$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/72C9BE36950211EFAC892C5EC4F9AE02.roa File: 72C9BE36950211EFAC892C5EC4F9AE02.roa (raw, json) Hash identifier: Bpq9dhCpjI1cT2kel0jPo45D0NBWXD/qIfwghmBzSyI= Subject key identifier: 91:92:96:D6:53:3B:F2:47:A3:97:FD:A3:D2:E4:28:BC:47:4C:97:AB Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Certificate serial: 0A3A Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/72C9BE36950211EFAC892C5EC4F9AE02.roa Signing time: Mon 28 Oct 2024 08:02:48 +0000 ROA not before: Mon 28 Oct 2024 08:02:48 +0000 ROA not after: Sun 31 Aug 2025 00:00:00 +0000 asID: 18004 IP address blocks: 43.152.164.0/24 maxlen: 24 43.152.165.0/24 maxlen: 24 43.175.123.0/24 maxlen: 24 43.175.198.0/24 maxlen: 24 43.175.199.0/24 maxlen: 24 43.175.200.0/24 maxlen: 24 43.175.201.0/24 maxlen: 24 240d:c010:11b::/48 maxlen: 48 240d:c010:13e::/48 maxlen: 48 240d:c010:13f::/48 maxlen: 48 240d:c010:140::/48 maxlen: 48 240d:c010:141::/48 maxlen: 48 240d:c010:151::/48 maxlen: 48 240d:c010:152::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2618 (0xa3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD Validity Not Before: Oct 28 08:02:48 2024 GMT Not After : Aug 31 00:00:00 2025 GMT Subject: CN=671f4528-41da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:9a:39:c3:cd:d1:0e:2d:ac:89:e8:86:f1:a4: e8:a1:6f:ca:1e:ba:ba:f3:15:32:26:5d:33:ff:af: 2a:71:0e:9d:b2:18:42:2e:7b:85:9a:97:b4:47:c1: 10:33:6d:df:15:89:e9:f0:b3:f1:5c:38:2b:fa:23: c7:eb:0d:0d:84:7e:2f:24:42:df:50:c5:db:a2:3c: 11:78:8b:a2:62:e4:25:90:26:7b:4f:65:da:6f:c9: 76:5e:70:d7:88:42:91:e5:98:20:96:a7:29:2e:e7: 3a:b2:1d:16:0f:64:54:38:71:69:3c:f4:88:17:05: 9f:9d:16:03:15:38:f0:33:4e:f3:31:68:65:64:41: 85:d1:59:6e:da:a3:5d:11:32:d2:1a:de:70:18:ff: 32:fb:f7:45:d0:da:9c:2a:c9:88:49:0d:92:a9:31: 58:2f:a3:a4:fa:a6:f7:8b:2f:2c:70:b6:e6:08:39: e7:c1:53:83:76:20:4b:aa:71:ff:0a:85:8d:e3:9b: f8:dc:72:fb:a5:ec:4d:9e:c3:9e:25:c1:ee:fe:75: ed:eb:82:66:c0:c1:a8:47:49:1b:84:68:6d:ed:f7: 84:0b:f7:8e:99:bd:69:17:64:9a:87:e9:ad:c2:5f: b7:7c:0c:d2:10:9c:7e:2c:57:56:b5:8c:40:0b:21: 1d:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:92:96:D6:53:3B:F2:47:A3:97:FD:A3:D2:E4:28:BC:47:4C:97:AB X509v3 Authority Key Identifier: keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/72C9BE36950211EFAC892C5EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.152.164.0/23 43.175.123.0/24 43.175.198.0-43.175.201.255 IPv6: 240d:c010:11b::/48 240d:c010:13e::-240d:c010:141:ffff:ffff:ffff:ffff:ffff 240d:c010:151::-240d:c010:152:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 3c:13:bf:2b:5a:67:cc:8c:09:ae:70:8c:b9:8a:7c:6e:84:2d: 56:95:2d:23:95:8d:00:a1:67:4e:6c:80:63:a0:99:2e:fd:9e: 2e:b4:ec:57:e0:6d:8f:45:45:2f:d4:63:e2:20:80:50:2f:5d: 75:f7:8d:7f:20:38:c6:55:6a:2f:c2:53:07:9d:43:36:57:ec: 83:4a:f1:32:3d:6e:07:62:45:b3:10:f4:17:90:fb:52:d0:4f: fb:32:78:bd:22:aa:43:cf:1e:d8:7b:4e:d4:5b:ef:8d:60:a0: 0b:1c:9f:9b:2a:02:29:ea:e9:f7:44:99:af:36:00:35:f6:82: 0e:21:b2:73:08:69:36:4f:40:e4:17:51:0e:24:6a:ef:e8:bc: 3b:c8:6d:d4:ce:20:94:18:36:a2:0c:d2:3f:2d:4c:de:d3:71: d7:54:8f:0c:81:c1:87:e3:d4:81:04:31:ac:56:2c:df:07:1d: 6b:37:86:77:4f:80:69:a5:0e:d5:1a:75:e3:e7:fe:43:c3:3a: 50:06:3e:35:88:d7:8c:e4:37:26:53:26:c8:c5:af:3d:aa:40: f7:00:13:8d:76:41:43:24:de:4b:f0:86:c5:1e:01:e6:6a:6e: 87:9c:0c:4a:b4:2d:bd:9f:f6:70:26:90:90:b2:1d:da:e6:62: 80:b3:bc:d1 -----BEGIN CERTIFICATE----- MIIFvjCCBKagAwIBAgICCjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5 NTA2QTU5QkQwHhcNMjQxMDI4MDgwMjQ4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzFmNDUyOC00MWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx5o5w83RDi2sieiG8aTooW/KHrq68xUyJl0z/68qcQ6dshhCLnuFmpe0R8EQ M23fFYnp8LPxXDgr+iPH6w0NhH4vJELfUMXbojwReIuiYuQlkCZ7T2Xab8l2XnDX iEKR5ZgglqcpLuc6sh0WD2RUOHFpPPSIFwWfnRYDFTjwM07zMWhlZEGF0Vlu2qNd ETLSGt5wGP8y+/dF0NqcKsmISQ2SqTFYL6Ok+qb3iy8scLbmCDnnwVODdiBLqnH/ CoWN45v43HL7pexNnsOeJcHu/nXt64JmwMGoR0kbhGht7feEC/eOmb1pF2Sah+mt wl+3fAzSEJx+LFdWtYxACyEd9QIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFJGSltZT O/JHo5f9o9LkKLxHTJerMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0 MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvNzJDOUJFMzY5 NTAyMTFFRkFDODkyQzVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E XTBbMCAEAgABMBoDBAErmKQDBAArr3swDAMEASuvxgMEASuvyDA3BAIAAjAxAwcA JA3AEAEbMBIDBwEkDcAQAT4DBwEkDcAQAUAwEgMHACQNwBABUQMHACQNwBABUjAN BgkqhkiG9w0BAQsFAAOCAQEAPBO/K1pnzIwJrnCMuYp8boQtVpUtI5WNAKFnTmyA Y6CZLv2eLrTsV+Btj0VFL9Rj4iCAUC9ddfeNfyA4xlVqL8JTB51DNlfsg0rxMj1u B2JFsxD0F5D7UtBP+zJ4vSKqQ88e2HtO1FvvjWCgCxyfmyoCKerp90SZrzYANfaC DiGycwhpNk9A5BdRDiRq7+i8O8ht1M4glBg2ogzSPy1M3tNx11SPDIHBh+PUgQQx rFYs3wcdazeGd0+AaaUO1Rp14+f+Q8M6UAY+NYjXjOQ3JlMmyMWvPapA9wATjXZB QyTeS/CGxR4B5mpuh5wMSrQtvZ/2cCaQkLId2uZigLO80Q== -----END CERTIFICATE-----Generated at Wed Nov 20 23:11:44 2024 by rpki-client on console-fra.rpki-client.org