$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/B4A54CAC5EEC11ECBD3D6737C4F9AE02.roa File: B4A54CAC5EEC11ECBD3D6737C4F9AE02.roa (raw, json) Hash identifier: Gg1WGSZRHVh4RDZ+Ufh1J6jjHusyIcD7hvy3+Dbw63Y= Subject key identifier: 18:CB:59:AC:28:AE:7F:43:04:95:41:DC:65:57:5C:21:2C:99:39:DF Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 2836 Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/B4A54CAC5EEC11ECBD3D6737C4F9AE02.roa Signing time: Thu 28 Dec 2023 16:03:24 +0000 ROA not before: Thu 28 Dec 2023 16:03:24 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 4558 IP address blocks: 49.229.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Jun 2024 16:10:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10294 (0x2836) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: Dec 28 16:03:24 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658d9c4c-dfa2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:66:7b:45:1b:2c:55:55:c6:1f:78:81:e7:f7: 9f:01:4c:a6:06:d3:66:d5:c2:11:e9:ea:71:8e:d1: fd:16:86:61:f9:d4:de:b3:05:e5:ad:7e:46:22:37: 22:c5:93:f7:7e:15:66:a8:24:9e:c3:4d:c2:6e:33: 3d:fb:54:46:0f:97:51:35:cc:7f:d6:62:8f:5b:ed: a8:2c:67:fe:3f:b5:87:bc:e7:e7:5c:a7:0c:44:40: 59:78:ca:64:73:c3:c3:64:2f:18:21:7c:75:6b:fd: fb:36:0e:2c:33:7f:d9:d9:83:31:15:94:97:c3:06: 7b:43:9a:2c:a9:ec:57:da:73:3e:b3:45:7d:65:90: f1:14:2d:bb:c2:db:19:08:c1:e0:dc:13:48:4d:db: 82:f2:15:0a:02:32:05:46:13:b2:77:7d:77:8d:c8: 5e:4b:11:16:8e:df:ad:85:e6:e4:dd:62:35:20:02: f5:58:15:6a:c5:61:1f:07:53:c6:03:cd:d6:14:fe: 2b:86:58:55:52:14:21:93:11:3e:17:15:99:0d:d1: 2b:d8:32:11:ab:93:70:85:d6:a6:e9:c6:0d:10:da: 0c:30:94:5e:61:7c:37:b6:40:18:dd:40:c5:87:38: eb:c1:8d:2f:58:bd:90:16:c8:da:b8:dc:5e:3e:24: 0e:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:CB:59:AC:28:AE:7F:43:04:95:41:DC:65:57:5C:21:2C:99:39:DF X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/B4A54CAC5EEC11ECBD3D6737C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 49.229.152.0/21 Signature Algorithm: sha256WithRSAEncryption 5b:a3:a8:e9:98:5a:94:ea:9b:e7:20:92:55:b8:4f:45:05:e5: a6:99:9c:d5:f8:af:26:05:96:71:97:ad:c9:e5:1e:a3:2d:44: dd:f8:3a:ab:36:4c:9d:7a:38:75:73:0c:b1:9f:7b:d1:1e:47: a9:d1:85:77:d7:40:50:47:e6:5c:5d:3b:70:c8:5d:ee:80:6e: 81:97:53:5b:f1:75:76:44:54:85:77:c9:6f:41:fd:04:a6:e3: 20:a1:39:62:35:d1:0a:0a:f5:05:01:a0:cc:d0:0a:0c:f5:b7: 8e:43:1d:8b:7d:bc:da:f1:1f:94:b3:9f:82:88:a5:72:3b:ae: 77:ab:bd:ba:c9:76:72:d9:c9:6a:68:bc:83:3f:bd:89:30:23: c5:2e:5e:86:3e:eb:f0:cb:82:03:5d:b3:34:90:a9:0b:16:e3: 11:17:69:c3:41:18:f4:d4:fe:8c:27:a9:b2:6a:ec:3a:1c:04: 6e:e1:87:07:b0:44:e1:5e:28:ab:15:5e:cb:2a:4e:d2:85:f0: 6a:31:d6:7d:33:25:c9:a5:08:8b:2a:c2:8d:71:47:89:ea:ad: da:43:6a:37:e2:6f:5a:81:72:87:04:c1:36:0f:58:0f:73:59: 5a:de:cf:18:53:e9:11:9c:73:ab:3c:77:4b:cb:92:23:95:6e: 80:1d:fb:32 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICKDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjMxMjI4MTYwMzI0WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NThkOWM0Yy1kZmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm2Z7RRssVVXGH3iB5/efAUymBtNm1cIR6epxjtH9FoZh+dTeswXlrX5GIjci xZP3fhVmqCSew03CbjM9+1RGD5dRNcx/1mKPW+2oLGf+P7WHvOfnXKcMREBZeMpk c8PDZC8YIXx1a/37Ng4sM3/Z2YMxFZSXwwZ7Q5osqexX2nM+s0V9ZZDxFC27wtsZ CMHg3BNITduC8hUKAjIFRhOyd313jcheSxEWjt+thebk3WI1IAL1WBVqxWEfB1PG A83WFP4rhlhVUhQhkxE+FxWZDdEr2DIRq5Nwhdam6cYNENoMMJReYXw3tkAY3UDF hzjrwY0vWL2QFsjauNxePiQOEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBjLWawo rn9DBJVB3GVXXCEsmTnfMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvQjRBNTRDQUM1 RUVDMTFFQ0JEM0Q2NzM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAMx5ZgwDQYJKoZIhvcNAQELBQADggEBAFujqOmYWpTqm+cg klW4T0UF5aaZnNX4ryYFlnGXrcnlHqMtRN34Oqs2TJ16OHVzDLGfe9EeR6nRhXfX QFBH5lxdO3DIXe6AboGXU1vxdXZEVIV3yW9B/QSm4yChOWI10QoK9QUBoMzQCgz1 t45DHYt9vNrxH5Szn4KIpXI7rnervbrJdnLZyWpovIM/vYkwI8UuXoY+6/DLggNd szSQqQsW4xEXacNBGPTU/ownqbJq7DocBG7hhwewROFeKKsVXssqTtKF8Gox1n0z JcmlCIsqwo1xR4nqrdpDajfib1qBcocEwTYPWA9zWVrezxhT6RGcc6s8d0vLkiOV boAd+zI= -----END CERTIFICATE-----Generated at Thu Jun 6 18:47:43 2024 by rpki-client on console-fra.rpki-client.org