$ rpki-client -vvf rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/44DD2C9ABD2811EE9E6BD047C4F9AE02.roa File: 44DD2C9ABD2811EE9E6BD047C4F9AE02.roa (raw, json) Hash identifier: fORQkqLvJ2dGBDBnaZU9L7Plq+kw/h2X+nWJ/fFzZps= Subject key identifier: 02:93:7A:34:D6:AF:94:2E:29:69:8E:4F:5E:D1:05:19:E6:2F:95:37 Certificate issuer: /CN=A915D0AC/serialNumber=86CAEF96739EF49A514FE9F90B6FE9509D3CC953 Certificate serial: 9E Authority key identifier: 86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/44DD2C9ABD2811EE9E6BD047C4F9AE02.roa Signing time: Wed 03 Apr 2024 07:08:45 +0000 ROA not before: Wed 03 Apr 2024 07:08:45 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 19905 IP address blocks: 168.168.128.0/20 maxlen: 20 168.168.254.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.crl rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 May 2024 03:44:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 158 (0x9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D0AC/serialNumber=86CAEF96739EF49A514FE9F90B6FE9509D3CC953 Validity Not Before: Apr 3 07:08:45 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660d007d-dc3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d8:1c:db:10:59:f6:aa:fc:b8:fb:8a:14:04: 73:a7:f5:d2:2e:03:1d:e5:c3:9e:0b:a7:5d:6b:cc: 60:64:a2:3f:cc:aa:71:c1:20:9c:2a:c9:9b:42:31: 76:3b:68:7c:fc:cf:f1:77:fa:98:59:77:9d:e8:02: 80:98:51:6c:0c:26:95:bd:0a:68:cc:d4:69:ec:fc: 37:fe:a7:2b:3d:74:c7:cc:85:a3:15:50:e2:ef:9d: e0:66:b8:9d:c5:de:74:d2:e7:62:ca:f4:ee:9e:c8: 05:06:d2:57:53:d6:a9:0b:b7:ae:1a:f8:1d:b5:0a: 8f:5d:61:e1:1b:e8:6d:8b:33:62:63:55:c8:16:63: 5f:c3:f2:f3:24:f8:d6:d4:84:be:b2:bd:6d:c9:29: 2a:56:ce:a7:2f:2a:7d:02:0a:26:57:b9:a5:78:28: d1:5f:d2:06:a1:85:9d:18:2b:11:e8:ce:68:18:dd: e9:1f:bb:e5:ca:b8:64:3e:1b:31:c9:b3:df:74:cc: f0:db:ff:eb:8e:2e:2c:75:b0:cd:3a:3f:a9:1e:d7: 0f:9d:73:4c:55:2b:d1:4f:ef:22:1a:42:44:22:48: 43:73:39:c8:50:ca:87:42:3c:8f:32:9b:bd:dd:29: bc:58:d5:3a:4b:98:5e:4e:d0:d0:82:d8:cd:11:cd: cf:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:93:7A:34:D6:AF:94:2E:29:69:8E:4F:5E:D1:05:19:E6:2F:95:37 X509v3 Authority Key Identifier: keyid:86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/44DD2C9ABD2811EE9E6BD047C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 168.168.128.0/20 168.168.254.0/23 Signature Algorithm: sha256WithRSAEncryption 27:42:d5:59:52:36:11:fb:d1:7e:5b:db:c0:69:3e:f6:00:3a: ca:d7:ef:11:e9:60:60:d6:6d:03:55:bd:9b:ca:ae:0d:b7:9a: 77:69:9d:95:d4:65:c2:80:e3:87:36:0a:a3:b4:10:c6:d8:65: 17:db:da:ff:e3:21:bc:ff:d7:f4:9c:1a:2a:b9:e0:6e:65:8b: b3:12:89:ce:60:ce:d6:65:84:3a:0d:5f:b5:4e:27:8c:bf:22: 67:34:fe:ee:b2:8c:85:7e:1d:28:98:19:69:42:99:f2:3c:ae: d1:33:01:c3:45:6c:dd:08:1b:b7:b5:39:1d:46:2d:bb:27:49: dc:fe:c7:42:79:20:23:09:a8:58:ae:f1:7e:a3:e8:b4:7d:7d: 31:75:12:08:38:76:5a:5f:e1:9a:28:f7:81:8b:b4:66:27:3a: b0:5f:ef:b3:e7:b9:dd:4f:65:95:bc:91:1a:3f:39:ab:0f:11: aa:14:3b:e0:16:b0:42:72:40:ef:6c:3e:b9:b3:75:83:ca:c0: 2d:cf:cb:d1:79:93:7e:86:0b:39:41:6c:e9:b5:2d:11:1f:fe: 39:19:bb:73:88:84:ca:07:1a:f6:1e:08:c8:28:4a:a2:57:2d: ed:b5:8b:60:26:06:b5:41:68:19:a4:f2:60:29:2f:38:e4:f1: 3c:7f:ae:5b -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQwQUMxMTAvBgNVBAUTKDg2Q0FFRjk2NzM5RUY0OUE1MTRGRTlGOTBCNkZFOTUw OUQzQ0M5NTMwHhcNMjQwNDAzMDcwODQ1WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBkMDA3ZC1kYzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArNgc2xBZ9qr8uPuKFARzp/XSLgMd5cOeC6dda8xgZKI/zKpxwSCcKsmbQjF2 O2h8/M/xd/qYWXed6AKAmFFsDCaVvQpozNRp7Pw3/qcrPXTHzIWjFVDi753gZrid xd500udiyvTunsgFBtJXU9apC7euGvgdtQqPXWHhG+htizNiY1XIFmNfw/LzJPjW 1IS+sr1tySkqVs6nLyp9AgomV7mleCjRX9IGoYWdGCsR6M5oGN3pH7vlyrhkPhsx ybPfdMzw2//rji4sdbDNOj+pHtcPnXNMVSvRT+8iGkJEIkhDcznIUMqHQjyPMpu9 3Sm8WNU6S5heTtDQgtjNEc3P3wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAKTejTW r5QuKWmOT17RBRnmL5U3MB8GA1UdIwQYMBaAFIbK75ZznvSaUU/p+Qtv6VCdPMlT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDBBQy85QTVGMEUxQTE1 MjQxMUVFOUQ3MEM5NjhDNEY5QUUwMi9oc3J2bG5PZTlKcFJULW41QzJfcFVKMDh5 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hzcnZsbk9lOUpwUlQtbjVDMl9wVUowOHlWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQwQUMvOUE1RjBFMUExNTI0MTFFRTlENzBDOTY4QzRGOUFFMDIvNDRERDJDOUFC RDI4MTFFRTlFNkJEMDQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBASoqIADBAGoqP4wDQYJKoZIhvcNAQELBQADggEBACdC1VlS NhH70X5b28BpPvYAOsrX7xHpYGDWbQNVvZvKrg23mndpnZXUZcKA44c2CqO0EMbY ZRfb2v/jIbz/1/ScGiq54G5li7MSic5gztZlhDoNX7VOJ4y/Imc0/u6yjIV+HSiY GWlCmfI8rtEzAcNFbN0IG7e1OR1GLbsnSdz+x0J5ICMJqFiu8X6j6LR9fTF1Egg4 dlpf4Zoo94GLtGYnOrBf77Pnud1PZZW8kRo/OasPEaoUO+AWsEJyQO9sPrmzdYPK wC3Py9F5k36GCzlBbOm1LREf/jkZu3OIhMoHGvYeCMgoSqJXLe21i2AmBrVBaBmk 8mApLzjk8Tx/rls= -----END CERTIFICATE-----Generated at Wed May 1 07:55:38 2024 by rpki-client on console-fra.rpki-client.org