$ rpki-client -vvf rpki.apnic.net/member_repository/A91D298D/2CB11FCEF1A611EAB95C0E2FC4F9AE02/51B1F2A665D911EBA6089869C4F9AE02.roa File: 51B1F2A665D911EBA6089869C4F9AE02.roa (raw, json) Hash identifier: B8fUt7Pdt2UMWuxfQ9UN+F7Nr16V041q8LjFCjPDInw= Subject key identifier: B7:EC:23:C1:46:D8:7A:A1:2D:5C:B9:F9:E4:C4:2F:E4:B1:0E:3D:9B Certificate issuer: /CN=A91D298D/serialNumber=83AEF93152B2508CBC80A3627E3A27E87BCFDECA Certificate serial: 06F5 Authority key identifier: 83:AE:F9:31:52:B2:50:8C:BC:80:A3:62:7E:3A:27:E8:7B:CF:DE:CA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g675MVKyUIy8gKNifjon6HvP3so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D298D/2CB11FCEF1A611EAB95C0E2FC4F9AE02/51B1F2A665D911EBA6089869C4F9AE02.roa Signing time: Tue 06 Feb 2024 22:41:14 +0000 ROA not before: Tue 06 Feb 2024 22:41:14 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 59257 IP address blocks: 209.150.144.0/23 maxlen: 24 209.150.146.0/23 maxlen: 24 209.150.148.0/23 maxlen: 24 209.150.150.0/23 maxlen: 24 209.150.152.0/21 maxlen: 21 209.150.152.0/23 maxlen: 24 209.150.154.0/23 maxlen: 24 209.150.156.0/23 maxlen: 24 209.150.158.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D298D/2CB11FCEF1A611EAB95C0E2FC4F9AE02/g675MVKyUIy8gKNifjon6HvP3so.crl rsync://rpki.apnic.net/member_repository/A91D298D/2CB11FCEF1A611EAB95C0E2FC4F9AE02/g675MVKyUIy8gKNifjon6HvP3so.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g675MVKyUIy8gKNifjon6HvP3so.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 18:32:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1781 (0x6f5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D298D/serialNumber=83AEF93152B2508CBC80A3627E3A27E87BCFDECA Validity Not Before: Feb 6 22:41:14 2024 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=65c2b58a-eb68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:83:39:55:61:95:8e:8b:75:79:0d:3f:d1:a9: 10:eb:ff:4b:9a:69:5a:5f:98:f1:3d:cc:0f:3d:9b: ec:7e:66:fd:46:84:a8:07:8a:eb:15:bf:dc:bc:be: 0c:fa:63:ad:70:23:06:c3:c1:b8:1f:13:00:38:fc: a2:ad:d3:b5:df:7d:dd:8a:eb:cb:3e:0e:4e:84:79: 67:33:66:24:30:0f:ef:04:7c:c9:81:22:59:8d:17: 3f:04:75:49:61:28:78:af:39:e7:e2:cc:f8:04:bb: 4a:94:c8:30:08:13:fc:1a:0e:6f:c5:c1:e3:2d:5c: 22:b0:f5:21:d8:c7:3e:99:81:13:b0:cd:fd:74:62: 96:b4:b1:0d:b0:cf:5a:c2:8f:c6:05:b1:e4:0d:1e: 3c:b9:3d:a5:fd:99:f7:2f:78:45:e9:3f:be:18:e7: b1:74:f6:a2:72:d5:d8:14:2e:60:57:41:1c:47:90: c7:d0:bb:1d:1a:a9:4a:d2:9a:ff:ce:2e:af:5a:1d: bc:74:8b:d6:53:b9:38:71:a2:fe:33:e3:2b:36:e1: ef:ca:71:17:5d:6a:98:ac:43:a8:23:8e:b7:2f:24: 5c:19:87:2f:af:59:76:0d:9c:bc:8e:74:fd:a0:58: 59:59:fc:ad:53:a3:2e:fa:a2:55:33:19:63:88:d8: d0:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:EC:23:C1:46:D8:7A:A1:2D:5C:B9:F9:E4:C4:2F:E4:B1:0E:3D:9B X509v3 Authority Key Identifier: keyid:83:AE:F9:31:52:B2:50:8C:BC:80:A3:62:7E:3A:27:E8:7B:CF:DE:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D298D/2CB11FCEF1A611EAB95C0E2FC4F9AE02/g675MVKyUIy8gKNifjon6HvP3so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g675MVKyUIy8gKNifjon6HvP3so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D298D/2CB11FCEF1A611EAB95C0E2FC4F9AE02/51B1F2A665D911EBA6089869C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 209.150.144.0/20 Signature Algorithm: sha256WithRSAEncryption 32:d4:1b:67:cc:49:2e:e0:ef:16:4e:74:75:06:47:0e:a1:d0: a9:57:6e:ad:fc:e3:8e:91:a0:b7:71:a0:0f:f8:d5:f5:96:ca: 95:25:45:a2:f0:f8:1a:a1:85:19:58:8a:81:92:03:49:d7:bf: 0c:7f:ff:83:65:b5:1b:5c:6b:96:9e:a8:64:a4:30:37:a9:36: ea:18:19:b3:d8:6b:31:62:b4:10:ff:fe:e0:e5:a2:77:02:c4: 77:f4:3d:fc:11:78:85:ee:0e:52:73:8d:5f:93:62:e2:6e:a8: 4d:31:25:25:72:22:ef:d2:37:bc:01:4c:1b:06:eb:f1:8f:91: 85:d7:23:ba:21:0c:19:b6:f9:83:16:97:b6:45:6b:cc:2b:7e: 1c:18:d8:09:cf:b7:ff:1d:08:e5:a5:57:16:15:2c:6e:17:7b: de:3f:59:bf:8c:dd:3f:8c:60:0f:c8:27:84:07:8f:4c:44:fd: a5:bb:d5:ad:d0:c9:c7:45:b4:ab:49:5e:82:56:a6:da:73:d8: ce:18:dd:34:73:e9:f0:d3:2a:57:47:c3:ac:9f:4e:14:6b:31: 4b:a2:ef:c0:50:98:85:79:4f:d4:1a:69:1a:b6:76:ae:72:57: 7e:62:e1:5a:7f:28:95:d4:05:f9:a1:77:6d:4d:c5:8b:95:a0: a7:d1:06:c4 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBvUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI5OEQxMTAvBgNVBAUTKDgzQUVGOTMxNTJCMjUwOENCQzgwQTM2MjdFM0EyN0U4 N0JDRkRFQ0EwHhcNMjQwMjA2MjI0MTE0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NWMyYjU4YS1lYjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA24M5VWGVjot1eQ0/0akQ6/9LmmlaX5jxPcwPPZvsfmb9RoSoB4rrFb/cvL4M +mOtcCMGw8G4HxMAOPyirdO1333diuvLPg5OhHlnM2YkMA/vBHzJgSJZjRc/BHVJ YSh4rznn4sz4BLtKlMgwCBP8Gg5vxcHjLVwisPUh2Mc+mYETsM39dGKWtLENsM9a wo/GBbHkDR48uT2l/Zn3L3hF6T++GOexdPaictXYFC5gV0EcR5DH0LsdGqlK0pr/ zi6vWh28dIvWU7k4caL+M+MrNuHvynEXXWqYrEOoI463LyRcGYcvr1l2DZy8jnT9 oFhZWfytU6Mu+qJVMxljiNjQ8wIDAQABo4IClTCCApEwHQYDVR0OBBYEFLfsI8FG 2HqhLVy5+eTEL+SxDj2bMB8GA1UdIwQYMBaAFIOu+TFSslCMvICjYn46J+h7z97K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjk4RC8yQ0IxMUZDRUYx QTYxMUVBQjk1QzBFMkZDNEY5QUUwMi9nNjc1TVZLeVVJeThnS05pZmpvbjZIdlAz c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2c2NzVNVkt5VUl5OGdLTmlmam9uNkh2UDNzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDI5OEQvMkNCMTFGQ0VGMUE2MTFFQUI5NUMwRTJGQzRGOUFFMDIvNTFCMUYyQTY2 NUQ5MTFFQkE2MDg5ODY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBATRlpAwDQYJKoZIhvcNAQELBQADggEBADLUG2fMSS7g7xZO dHUGRw6h0KlXbq38446RoLdxoA/41fWWypUlRaLw+BqhhRlYioGSA0nXvwx//4Nl tRtca5aeqGSkMDepNuoYGbPYazFitBD//uDloncCxHf0PfwReIXuDlJzjV+TYuJu qE0xJSVyIu/SN7wBTBsG6/GPkYXXI7ohDBm2+YMWl7ZFa8wrfhwY2AnPt/8dCOWl VxYVLG4Xe94/Wb+M3T+MYA/IJ4QHj0xE/aW71a3QycdFtKtJXoJWptpz2M4Y3TRz 6fDTKldHw6yfThRrMUui78BQmIV5T9QaaRq2dq5yV35i4Vp/KJXUBfmhd21NxYuV oKfRBsQ= -----END CERTIFICATE-----Generated at Fri May 31 23:53:08 2024 by rpki-client on console-fra.rpki-client.org