$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/D3D36BE0271011ECA0D7D95AC4F9AE02.roa File: D3D36BE0271011ECA0D7D95AC4F9AE02.roa (raw, json) Hash identifier: dksWrux2b7H1qvIfb48CoqoJju16yTaDJoQULn1IY1I= Subject key identifier: A0:E6:C8:34:ED:10:B8:69:D3:8C:8D:62:4A:7C:97:45:57:EF:92:E3 Certificate issuer: /CN=A91514B1/serialNumber=9682C2ABE25323580776B1D0E275D2FD2D697EB6 Certificate serial: 03F1 Authority key identifier: 96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/D3D36BE0271011ECA0D7D95AC4F9AE02.roa Signing time: Thu 03 Aug 2023 01:01:56 +0000 ROA not before: Thu 03 Aug 2023 01:01:56 +0000 ROA not after: Thu 31 Oct 2024 00:00:00 +0000 asID: 198949 IP address blocks: 161.43.102.0/24 maxlen: 24 161.43.122.0/24 maxlen: 24 198.142.0.0/24 maxlen: 24 198.142.152.0/24 maxlen: 24 198.142.231.0/24 maxlen: 24 198.142.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Apr 2024 20:46:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1009 (0x3f1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91514B1/serialNumber=9682C2ABE25323580776B1D0E275D2FD2D697EB6 Validity Not Before: Aug 3 01:01:56 2023 GMT Not After : Oct 31 00:00:00 2024 GMT Subject: CN=64cafc84-cf79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:f3:f2:8f:54:cc:0f:75:90:55:7a:86:94:30: ec:57:d8:af:a6:05:04:34:89:da:13:9a:68:72:dd: f9:9e:9f:4c:56:2a:37:b8:69:9f:54:3f:3b:c8:90: 87:4f:2b:e6:f8:9f:7e:c9:d4:4f:e8:e5:42:cf:11: cf:c8:e1:70:65:36:1f:3b:a4:09:33:99:e0:a2:c5: 4f:e0:e4:03:97:9d:49:27:f8:59:f4:5e:23:3f:d7: 9f:8b:f7:f4:92:de:63:ff:2f:f7:f5:b7:43:e5:02: 5c:10:5c:32:cc:03:d3:7e:a4:88:1a:7e:36:75:1d: 32:70:0b:a5:44:86:a4:41:c0:91:1b:a5:17:fd:ca: 77:eb:92:46:89:62:bc:a4:d9:6d:df:d4:a9:67:eb: fe:85:57:b9:f2:9b:26:44:51:f3:f1:6d:cc:49:05: d3:ff:89:f7:2f:00:be:97:91:9a:4d:ac:63:ee:96: f2:ac:91:4a:a7:00:9a:c0:d1:81:4e:85:74:02:d2: fa:0d:6b:c0:05:25:11:cb:ae:cd:a1:8e:06:65:6f: c2:85:36:08:59:f2:30:65:bb:e4:a8:6e:d7:0f:52: d3:00:de:f5:5a:73:11:2d:02:22:ff:3d:57:e3:04: 29:f7:69:73:1d:01:b4:fb:55:61:2e:2c:14:84:d2: be:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:E6:C8:34:ED:10:B8:69:D3:8C:8D:62:4A:7C:97:45:57:EF:92:E3 X509v3 Authority Key Identifier: keyid:96:82:C2:AB:E2:53:23:58:07:76:B1:D0:E2:75:D2:FD:2D:69:7E:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/loLCq-JTI1gHdrHQ4nXS_S1pfrY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/loLCq-JTI1gHdrHQ4nXS_S1pfrY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/7A8864ACFBE411EB82B6264FC4F9AE02/D3D36BE0271011ECA0D7D95AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.43.102.0/24 161.43.122.0/24 198.142.0.0/24 198.142.152.0/24 198.142.231.0/24 198.142.235.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:b5:40:3d:88:af:4c:f0:38:a2:88:61:7d:c2:a6:46:d7:2b: 3a:90:94:82:59:a3:de:16:b6:ce:49:5c:e3:1b:cd:e3:97:1b: 66:97:4e:4f:d1:1b:a0:67:56:16:aa:1b:92:95:17:dd:bc:b5: ac:d8:eb:ca:78:81:f9:45:00:12:10:27:39:56:ad:b5:de:43: 34:3f:56:30:af:02:8e:72:38:b8:b9:9d:e7:54:1c:e9:ad:81: 4b:82:63:a6:b1:b0:5a:b2:25:54:8b:15:e3:06:15:34:06:e6: d6:76:bd:26:4b:fb:1d:86:90:2e:63:d3:11:da:47:be:ea:a0: 39:56:c4:7f:a5:3e:10:22:3c:6e:a0:ea:ad:31:b4:fc:4a:7b: fa:aa:ba:e3:fa:b7:f0:bb:f6:09:b1:ce:30:d4:a6:1b:2e:69: 08:40:be:87:f4:3e:79:b6:5d:85:29:29:55:cc:21:d2:1e:17: 9f:5a:db:fb:69:51:9e:75:4a:09:f2:a3:a5:51:9e:c3:03:3a: 57:02:e7:55:51:a6:d5:14:ed:71:91:18:5e:03:7a:bd:b7:f8: 47:ac:88:ae:68:a5:25:f7:82:0f:d1:ce:d1:50:1f:84:4e:5a: eb:b5:87:e0:87:3f:9a:c6:9e:27:f1:2d:1f:8b:a7:e4:eb:a5: 60:ca:ff:41 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICA/EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTE0QjExMTAvBgNVBAUTKDk2ODJDMkFCRTI1MzIzNTgwNzc2QjFEMEUyNzVEMkZE MkQ2OTdFQjYwHhcNMjMwODAzMDEwMTU2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NGNhZmM4NC1jZjc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwPPyj1TMD3WQVXqGlDDsV9ivpgUENInaE5poct35np9MVio3uGmfVD87yJCH Tyvm+J9+ydRP6OVCzxHPyOFwZTYfO6QJM5ngosVP4OQDl51JJ/hZ9F4jP9efi/f0 kt5j/y/39bdD5QJcEFwyzAPTfqSIGn42dR0ycAulRIakQcCRG6UX/cp365JGiWK8 pNlt39SpZ+v+hVe58psmRFHz8W3MSQXT/4n3LwC+l5GaTaxj7pbyrJFKpwCawNGB ToV0AtL6DWvABSURy67NoY4GZW/ChTYIWfIwZbvkqG7XD1LTAN71WnMRLQIi/z1X 4wQp92lzHQG0+1VhLiwUhNK+6QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFKDmyDTt ELhp04yNYkp8l0VX75LjMB8GA1UdIwQYMBaAFJaCwqviUyNYB3ax0OJ10v0taX62 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS83QTg4NjRBQ0ZC RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9sb0xDcS1KVEkxZ0hkckhRNG5YU19TMXBm clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xvTENxLUpUSTFnSGRySFE0blhTX1MxcGZyWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTE0QjEvN0E4ODY0QUNGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvRDNEMzZCRTAy NzEwMTFFQ0EwRDdEOTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAChK2YDBAChK3oDBADGjgADBADGjpgDBADGjucDBADGjusw DQYJKoZIhvcNAQELBQADggEBAI+1QD2Ir0zwOKKIYX3CpkbXKzqQlIJZo94Wts5J XOMbzeOXG2aXTk/RG6BnVhaqG5KVF928tazY68p4gflFABIQJzlWrbXeQzQ/VjCv Ao5yOLi5nedUHOmtgUuCY6axsFqyJVSLFeMGFTQG5tZ2vSZL+x2GkC5j0xHaR77q oDlWxH+lPhAiPG6g6q0xtPxKe/qquuP6t/C79gmxzjDUphsuaQhAvof0Pnm2XYUp KVXMIdIeF59a2/tpUZ51Sgnyo6VRnsMDOlcC51VRptUU7XGRGF4Der23+EesiK5o pSX3gg/RztFQH4ROWuu1h+CHP5rGnifxLR+Lp+TrpWDK/0E= -----END CERTIFICATE-----Generated at Mon Apr 15 03:07:18 2024 by rpki-client on console-ams.rpki-client.org