$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/AF0A3F14178911EC876F5F50C4F9AE02.roa File: AF0A3F14178911EC876F5F50C4F9AE02.roa (raw, json) Hash identifier: IVU27JRYWuBmIt6QcWFMqPFM6vDpf9nhIJBTc75GYY0= Subject key identifier: 1E:E6:B5:50:31:29:A2:4B:BB:A6:4C:D1:22:40:29:06:E8:25:C4:66 Certificate issuer: /CN=A91514B1/serialNumber=9682C2ABE25323580776B1D0E275D2FD2D697EB6 Certificate serial: 04C7 Authority key identifier: 96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/AF0A3F14178911EC876F5F50C4F9AE02.roa Signing time: Tue 03 Sep 2024 01:14:45 +0000 ROA not before: Tue 03 Sep 2024 01:14:45 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 7474 IP address blocks: 161.43.64.0/18 maxlen: 18 161.43.96.0/24 maxlen: 24 161.43.97.0/24 maxlen: 24 161.43.192.0/18 maxlen: 18 161.43.192.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1223 (0x4c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91514B1/serialNumber=9682C2ABE25323580776B1D0E275D2FD2D697EB6 Validity Not Before: Sep 3 01:14:45 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66d66305-378d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a3:8c:ac:49:e7:7f:0d:ce:77:a8:96:0b:89: 73:38:7b:97:29:6b:98:7a:d8:ab:d6:18:c9:0c:d6: 85:b2:0c:6c:d8:ec:83:9f:80:7e:1f:f7:aa:c2:8c: 6a:03:93:18:ff:fe:84:74:91:7d:a6:91:2a:68:b9: a7:5d:7d:db:6b:e5:92:26:84:47:90:ee:0e:ae:7e: aa:ea:f7:68:d9:57:d1:fd:9f:44:dd:a7:5b:38:b9: 9d:f7:4d:e0:14:f9:14:01:81:a8:57:a6:d5:87:b6: 82:92:f8:2b:e1:74:f8:2f:34:ed:9c:df:81:dd:ff: c4:39:06:59:a6:6d:6c:07:9d:43:a9:a1:87:db:35: f5:f0:7c:73:06:f7:80:f8:0d:0b:85:c9:29:9f:dd: 01:b9:d2:50:85:50:ce:b2:e7:ae:b3:16:b5:84:ae: 5f:fe:87:22:af:26:60:bf:41:60:a9:31:ac:a6:c3: 3d:44:57:5d:ba:64:b1:5f:8a:22:52:a1:29:fb:3a: e0:7d:7c:99:7f:44:47:4f:c5:c6:16:78:38:58:de: 64:85:2b:6d:a7:0c:b5:2c:f9:b0:3c:88:88:9e:9b: fc:0f:d7:07:2c:43:f7:c2:75:59:ec:6f:61:80:25: 35:bf:2b:11:2f:40:db:ff:e5:f6:3e:11:d2:84:dd: 6d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:E6:B5:50:31:29:A2:4B:BB:A6:4C:D1:22:40:29:06:E8:25:C4:66 X509v3 Authority Key Identifier: keyid:96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/AF0A3F14178911EC876F5F50C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.43.64.0/18 161.43.192.0/18 Signature Algorithm: sha256WithRSAEncryption 40:d2:d7:b6:68:c0:08:53:36:07:ad:ed:9a:33:77:da:8f:8b: aa:d8:eb:a5:f0:57:cf:9e:16:7f:d9:8b:9e:42:45:e0:3a:04: 90:0b:78:2d:c7:b2:04:1f:46:7d:5b:2e:93:94:34:79:c6:3e: 64:81:ea:7f:13:c8:78:78:c3:1b:b6:43:39:55:45:a7:0d:61: c6:20:f5:f1:c9:5b:a7:c2:c7:f7:6d:ba:07:70:44:03:90:ce: 2b:b2:c6:e4:d9:5f:53:f1:d9:14:c5:b4:1d:ca:eb:30:48:a8: 5d:6b:b8:3e:76:1e:bd:d2:40:86:78:7b:50:23:a6:05:66:e9: 8e:73:67:61:13:82:3b:fc:08:2a:57:78:b0:af:da:21:d0:c0: ff:77:d9:1d:ea:56:fd:13:76:a3:a2:f8:0b:b7:23:d6:9d:f1: 7f:ba:e2:34:e9:3e:95:a6:8f:8f:94:c0:a1:8d:03:e0:dc:20: ee:91:69:22:fe:37:05:a8:a7:79:7e:4d:d0:33:d5:6b:da:04: 67:22:a1:7f:91:bb:7b:65:b1:93:93:19:ac:6a:c1:43:27:a9: 7b:51:8d:a2:bf:58:e6:3c:6d:56:b1:1d:c5:6d:7d:d9:6d:7c: 5b:14:71:fb:b1:db:82:81:d8:74:18:fa:fb:9b:ba:13:a0:14: 75:9f:7f:f0 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBMcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTE0QjExMTAvBgNVBAUTKDk2ODJDMkFCRTI1MzIzNTgwNzc2QjFEMEUyNzVEMkZE MkQ2OTdFQjYwHhcNMjQwOTAzMDExNDQ1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2NjMwNS0zNzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwaOMrEnnfw3Od6iWC4lzOHuXKWuYetir1hjJDNaFsgxs2OyDn4B+H/eqwoxq A5MY//6EdJF9ppEqaLmnXX3ba+WSJoRHkO4Orn6q6vdo2VfR/Z9E3adbOLmd903g FPkUAYGoV6bVh7aCkvgr4XT4LzTtnN+B3f/EOQZZpm1sB51DqaGH2zX18HxzBveA +A0Lhckpn90BudJQhVDOsueusxa1hK5f/ociryZgv0FgqTGspsM9RFddumSxX4oi UqEp+zrgfXyZf0RHT8XGFng4WN5khSttpwy1LPmwPIiInpv8D9cHLEP3wnVZ7G9h gCU1vysRL0Db/+X2PhHShN1tUQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB7mtVAx KaJLu6ZM0SJAKQboJcRmMB8GA1UdIwQYMBaAFJaCwqviUyNYB3ax0OJ10v0taX62 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS83QTg4NjRBQ0ZC RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9sb0xDcS1KVEkxZ0hkckhRNG5YU19TMXBm clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xvTENxLUpUSTFnSGRySFE0blhTX1MxcGZyWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTE0QjEvN0E4ODY0QUNGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvQUYwQTNGMTQx Nzg5MTFFQzg3NkY1RjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAahK0ADBAahK8AwDQYJKoZIhvcNAQELBQADggEBAEDS17Zo wAhTNget7Zozd9qPi6rY66XwV8+eFn/Zi55CReA6BJALeC3HsgQfRn1bLpOUNHnG PmSB6n8TyHh4wxu2QzlVRacNYcYg9fHJW6fCx/dtugdwRAOQziuyxuTZX1Px2RTF tB3K6zBIqF1ruD52Hr3SQIZ4e1AjpgVm6Y5zZ2ETgjv8CCpXeLCv2iHQwP932R3q Vv0TdqOi+Au3I9ad8X+64jTpPpWmj4+UwKGNA+DcIO6RaSL+NwWop3l+TdAz1Wva BGcioX+Ru3tlsZOTGaxqwUMnqXtRjaK/WOY8bVaxHcVtfdltfFsUcfux24KB2HQY +vubuhOgFHWff/A= -----END CERTIFICATE-----Generated at Thu Nov 21 00:21:20 2024 by rpki-client on console-fra.rpki-client.org