$ rpki-client -vvf rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/986FA3843F8F11EBA86B1F11C4F9AE02.roa File: 986FA3843F8F11EBA86B1F11C4F9AE02.roa (raw, json) Hash identifier: lsOmam/li1bkfNd+RqIYHcsa5LlCUkskqa4cLcEJ5uo= Subject key identifier: 03:CD:B8:EB:0C:E2:AE:E3:A2:CE:17:E0:6A:F2:98:54:40:5C:30:91 Certificate issuer: /CN=A916B18B/serialNumber=368F3C938B601412521A3A819009978FCFE91E7E Certificate serial: 15A0 Authority key identifier: 36:8F:3C:93:8B:60:14:12:52:1A:3A:81:90:09:97:8F:CF:E9:1E:7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/No88k4tgFBJSGjqBkAmXj8_pHn4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/986FA3843F8F11EBA86B1F11C4F9AE02.roa Signing time: Thu 30 Nov 2023 17:24:53 +0000 ROA not before: Thu 30 Nov 2023 17:24:53 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 18190 IP address blocks: 136.158.132.0/24 maxlen: 24 136.158.133.0/24 maxlen: 24 136.158.134.0/24 maxlen: 24 136.158.135.0/24 maxlen: 24 136.158.136.0/24 maxlen: 24 136.158.137.0/24 maxlen: 24 136.158.138.0/24 maxlen: 24 136.158.169.0/24 maxlen: 24 136.158.170.0/24 maxlen: 24 136.158.171.0/24 maxlen: 24 161.49.148.0/24 maxlen: 24 161.49.178.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/No88k4tgFBJSGjqBkAmXj8_pHn4.crl rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/No88k4tgFBJSGjqBkAmXj8_pHn4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/No88k4tgFBJSGjqBkAmXj8_pHn4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 May 2024 15:37:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5536 (0x15a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B18B/serialNumber=368F3C938B601412521A3A819009978FCFE91E7E Validity Not Before: Nov 30 17:24:53 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=6568c565-5995 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:ce:0c:13:11:bd:9c:7f:47:ef:c3:00:71:b8: e6:a8:8b:5e:05:a4:95:64:77:40:12:1f:27:2d:f1: 0a:ee:2d:24:81:02:22:af:ee:29:c8:14:1c:a2:7e: 87:48:23:a3:51:de:f0:85:9b:d0:b5:a1:a4:b8:df: a7:19:0e:a4:36:07:c6:fa:74:94:26:2e:e0:e4:18: 60:a5:22:50:ac:6c:0f:f9:38:2c:60:2c:b1:d8:9c: bb:21:ab:fe:ce:a4:77:e6:4d:6a:85:09:0a:5b:aa: 58:18:ca:ff:12:7d:82:ea:c7:1c:34:81:d3:11:49: 0a:72:73:01:7e:15:c7:80:9c:6d:8e:2a:6f:c8:3b: 13:09:62:7a:e8:c6:3a:96:f3:76:92:a7:37:d4:e9: fb:df:d8:47:0b:2f:69:e6:44:7f:e0:79:c5:af:3a: 02:1a:72:26:e5:d3:31:de:b2:ef:f3:93:e4:c9:5f: 46:27:fe:bc:f1:48:42:8d:3f:33:f0:46:12:61:56: 59:da:29:77:9f:35:95:ef:f6:aa:00:3f:b8:41:88: 78:0f:5c:7e:79:e6:41:b9:a3:de:5b:d4:bc:13:18: c4:c5:16:f6:80:25:a1:27:0a:e6:29:73:9c:ba:4b: d2:dd:1c:28:31:4a:27:11:2e:c1:0b:2e:f5:83:75: 6c:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:CD:B8:EB:0C:E2:AE:E3:A2:CE:17:E0:6A:F2:98:54:40:5C:30:91 X509v3 Authority Key Identifier: keyid:36:8F:3C:93:8B:60:14:12:52:1A:3A:81:90:09:97:8F:CF:E9:1E:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/No88k4tgFBJSGjqBkAmXj8_pHn4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/No88k4tgFBJSGjqBkAmXj8_pHn4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B18B/F98B5F0C21F911E896C1DD23C4F9AE02/986FA3843F8F11EBA86B1F11C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 136.158.132.0-136.158.138.255 136.158.169.0-136.158.171.255 161.49.148.0/24 161.49.178.0/24 Signature Algorithm: sha256WithRSAEncryption 38:f6:90:b2:b8:bc:b2:ba:c1:f0:e3:8b:46:f9:25:e6:f3:7a: 21:1d:85:8c:5a:bd:01:e7:d8:db:6e:ac:3b:38:f1:b1:ee:15: 37:65:23:4b:1b:db:6a:c2:98:bc:77:c9:db:87:fa:5a:e2:58: 68:47:14:13:24:0f:e3:2b:ae:7b:4c:6f:cc:b5:bb:00:d5:f4: e7:35:3d:07:f8:7f:63:13:3a:b7:49:e6:eb:c2:db:cf:1d:ce: ce:d0:08:f0:e9:2b:8d:87:f4:95:84:60:9c:8e:a1:ef:27:81: 5f:8f:8d:14:e4:98:5c:91:78:1d:6e:45:07:22:e1:7a:82:e8: 59:43:83:25:5a:24:b3:79:66:69:16:ca:b4:3a:54:a0:95:45: da:12:f2:8f:0a:39:28:d1:bc:04:94:ca:73:cb:dd:05:33:ba: 80:7e:47:f7:a3:e1:db:b3:31:5a:19:e2:37:f4:83:43:d5:71: df:6d:16:40:7d:21:64:99:d9:cd:c9:db:99:e5:4e:5e:9c:90: c4:f7:ec:e8:c9:d1:60:2c:a4:41:92:80:01:cb:7c:61:c6:13: 12:2f:60:7f:fe:86:5a:d6:7a:8f:40:be:bf:e1:84:94:77:62: 89:88:39:23:35:92:e0:f0:04:ff:72:cf:16:9b:9a:eb:22:31: 5d:0b:29:64 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICFaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkIxOEIxMTAvBgNVBAUTKDM2OEYzQzkzOEI2MDE0MTI1MjFBM0E4MTkwMDk5NzhG Q0ZFOTFFN0UwHhcNMjMxMTMwMTcyNDUzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTY4YzU2NS01OTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA084MExG9nH9H78MAcbjmqIteBaSVZHdAEh8nLfEK7i0kgQIir+4pyBQcon6H SCOjUd7whZvQtaGkuN+nGQ6kNgfG+nSUJi7g5BhgpSJQrGwP+TgsYCyx2Jy7Iav+ zqR35k1qhQkKW6pYGMr/En2C6sccNIHTEUkKcnMBfhXHgJxtjipvyDsTCWJ66MY6 lvN2kqc31On739hHCy9p5kR/4HnFrzoCGnIm5dMx3rLv85PkyV9GJ/688UhCjT8z 8EYSYVZZ2il3nzWV7/aqAD+4QYh4D1x+eeZBuaPeW9S8ExjExRb2gCWhJwrmKXOc ukvS3RwoMUonES7BCy71g3VsPwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFAPNuOsM 4q7jos4X4GrymFRAXDCRMB8GA1UdIwQYMBaAFDaPPJOLYBQSUho6gZAJl4/P6R5+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjE4Qi9GOThCNUYwQzIx RjkxMUU4OTZDMUREMjNDNEY5QUUwMi9Obzg4azR0Z0ZCSlNHanFCa0FtWGo4X3BI bjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL05vODhrNHRnRkJKU0dqcUJrQW1YajhfcEhuNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NkIxOEIvRjk4QjVGMEMyMUY5MTFFODk2QzFERDIzQzRGOUFFMDIvOTg2RkEzODQz RjhGMTFFQkE4NkIxRjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMC4EAgABMCgwDAMEAoiehAMEAIieijAMAwQAiJ6pAwQCiJ6oAwQAoTGUAwQA oTGyMA0GCSqGSIb3DQEBCwUAA4IBAQA49pCyuLyyusHw44tG+SXm83ohHYWMWr0B 59jbbqw7OPGx7hU3ZSNLG9tqwpi8d8nbh/pa4lhoRxQTJA/jK657TG/MtbsA1fTn NT0H+H9jEzq3SebrwtvPHc7O0Ajw6SuNh/SVhGCcjqHvJ4Ffj40U5JhckXgdbkUH IuF6guhZQ4MlWiSzeWZpFsq0OlSglUXaEvKPCjko0bwElMpzy90FM7qAfkf3o+Hb szFaGeI39IND1XHfbRZAfSFkmdnNyduZ5U5enJDE9+zoydFgLKRBkoABy3xhxhMS L2B//oZa1nqPQL6/4YSUd2KJiDkjNZLg8AT/cs8Wm5rrIjFdCylk -----END CERTIFICATE-----Generated at Fri May 24 18:23:01 2024 by rpki-client on console-ams.rpki-client.org