 24 159.196.128.0/18 maxlen: 23 159.196.168.0/24 maxlen: 24 159.196.169.0/24 maxlen: 24 159.196.170.0/24 maxlen: 24 159.196.171.0/24 maxlen: 24 159.196.192.0/18 maxlen: 24 167.179.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.crl rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Sep 2024 15:42:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4679 (0x1247) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1FA8/serialNumber=0DEEED1362143C362F24F97C67C8E4ECE2C7A561 Validity Not Before: Feb 26 17:55:36 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65dcd098-37d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:3d:d9:15:a8:93:5b:d2:1c:6c:ab:37:0f:f1: 0a:7d:db:d5:7c:12:cd:d3:9d:06:53:d7:9e:48:ac: fa:5d:79:24:89:dd:61:28:94:ca:15:69:61:2c:d2: 8d:c8:5a:e0:a6:87:68:0f:56:dd:88:7e:bf:3e:7f: fb:e2:02:18:bb:ba:5a:0d:a2:81:e9:a3:a5:35:ca: 37:5c:0a:0d:a1:30:6b:79:92:44:ee:58:de:55:5a: 4d:65:30:87:e1:7c:4b:a3:c7:82:27:ae:12:ee:71: 70:43:95:51:1c:6d:0e:30:85:fb:7a:7f:d7:f5:0f: 89:16:ba:86:00:fb:91:62:e8:ce:53:ca:83:d4:13: bd:0b:0d:93:46:75:dd:d9:02:5a:3d:b2:e0:8b:ac: 9b:cf:a3:16:ec:38:bc:e0:d3:78:a9:75:71:15:06: a6:8d:16:15:76:ae:53:29:5f:e2:f7:e3:a5:66:50: 95:b8:b7:c3:d6:1a:c7:89:fb:fc:b9:3c:15:b5:50: 07:3d:46:af:1c:58:5d:61:fb:9d:db:99:8c:d2:32: a8:79:59:36:f1:a8:b4:fa:a0:17:c7:c0:ab:40:a7: 5b:2c:c7:4e:bc:2e:14:ca:87:fc:a7:86:a3:47:04: b7:3a:c6:c7:9d:10:78:bb:3e:84:2d:b4:b1:db:52: 25:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:1C:A1:3A:69:73:08:45:8A:84:58:7C:AC:5E:9C:BE:48:D7:80:AF X509v3 Authority Key Identifier: keyid:0D:EE:ED:13:62:14:3C:36:2F:24:F9:7C:67:C8:E4:EC:E2:C7:A5:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/De7tE2IUPDYvJPl8Z8jk7OLHpWE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/De7tE2IUPDYvJPl8Z8jk7OLHpWE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/DF470902AFD911E8B2ED4C7FC4F9AE02/B8B7B5BA64BE11EBA96DF40DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 144.6.0.0/16 159.196.0.0/16 167.179.128.0/18 Signature Algorithm: sha256WithRSAEncryption 2d:b0:ef:75:f1:3b:e7:71:dd:c2:75:8b:08:70:24:95:d9:bb: d8:c5:65:37:2a:ad:9f:a1:22:63:25:77:75:bc:d9:73:ad:41: 05:b7:09:5d:ca:10:d2:cd:35:f8:90:af:f6:f4:0f:9a:70:dc: 42:a6:68:fa:eb:a8:f7:bb:fb:22:f0:ec:cb:ac:0f:bf:f5:5c: 5b:62:82:36:3e:38:0f:e0:9e:d5:9a:e6:ca:07:97:ec:19:29: 73:e8:0d:be:45:4d:0e:ce:a1:d0:0c:b1:74:34:95:14:0d:02: d4:b0:65:ff:28:3c:f2:4f:1f:e1:82:a1:33:b4:b2:bf:24:52: 59:66:44:66:d8:cb:8e:e2:93:ab:eb:d8:d4:2b:c0:35:67:82: 08:51:36:b8:3f:c1:56:c5:03:f8:99:dd:84:18:2d:80:f7:13: a2:96:48:19:b1:e3:e6:e2:b2:76:c4:00:56:4d:f9:ad:b1:e5: bd:78:07:3d:d1:05:9a:98:89:03:ea:e2:fd:70:48:fa:cc:25: 1b:7a:3a:cc:6a:c2:ee:5f:65:a9:25:58:d7:7b:d7:f0:c5:ad: b9:ab:6f:7b:bc:25:c6:54:5f:44:38:39:03:cb:5e:d9:7a:d0: 5a:df:9c:cc:14:a0:bb:b4:45:6f:9d:b3:64:9d:78:77:37:fa: fa:51:c5:da -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgICEkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFGQTgxMTAvBgNVBAUTKDBERUVFRDEzNjIxNDNDMzYyRjI0Rjk3QzY3QzhFNEVD RTJDN0E1NjEwHhcNMjQwMjI2MTc1NTM2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWRjZDA5OC0zN2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArD3ZFaiTW9IcbKs3D/EKfdvVfBLN050GU9eeSKz6XXkkid1hKJTKFWlhLNKN yFrgpodoD1bdiH6/Pn/74gIYu7paDaKB6aOlNco3XAoNoTBreZJE7ljeVVpNZTCH 4XxLo8eCJ64S7nFwQ5VRHG0OMIX7en/X9Q+JFrqGAPuRYujOU8qD1BO9Cw2TRnXd 2QJaPbLgi6ybz6MW7Di84NN4qXVxFQamjRYVdq5TKV/i9+OlZlCVuLfD1hrHifv8 uTwVtVAHPUavHFhdYfud25mM0jKoeVk28ai0+qAXx8CrQKdbLMdOvC4Uyof8p4aj RwS3OsbHnRB4uz6ELbSx21IlxwIDAQABo4ICnzCCApswHQYDVR0OBBYEFIgcoTpp cwhFioRYfKxenL5I14CvMB8GA1UdIwQYMBaAFA3u7RNiFDw2LyT5fGfI5Ozix6Vh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUZBOC9ERjQ3MDkwMkFG RDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9EZTd0RTJJVVBEWXZKUGw4WjhqazdPTEhw V0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0RlN3RFMklVUERZdkpQbDhaOGprN09MSHBXRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjFGQTgvREY0NzA5MDJBRkQ5MTFFOEIyRUQ0QzdGQzRGOUFFMDIvQjhCN0I1QkE2 NEJFMTFFQkE5NkRGNDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQcBAf8E GjAYMBYEAgABMBADAwCQBgMDAJ/EAwQGp7OAMA0GCSqGSIb3DQEBCwUAA4IBAQAt sO918Tvncd3CdYsIcCSV2bvYxWU3Kq2foSJjJXd1vNlzrUEFtwldyhDSzTX4kK/2 9A+acNxCpmj666j3u/si8OzLrA+/9VxbYoI2PjgP4J7VmubKB5fsGSlz6A2+RU0O zqHQDLF0NJUUDQLUsGX/KDzyTx/hgqEztLK/JFJZZkRm2MuO4pOr69jUK8A1Z4II UTa4P8FWxQP4md2EGC2A9xOilkgZsePm4rJ2xABWTfmtseW9eAc90QWamIkD6uL9 cEj6zCUbejrMasLuX2WpJVjXe9fwxa25q297vCXGVF9EODkDy17ZetBa35zMFKC7 tEVvnbNknXh3N/r6UcXa -----END CERTIFICATE-----Generated at Fri Sep 20 20:59:07 2024 by rpki-client on console-ams.rpki-client.org