$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/971866124AEC11EF91EC775FC4F9AE02.roa File: 971866124AEC11EF91EC775FC4F9AE02.roa (raw, json) Hash identifier: eRgET6FlBHt/Mo7JjkKJdhZ1XnrQ5sT4pK+CsAVXRfQ= Subject key identifier: 04:78:EB:50:22:A3:DE:23:4E:48:93:2D:65:1A:19:7E:F3:95:70:73 Certificate issuer: /CN=A915F89C/serialNumber=D697BB6F3F99E94480EE0BBAD3D26800AB416260 Certificate serial: 3475 Authority key identifier: D6:97:BB:6F:3F:99:E9:44:80:EE:0B:BA:D3:D2:68:00:AB:41:62:60 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1pe7bz-Z6USA7gu609JoAKtBYmA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/971866124AEC11EF91EC775FC4F9AE02.roa Signing time: Tue 20 Aug 2024 14:30:21 +0000 ROA not before: Tue 20 Aug 2024 14:30:21 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 9506 IP address blocks: 128.106.64.0/18 maxlen: 24 128.106.128.0/17 maxlen: 24 165.21.24.0/21 maxlen: 21 165.21.24.0/22 maxlen: 22 165.21.28.0/23 maxlen: 23 165.21.64.0/22 maxlen: 22 165.21.68.0/23 maxlen: 23 165.21.75.0/24 maxlen: 24 165.21.76.0/23 maxlen: 23 165.21.78.0/24 maxlen: 24 165.21.112.0/21 maxlen: 21 165.21.124.0/22 maxlen: 22 165.21.128.0/22 maxlen: 22 165.21.132.0/24 maxlen: 24 165.21.134.0/24 maxlen: 24 165.21.135.0/24 maxlen: 24 165.21.154.0/24 maxlen: 24 165.21.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/1pe7bz-Z6USA7gu609JoAKtBYmA.crl rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/1pe7bz-Z6USA7gu609JoAKtBYmA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1pe7bz-Z6USA7gu609JoAKtBYmA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 14:22:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13429 (0x3475) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915F89C/serialNumber=D697BB6F3F99E94480EE0BBAD3D26800AB416260 Validity Not Before: Aug 20 14:30:21 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66c4a87c-bcba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:8f:c3:e2:7e:3b:a4:83:1d:d2:dd:a5:c5:97: 16:fe:dc:80:6a:9d:b0:05:65:08:56:1b:41:9d:58: 73:e9:8b:6c:e3:46:54:09:92:24:a5:88:af:00:4f: 46:f7:2a:ea:c5:f0:d9:11:8d:8e:30:30:69:7b:58: b2:b5:06:69:a4:70:1e:2e:46:cb:e5:d1:61:2e:f0: a1:39:12:49:47:7d:0a:19:38:c2:f4:dc:2f:a1:ab: 60:b8:ac:a7:57:8b:bb:a6:4f:cb:21:d7:60:3a:94: ba:95:a4:20:c1:bc:8a:40:22:e3:c6:74:08:f0:e0: b4:7c:91:31:7e:24:e7:3a:ed:ff:13:dd:19:4e:16: d5:3e:9b:47:cc:c7:19:3e:76:b2:ee:07:f7:51:b3: c7:e3:61:a5:fc:66:c9:a5:a8:14:a5:b9:2c:58:02: 14:c9:db:d1:b2:13:39:4f:88:78:16:3c:89:a9:44: b0:ac:b9:bc:b0:3a:06:4a:b2:e9:2e:f6:00:6f:da: 94:80:c2:15:bb:6d:73:f0:fc:d4:8f:4c:d9:8c:ae: 16:aa:98:4b:fc:2b:2f:14:38:e9:b5:1c:c6:39:e8: c2:67:81:5c:93:f1:bf:2e:8d:72:3d:50:40:03:c7: 43:9c:2e:08:c1:85:76:6a:48:cf:de:c1:1d:aa:6f: 68:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:78:EB:50:22:A3:DE:23:4E:48:93:2D:65:1A:19:7E:F3:95:70:73 X509v3 Authority Key Identifier: keyid:D6:97:BB:6F:3F:99:E9:44:80:EE:0B:BA:D3:D2:68:00:AB:41:62:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/1pe7bz-Z6USA7gu609JoAKtBYmA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1pe7bz-Z6USA7gu609JoAKtBYmA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/971866124AEC11EF91EC775FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 128.106.64.0-128.106.255.255 165.21.24.0/21 165.21.64.0-165.21.69.255 165.21.75.0-165.21.78.255 165.21.112.0/21 165.21.124.0-165.21.132.255 165.21.134.0/23 165.21.154.0/23 Signature Algorithm: sha256WithRSAEncryption 6d:de:8a:a0:c1:49:6a:a1:a8:85:f8:4f:e1:9e:b1:2b:69:f7: bb:8c:5c:07:b2:1a:73:e4:87:26:6a:5a:b5:8b:00:d6:7a:2d: 00:94:42:44:11:f4:0d:a6:42:45:84:c7:e8:b8:fc:84:c0:f6: 49:ca:21:6d:68:89:57:30:a0:68:91:c0:f4:cd:d1:7a:36:e7: a7:14:11:91:c3:9d:a3:8d:66:af:f4:a0:37:4c:0a:c9:ae:b6: 3b:09:4e:63:c8:f1:31:c5:4d:0b:52:0d:3b:8b:3b:6b:96:9b: 39:3a:00:0e:7c:27:7f:9e:16:af:cf:33:a3:42:17:f5:a0:ff: ad:4e:51:8e:73:69:eb:4b:06:bb:94:07:21:a9:bd:38:8e:04: bd:a8:18:d8:cf:28:98:f7:de:68:c5:00:22:2b:65:52:11:da: 5a:4b:ba:7e:51:2b:b1:55:a3:32:23:6f:a6:ea:ba:f8:9c:48: a8:a1:50:5f:a4:cf:f5:1d:21:0f:80:b8:be:ae:fb:3d:e6:ee: 05:e9:ba:eb:85:c0:34:73:98:26:6e:66:b2:6e:38:0f:0d:28: f4:97:5b:57:99:69:a2:e1:90:21:b5:31:6c:f5:46:91:ec:da: fd:ad:c0:c5:50:64:5f:67:01:7b:f2:b4:c1:10:fd:b6:ae:ce: 52:83:0b:3e -----BEGIN CERTIFICATE----- MIIFujCCBKKgAwIBAgICNHUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUY4OUMxMTAvBgNVBAUTKEQ2OTdCQjZGM0Y5OUU5NDQ4MEVFMEJCQUQzRDI2ODAw QUI0MTYyNjAwHhcNMjQwODIwMTQzMDIxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmM0YTg3Yy1iY2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzI/D4n47pIMd0t2lxZcW/tyAap2wBWUIVhtBnVhz6Yts40ZUCZIkpYivAE9G 9yrqxfDZEY2OMDBpe1iytQZppHAeLkbL5dFhLvChORJJR30KGTjC9NwvoatguKyn V4u7pk/LIddgOpS6laQgwbyKQCLjxnQI8OC0fJExfiTnOu3/E90ZThbVPptHzMcZ Pnay7gf3UbPH42Gl/GbJpagUpbksWAIUydvRshM5T4h4FjyJqUSwrLm8sDoGSrLp LvYAb9qUgMIVu21z8PzUj0zZjK4WqphL/CsvFDjptRzGOejCZ4Fck/G/Lo1yPVBA A8dDnC4IwYV2akjP3sEdqm9olwIDAQABo4IC3jCCAtowHQYDVR0OBBYEFAR461Ai o94jTkiTLWUaGX7zlXBzMB8GA1UdIwQYMBaAFNaXu28/melEgO4LutPSaACrQWJg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy81QjA3RjNBQzFE ODMxMUUyOUIzNUE1RDgwOEIwMkNEMi8xcGU3YnotWjZVU0E3Z3U2MDlKb0FLdEJZ bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzFwZTdiei1aNlVTQTdndTYwOUpvQUt0QlltQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUY4OUMvNUIwN0YzQUMxRDgzMTFFMjlCMzVBNUQ4MDhCMDJDRDIvOTcxODY2MTI0 QUVDMTFFRjkxRUM3NzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaAYIKwYBBQUHAQcBAf8E WTBXMFUEAgABME8wCwMEBoBqQAMDAIBqAwQDpRUYMAwDBAalFUADBAGlFUQwDAME AKUVSwMEAKUVTgMEA6UVcDAMAwQCpRV8AwQApRWEAwQBpRWGAwQBpRWaMA0GCSqG SIb3DQEBCwUAA4IBAQBt3oqgwUlqoaiF+E/hnrErafe7jFwHshpz5Icmalq1iwDW ei0AlEJEEfQNpkJFhMfouPyEwPZJyiFtaIlXMKBokcD0zdF6NuenFBGRw52jjWav 9KA3TArJrrY7CU5jyPExxU0LUg07iztrlps5OgAOfCd/nhavzzOjQhf1oP+tTlGO c2nrSwa7lAchqb04jgS9qBjYzyiY995oxQAiK2VSEdpaS7p+USuxVaMyI2+m6rr4 nEiooVBfpM/1HSEPgLi+rvs95u4F6brrhcA0c5gmbmaybjgPDSj0l1tXmWmi4ZAh tTFs9UaR7Nr9rcDFUGRfZwF78rTBEP22rs5Sgws+ -----END CERTIFICATE-----Generated at Fri Nov 22 15:25:37 2024 by rpki-client on console-fra.rpki-client.org