$ rpki-client -vvf rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/DC11ACCE182F11EE82A0FC48C4F9AE02.roa File: DC11ACCE182F11EE82A0FC48C4F9AE02.roa (raw, json) Hash identifier: WHaadnKjNZQDbadv+Fexmh1Wu5Tp8jJIMAgwTj5mmBw= Subject key identifier: 62:32:6C:05:F0:91:4C:E4:F6:A4:D8:5E:9D:79:6F:81:EC:18:99:C1 Certificate issuer: /CN=A915D0AC/serialNumber=86CAEF96739EF49A514FE9F90B6FE9509D3CC953 Certificate serial: 9C Authority key identifier: 86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/DC11ACCE182F11EE82A0FC48C4F9AE02.roa Signing time: Wed 03 Apr 2024 07:08:43 +0000 ROA not before: Wed 03 Apr 2024 07:08:43 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 132481 IP address blocks: 168.168.128.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.crl rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 156 (0x9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D0AC/serialNumber=86CAEF96739EF49A514FE9F90B6FE9509D3CC953 Validity Not Before: Apr 3 07:08:43 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660d007b-5d9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:5e:d2:04:ae:9e:d9:0a:d9:fc:6b:55:83:b7: 4b:0e:c8:25:9c:e5:25:3d:85:6b:ba:b9:5a:8c:cc: 1e:30:cb:75:0a:e7:a2:3f:de:15:0e:97:5a:7c:60: b7:11:bf:2e:21:5a:60:3d:8f:07:20:a6:18:c4:4c: 18:81:79:83:49:1e:8f:19:e7:94:ee:d9:78:e3:70: 27:6c:40:2c:ed:b3:33:13:bf:15:19:04:67:cf:07: f3:b0:eb:84:68:21:85:f0:0a:dc:76:42:4b:ac:09: c6:99:8e:b2:cb:1c:27:27:fb:6a:12:1a:41:93:a7: 9c:82:58:5e:30:aa:19:47:25:ef:a6:64:a1:db:f7: 8c:9c:37:a4:08:5f:99:5b:35:e3:57:f9:4e:51:64: 78:a1:9b:5d:81:6b:18:28:c5:ec:5b:ce:db:5a:d7: 5b:b0:5e:49:14:b0:ee:09:27:9e:99:d7:0a:8d:bb: 6c:cb:87:5f:83:f4:e6:d2:0f:71:9b:bc:6c:97:29: fa:0b:da:cd:8f:b0:c6:93:e0:08:34:64:3d:82:4f: 89:67:82:bb:57:fd:52:30:69:95:f2:f0:c2:9a:00: eb:33:92:21:c5:a1:59:97:6d:3d:bc:f2:de:b6:4a: e5:cc:ba:8b:3c:48:16:fd:da:01:21:f0:8a:7e:14: 71:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:32:6C:05:F0:91:4C:E4:F6:A4:D8:5E:9D:79:6F:81:EC:18:99:C1 X509v3 Authority Key Identifier: keyid:86:CA:EF:96:73:9E:F4:9A:51:4F:E9:F9:0B:6F:E9:50:9D:3C:C9:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/hsrvlnOe9JpRT-n5C2_pUJ08yVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hsrvlnOe9JpRT-n5C2_pUJ08yVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D0AC/9A5F0E1A152411EE9D70C968C4F9AE02/DC11ACCE182F11EE82A0FC48C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 168.168.128.0/20 Signature Algorithm: sha256WithRSAEncryption 8e:e2:a7:ae:c0:17:0b:ff:bf:34:ec:73:97:f5:60:f9:31:64: a0:92:b8:d8:31:37:61:01:30:72:75:e6:17:ba:29:16:3d:b0: 26:a6:6f:c4:42:1f:78:bf:77:9c:f5:dc:aa:1b:ce:54:8f:ab: 3c:36:cc:c1:1e:20:5e:bc:ab:73:b2:54:81:e7:0d:dc:56:62: 7e:66:b7:bc:a2:7f:44:57:78:97:ce:3a:61:63:3c:89:a8:5b: 20:b8:7a:f6:d6:26:0c:9e:dd:be:d0:1a:09:05:7f:fa:f5:67: 64:5c:fd:b8:7a:1c:bd:33:39:de:64:e0:8e:cc:59:db:e6:54: f7:0d:86:7e:d3:0d:9c:82:dd:31:56:10:a2:8e:27:3e:36:0f: 39:d4:a8:cf:ed:83:0f:71:7a:0b:6d:f7:a0:a6:7a:4f:83:a7: 82:3b:c9:6d:a5:1e:55:4b:40:04:29:ed:a7:ad:b8:76:93:02: e8:32:65:51:44:27:64:93:bc:9f:37:e1:5d:10:12:54:35:20: ef:15:e2:8a:62:b6:17:f7:4b:e6:c4:53:d3:e1:0f:52:e7:a7: 2c:14:15:1a:52:94:e2:16:81:ce:f9:6a:9e:b8:73:56:99:00: 19:25:b0:04:9e:08:e9:a0:22:ef:de:91:76:99:c4:18:cf:3b: 53:42:4a:0e -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUQwQUMxMTAvBgNVBAUTKDg2Q0FFRjk2NzM5RUY0OUE1MTRGRTlGOTBCNkZFOTUw OUQzQ0M5NTMwHhcNMjQwNDAzMDcwODQzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBkMDA3Yi01ZDlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqF7SBK6e2QrZ/GtVg7dLDsglnOUlPYVrurlajMweMMt1CueiP94VDpdafGC3 Eb8uIVpgPY8HIKYYxEwYgXmDSR6PGeeU7tl443AnbEAs7bMzE78VGQRnzwfzsOuE aCGF8ArcdkJLrAnGmY6yyxwnJ/tqEhpBk6ecglheMKoZRyXvpmSh2/eMnDekCF+Z WzXjV/lOUWR4oZtdgWsYKMXsW87bWtdbsF5JFLDuCSeemdcKjbtsy4dfg/Tm0g9x m7xslyn6C9rNj7DGk+AINGQ9gk+JZ4K7V/1SMGmV8vDCmgDrM5IhxaFZl209vPLe tkrlzLqLPEgW/doBIfCKfhRx7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFGIybAXw kUzk9qTYXp15b4HsGJnBMB8GA1UdIwQYMBaAFIbK75ZznvSaUU/p+Qtv6VCdPMlT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDBBQy85QTVGMEUxQTE1 MjQxMUVFOUQ3MEM5NjhDNEY5QUUwMi9oc3J2bG5PZTlKcFJULW41QzJfcFVKMDh5 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hzcnZsbk9lOUpwUlQtbjVDMl9wVUowOHlWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUQwQUMvOUE1RjBFMUExNTI0MTFFRTlENzBDOTY4QzRGOUFFMDIvREMxMUFDQ0Ux ODJGMTFFRTgyQTBGQzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBASoqIAwDQYJKoZIhvcNAQELBQADggEBAI7ip67AFwv/vzTs c5f1YPkxZKCSuNgxN2EBMHJ15he6KRY9sCamb8RCH3i/d5z13KobzlSPqzw2zMEe IF68q3OyVIHnDdxWYn5mt7yif0RXeJfOOmFjPImoWyC4evbWJgye3b7QGgkFf/r1 Z2Rc/bh6HL0zOd5k4I7MWdvmVPcNhn7TDZyC3TFWEKKOJz42DznUqM/tgw9xegtt 96Cmek+Dp4I7yW2lHlVLQAQp7aetuHaTAugyZVFEJ2STvJ834V0QElQ1IO8V4opi thf3S+bEU9PhD1LnpywUFRpSlOIWgc75ap64c1aZABklsASeCOmgIu/ekXaZxBjP O1NCSg4= -----END CERTIFICATE-----Generated at Thu Nov 21 05:05:56 2024 by rpki-client on console-fra.rpki-client.org