$ rpki-client -vvf rpki.apnic.net/member_repository/A914C10B/7231C3DAAF6211EB8BA1F714C4F9AE02/CFBB0C48B28A11EBB4CE6E70C4F9AE02.roa File: CFBB0C48B28A11EBB4CE6E70C4F9AE02.roa (raw, json) Hash identifier: /hN22pXefmAaJ7eqsgQoPWOe4RzJ8IU1SJr06tXv2cg= Subject key identifier: 22:F9:1B:2A:CA:E9:64:67:66:AD:0A:1E:BD:B5:96:CB:F2:DF:77:C2 Certificate issuer: /CN=A914C10B/serialNumber=109CB71B4F64166F1DDA422CEB721EE3ED196798 Certificate serial: 04DD Authority key identifier: 10:9C:B7:1B:4F:64:16:6F:1D:DA:42:2C:EB:72:1E:E3:ED:19:67:98 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EJy3G09kFm8d2kIs63Ie4-0ZZ5g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914C10B/7231C3DAAF6211EB8BA1F714C4F9AE02/CFBB0C48B28A11EBB4CE6E70C4F9AE02.roa Signing time: Sun 03 Dec 2023 00:51:56 +0000 ROA not before: Sun 03 Dec 2023 00:51:56 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 54238 IP address blocks: 164.153.28.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914C10B/7231C3DAAF6211EB8BA1F714C4F9AE02/EJy3G09kFm8d2kIs63Ie4-0ZZ5g.crl rsync://rpki.apnic.net/member_repository/A914C10B/7231C3DAAF6211EB8BA1F714C4F9AE02/EJy3G09kFm8d2kIs63Ie4-0ZZ5g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EJy3G09kFm8d2kIs63Ie4-0ZZ5g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1245 (0x4dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914C10B/serialNumber=109CB71B4F64166F1DDA422CEB721EE3ED196798 Validity Not Before: Dec 3 00:51:56 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=656bd12c-4755 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8d:cb:08:85:51:a2:f7:97:69:73:10:f8:d5: f0:49:88:0d:df:72:d5:52:da:a0:37:e8:de:c3:62: c1:b2:01:6a:8f:30:09:13:4d:14:30:f9:2c:96:40: 5c:bb:91:bb:ef:d5:7e:3e:d8:0a:ba:06:d9:9b:25: e9:f6:b1:9e:80:99:de:dc:ef:6c:ba:fb:71:28:0c: 91:53:56:bd:c7:cc:42:c1:1f:31:27:83:d6:37:bc: e8:77:6f:aa:f4:90:93:d0:4d:d3:fe:7f:c4:8c:d9: 10:f6:00:a1:16:42:be:ae:51:06:3f:94:10:1b:83: 82:db:b9:b7:ae:49:2f:bf:04:1c:de:ba:c7:e9:19: 25:a4:42:ec:87:13:2b:2e:7d:37:3e:44:ab:cd:ad: 04:94:78:cc:de:f6:cd:fc:d9:c2:82:d9:f9:41:a0: 8c:5b:de:9f:8a:41:87:82:94:d7:14:22:6e:46:26: e3:f6:52:fc:9b:3c:8c:30:e6:2f:2c:32:f8:38:b2: a1:42:26:45:69:24:79:df:89:b0:c1:fd:f1:7f:2e: 37:95:17:7a:44:fa:54:28:b4:da:20:70:22:4b:fc: 8e:e2:7b:b9:f2:11:b5:0a:a6:bb:8b:7b:6a:ce:d5: bb:03:cf:59:c3:f4:19:1e:fa:1b:f1:fd:c1:89:b8: 5a:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:F9:1B:2A:CA:E9:64:67:66:AD:0A:1E:BD:B5:96:CB:F2:DF:77:C2 X509v3 Authority Key Identifier: keyid:10:9C:B7:1B:4F:64:16:6F:1D:DA:42:2C:EB:72:1E:E3:ED:19:67:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914C10B/7231C3DAAF6211EB8BA1F714C4F9AE02/EJy3G09kFm8d2kIs63Ie4-0ZZ5g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EJy3G09kFm8d2kIs63Ie4-0ZZ5g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C10B/7231C3DAAF6211EB8BA1F714C4F9AE02/CFBB0C48B28A11EBB4CE6E70C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 164.153.28.0/22 Signature Algorithm: sha256WithRSAEncryption 68:9a:86:ad:f5:e7:ac:a5:0f:98:5b:fa:82:53:60:a4:99:08: 10:63:a4:c3:7d:d2:1f:e9:89:d2:51:b5:20:c1:e3:ff:2e:4c: 23:41:7f:60:53:52:09:4d:5a:17:0b:80:e6:94:00:92:ed:58: ef:57:f5:0a:1a:7a:88:26:9c:29:ee:a9:60:18:62:f0:1d:55: 3d:46:d8:87:15:cb:54:e4:8f:73:c8:21:d3:1a:c9:d0:7a:31: 6f:ac:27:46:72:c4:63:48:ef:97:6a:df:61:db:9a:96:23:83: 0c:7e:74:4d:77:08:d2:21:80:0e:ac:da:33:8d:d0:82:b4:18: 4d:4a:a0:82:b5:95:1c:2d:c5:eb:ca:ce:db:96:45:89:68:40: 1c:fa:31:3e:0d:bd:22:fa:2a:3b:c7:8a:fa:5c:35:1f:41:e0: 8e:40:5d:b6:47:26:81:04:13:96:12:cd:3b:d5:a9:0c:86:82: 76:d4:f2:21:6a:77:0c:ff:d0:3f:94:35:c2:ef:ea:54:b3:7f: 61:08:3c:ce:8f:75:c8:c6:a1:7e:a2:b5:a1:0a:35:68:31:29: d7:23:3c:20:13:a5:30:cd:5f:eb:fe:65:f4:36:36:bd:19:9f: 07:ff:5c:3e:61:ae:db:f7:4c:b5:c6:74:b4:02:8a:cf:94:e7: 5e:78:53:59 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICBN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEMxMEIxMTAvBgNVBAUTKDEwOUNCNzFCNEY2NDE2NkYxRERBNDIyQ0VCNzIxRUUz RUQxOTY3OTgwHhcNMjMxMjAzMDA1MTU2WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTZiZDEyYy00NzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw43LCIVRoveXaXMQ+NXwSYgN33LVUtqgN+jew2LBsgFqjzAJE00UMPkslkBc u5G779V+PtgKugbZmyXp9rGegJne3O9suvtxKAyRU1a9x8xCwR8xJ4PWN7zod2+q 9JCT0E3T/n/EjNkQ9gChFkK+rlEGP5QQG4OC27m3rkkvvwQc3rrH6RklpELshxMr Ln03PkSrza0ElHjM3vbN/NnCgtn5QaCMW96fikGHgpTXFCJuRibj9lL8mzyMMOYv LDL4OLKhQiZFaSR534mwwf3xfy43lRd6RPpUKLTaIHAiS/yO4nu58hG1Cqa7i3tq ztW7A89Zw/QZHvob8f3BibhaHwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCL5GyrK 6WRnZq0KHr21lsvy33fCMB8GA1UdIwQYMBaAFBCctxtPZBZvHdpCLOtyHuPtGWeY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzEwQi83MjMxQzNEQUFG NjIxMUVCOEJBMUY3MTRDNEY5QUUwMi9FSnkzRzA5a0ZtOGQya0lzNjNJZTQtMFpa NWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0VKeTNHMDlrRm04ZDJrSXM2M0llNC0wWlo1Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEMxMEIvNzIzMUMzREFBRjYyMTFFQjhCQTFGNzE0QzRGOUFFMDIvQ0ZCQjBDNDhC MjhBMTFFQkI0Q0U2RTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAKkmRwwDQYJKoZIhvcNAQELBQADggEBAGiahq3156ylD5hb +oJTYKSZCBBjpMN90h/pidJRtSDB4/8uTCNBf2BTUglNWhcLgOaUAJLtWO9X9Qoa eogmnCnuqWAYYvAdVT1G2IcVy1Tkj3PIIdMaydB6MW+sJ0ZyxGNI75dq32HbmpYj gwx+dE13CNIhgA6s2jON0IK0GE1KoIK1lRwtxevKztuWRYloQBz6MT4NvSL6KjvH ivpcNR9B4I5AXbZHJoEEE5YSzTvVqQyGgnbU8iFqdwz/0D+UNcLv6lSzf2EIPM6P dcjGoX6itaEKNWgxKdcjPCATpTDNX+v+ZfQ2Nr0Znwf/XD5hrtv3TLXGdLQCis+U 5154U1k= -----END CERTIFICATE-----Generated at Sun May 19 01:47:12 2024 by rpki-client on console-fra.rpki-client.org