$ rpki-client -vvf rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/0F8D82DCD9FD11EEA4312983C4F9AE02.roa File: 0F8D82DCD9FD11EEA4312983C4F9AE02.roa (raw, json) Hash identifier: o70V3rgTm8yRRylFlCudRELCYk4ehTX4M2+Mtzto8oo= Subject key identifier: 3A:8A:F0:81:CB:32:62:7F:78:A0:F5:6E:80:54:B6:BB:6C:6B:2F:AA Certificate issuer: /CN=A91364F5/serialNumber=6163A9554C330679F7EA16678B108D964EC1C802 Certificate serial: 03 Authority key identifier: 61:63:A9:55:4C:33:06:79:F7:EA:16:67:8B:10:8D:96:4E:C1:C8:02 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YWOpVUwzBnn36hZnixCNlk7ByAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/0F8D82DCD9FD11EEA4312983C4F9AE02.roa Signing time: Mon 04 Mar 2024 07:59:01 +0000 ROA not before: Mon 04 Mar 2024 07:59:01 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 152606 IP address blocks: 157.20.150.0/23 maxlen: 23 157.20.150.0/24 maxlen: 24 157.20.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/YWOpVUwzBnn36hZnixCNlk7ByAI.crl rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/YWOpVUwzBnn36hZnixCNlk7ByAI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YWOpVUwzBnn36hZnixCNlk7ByAI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91364F5/serialNumber=6163A9554C330679F7EA16678B108D964EC1C802 Validity Not Before: Mar 4 07:59:01 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=65e57f44-db2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:6b:95:28:ae:c6:e7:d1:73:ad:f4:73:dc:aa: 04:dc:a2:3f:ad:56:3d:79:3d:33:d7:47:d2:e9:7b: 5e:32:ac:02:24:04:b2:38:95:fb:b9:0a:a9:a4:af: 2d:2b:71:b7:77:e2:4e:17:11:30:22:de:71:62:d7: 6c:6d:de:24:e0:b4:45:f6:a4:78:ca:25:0e:80:c7: 5f:9f:da:45:c4:3a:74:eb:54:61:e4:e8:0f:b2:58: 5c:92:e1:5d:b2:c4:83:d4:4a:9c:78:97:9b:89:b7: 2b:c5:b8:e4:94:e1:76:5a:17:b5:14:84:28:21:fc: 78:79:2c:27:4c:81:84:88:a7:01:bd:1c:e1:9d:7c: 17:7c:63:a3:44:56:8c:54:07:d3:b7:44:c2:11:84: c6:a4:b2:c5:92:69:87:a0:d1:bd:a5:41:58:53:b8: e3:9d:81:45:02:54:61:b5:87:0f:ed:c8:47:42:34: 2f:af:b7:f8:5b:32:1b:77:eb:65:18:34:d4:4c:69: ae:61:29:d9:77:1b:51:c7:50:e3:4f:8e:d0:a0:b9: af:5b:eb:1d:a9:91:8e:4f:00:c7:df:b1:ed:19:07: f8:27:f6:90:b7:dc:de:a2:fa:a2:dd:2b:da:7a:df: 61:eb:48:c4:b0:b5:31:da:4c:4d:40:ec:24:bd:b9: 85:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:8A:F0:81:CB:32:62:7F:78:A0:F5:6E:80:54:B6:BB:6C:6B:2F:AA X509v3 Authority Key Identifier: keyid:61:63:A9:55:4C:33:06:79:F7:EA:16:67:8B:10:8D:96:4E:C1:C8:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/YWOpVUwzBnn36hZnixCNlk7ByAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YWOpVUwzBnn36hZnixCNlk7ByAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91364F5/5B5B93ECD9F911EE9EAE5D7DC4F9AE02/0F8D82DCD9FD11EEA4312983C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.20.150.0/23 Signature Algorithm: sha256WithRSAEncryption c9:df:39:10:9a:cf:27:9b:fd:e2:6d:6d:ed:4a:a0:5c:d7:00: 6a:bc:77:3f:87:78:f3:c1:b6:67:6d:ff:8d:eb:9e:a0:25:5d: 3b:fa:32:de:06:8a:d5:e4:aa:cd:cf:8e:2b:82:74:05:20:fb: 1e:c9:d1:47:a3:49:cc:09:8a:45:bd:8f:af:84:dc:88:af:b8: 4f:9c:0d:3c:eb:1a:ac:55:57:24:11:be:c0:6f:35:ad:32:d5: 02:b4:44:8d:4d:f1:81:de:cc:db:2b:6d:b1:c5:32:a0:aa:88: b2:0e:e5:39:16:7e:1e:9d:97:de:76:d4:fb:9b:8a:ef:a5:e5: c7:4c:86:4f:2b:9a:87:f9:9c:dd:c1:0d:54:a3:56:0a:e0:64: 59:76:32:35:3b:2f:da:17:86:13:94:b0:c6:2a:f0:a9:c1:ef: 99:b4:c0:7c:d1:93:77:d2:2e:e0:7b:ef:40:d0:6c:4b:9f:ce: a3:52:e5:44:27:3f:7a:29:f2:88:e1:bc:32:eb:89:79:b7:15: 63:82:c1:af:5c:df:dd:26:33:1b:c0:a1:76:5b:8b:e3:c8:b2: 45:05:fe:44:4b:45:f1:95:21:1e:18:18:db:e5:e6:20:52:36: 68:5d:c1:19:e9:ae:39:f2:eb:42:bc:c4:4c:84:00:8d:3a:ca: 04:fc:ec:d6 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz NjRGNTExMC8GA1UEBRMoNjE2M0E5NTU0QzMzMDY3OUY3RUExNjY3OEIxMDhEOTY0 RUMxQzgwMjAeFw0yNDAzMDQwNzU5MDFaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV BAMTDTY1ZTU3ZjQ0LWRiMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDca5Uorsbn0XOt9HPcqgTcoj+tVj15PTPXR9Lpe14yrAIkBLI4lfu5Cqmkry0r cbd34k4XETAi3nFi12xt3iTgtEX2pHjKJQ6Ax1+f2kXEOnTrVGHk6A+yWFyS4V2y xIPUSpx4l5uJtyvFuOSU4XZaF7UUhCgh/Hh5LCdMgYSIpwG9HOGdfBd8Y6NEVoxU B9O3RMIRhMakssWSaYeg0b2lQVhTuOOdgUUCVGG1hw/tyEdCNC+vt/hbMht362UY NNRMaa5hKdl3G1HHUONPjtCgua9b6x2pkY5PAMffse0ZB/gn9pC33N6i+qLdK9p6 32HrSMSwtTHaTE1A7CS9uYXRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUOorwgcsy Yn94oPVugFS2u2xrL6owHwYDVR0jBBgwFoAUYWOpVUwzBnn36hZnixCNlk7ByAIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2NEY1LzVCNUI5M0VDRDlG OTExRUU5RUFFNUQ3REM0RjlBRTAyL1lXT3BWVXd6Qm5uMzZoWm5peENObGs3QnlB SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWVdPcFZVd3pCbm4zNmhabml4Q05sazdCeUFJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NjRGNS81QjVCOTNFQ0Q5RjkxMUVFOUVBRTVEN0RDNEY5QUUwMi8wRjhEODJEQ0Q5 RkQxMUVFQTQzMTI5ODNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAZ0UljANBgkqhkiG9w0BAQsFAAOCAQEAyd85EJrPJ5v94m1t 7UqgXNcAarx3P4d488G2Z23/jeueoCVdO/oy3gaK1eSqzc+OK4J0BSD7HsnRR6NJ zAmKRb2Pr4TciK+4T5wNPOsarFVXJBG+wG81rTLVArREjU3xgd7M2yttscUyoKqI sg7lORZ+Hp2X3nbU+5uK76Xlx0yGTyuah/mc3cENVKNWCuBkWXYyNTsv2heGE5Sw xirwqcHvmbTAfNGTd9Iu4HvvQNBsS5/Oo1LlRCc/einyiOG8MuuJebcVY4LBr1zf 3SYzG8ChdluL48iyRQX+REtF8ZUhHhgY2+XmIFI2aF3BGemuOfLrQrzETIQAjTrK BPzs1g== -----END CERTIFICATE-----Generated at Thu Nov 21 06:50:14 2024 by rpki-client on console-fra.rpki-client.org