$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/81B9E0A6AF8911EEB9587446C4F9AE02.roa File: 81B9E0A6AF8911EEB9587446C4F9AE02.roa (raw, json) Hash identifier: JHxaipZ1wIvGYG+Zt3XlJ2Zy3zT8C9h1/hC61qxRDrA= Subject key identifier: 26:0C:0C:F5:2C:AF:F9:A3:AB:39:7B:16:BF:BF:71:E2:10:0B:D5:F5 Certificate issuer: /CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Certificate serial: 03 Authority key identifier: 70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/81B9E0A6AF8911EEB9587446C4F9AE02.roa Signing time: Wed 10 Jan 2024 07:26:02 +0000 ROA not before: Wed 10 Jan 2024 07:26:02 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 9484 IP address blocks: 157.10.38.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 02 Jul 2024 06:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Validity Not Before: Jan 10 07:26:02 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=659e4689-a0ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:36:74:cf:ba:a6:1d:04:8b:e0:d5:2a:5c:d9: c4:aa:10:2e:4e:58:c8:4c:68:89:28:72:a5:4c:08: 3f:b2:e8:e7:1f:bc:28:8d:6a:b4:a7:c1:90:8d:f6: da:40:2c:99:6a:07:b3:aa:93:40:29:31:a9:c4:bf: 2a:98:29:79:3e:88:12:c8:2c:05:af:f5:2a:8b:2b: 10:1c:80:87:44:9c:f0:ba:96:af:63:7a:79:16:67: 4e:ba:3f:b1:f9:eb:4f:d6:63:89:d8:bb:40:a4:f8: e3:76:66:ef:e2:97:cf:7e:d0:68:71:f6:23:8c:2a: e6:03:7c:c7:ba:43:4d:41:d6:5e:39:96:a9:52:86: 82:08:92:a1:21:ef:0b:ff:50:09:5f:97:79:70:2b: 09:21:b8:05:9c:0a:f9:a8:80:b3:0c:96:f8:90:2d: b3:a6:51:cc:57:ea:75:fb:14:9a:0c:f2:85:71:b7: 77:11:62:0a:aa:f7:f4:c8:5b:db:3f:b4:31:f6:dc: e4:e7:51:5f:9d:6f:50:40:96:37:ca:e9:56:92:7e: de:17:a9:06:20:e6:f3:84:2d:17:62:5a:3f:e1:8f: 18:a1:12:dd:63:e8:2f:6c:27:8f:b7:cd:53:f0:a6: b6:05:94:99:0d:8e:ff:f4:b3:81:84:75:8b:3c:6b: a9:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:0C:0C:F5:2C:AF:F9:A3:AB:39:7B:16:BF:BF:71:E2:10:0B:D5:F5 X509v3 Authority Key Identifier: keyid:70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/81B9E0A6AF8911EEB9587446C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.10.38.0/23 Signature Algorithm: sha256WithRSAEncryption c7:25:2f:d8:29:25:70:16:a0:e1:78:42:50:ac:f5:d6:49:52: 9d:cb:90:a8:e2:e1:b0:c0:16:9e:ac:bf:79:2e:62:36:8d:f5: 8d:55:a5:e5:28:a5:47:69:f9:43:b6:0a:b2:c8:a9:7d:1c:77: 87:5c:2d:eb:9c:e9:b4:9c:33:1e:6e:fc:fa:2d:45:84:17:61: 46:37:79:49:c4:c7:60:c3:04:1c:43:22:e5:1c:e4:bf:73:f1: fb:2e:56:d7:5a:b3:a2:7e:d1:72:6b:84:80:ce:a0:74:70:a3: 13:a6:b2:4e:3e:f1:95:c0:cd:7b:fa:ee:52:5d:7f:ec:0f:b2: 4e:be:f5:1b:e6:55:08:f7:8b:43:87:81:72:29:c1:d3:64:39: c2:14:ec:27:9c:34:78:d6:21:d0:8a:ed:c5:84:34:ee:68:a5: 55:93:4a:e7:fb:ea:86:4e:c4:75:20:85:43:27:ca:9e:fb:24: 1f:da:3a:1e:42:b4:b2:55:c9:f1:5e:f2:28:24:5e:ed:e9:60: f4:df:c1:5f:7d:ba:3f:7d:73:96:d0:3d:b6:8f:81:8a:3e:97: b6:c7:54:cb:87:d9:f1:51:c6:b2:b9:ca:6f:27:e7:8b:da:5c: b7:f1:9a:50:ca:8c:e9:7f:bb:62:75:7f:0b:4f:93:f9:67:0c: 85:71:4a:91 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MUQxNjExMC8GA1UEBRMoNzA4RjFFMDcxMzM4NTVDODA3NEVFRDVGOEM4M0I0NDY2 QTYwN0FDMjAeFw0yNDAxMTAwNzI2MDJaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1OWU0Njg5LWEwYWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBNnTPuqYdBIvg1Spc2cSqEC5OWMhMaIkocqVMCD+y6OcfvCiNarSnwZCN9tpA LJlqB7Oqk0ApManEvyqYKXk+iBLILAWv9SqLKxAcgIdEnPC6lq9jenkWZ066P7H5 60/WY4nYu0Ck+ON2Zu/il89+0Ghx9iOMKuYDfMe6Q01B1l45lqlShoIIkqEh7wv/ UAlfl3lwKwkhuAWcCvmogLMMlviQLbOmUcxX6nX7FJoM8oVxt3cRYgqq9/TIW9s/ tDH23OTnUV+db1BAljfK6VaSft4XqQYg5vOELRdiWj/hjxihEt1j6C9sJ4+3zVPw prYFlJkNjv/0s4GEdYs8a6mrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJgwM9Syv +aOrOXsWv79x4hAL1fUwHwYDVR0jBBgwFoAUcI8eBxM4VcgHTu1fjIO0RmpgesIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcxRDE2LzY1NkQxN0E4QUU5 QzExRUU5MTFBRkI2M0M0RjlBRTAyL2NJOGVCeE00VmNnSFR1MWZqSU8wUm1wZ2Vz SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvY0k4ZUJ4TTRWY2dIVHUxZmpJTzBSbXBnZXNJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUQxNi82NTZEMTdBOEFFOUMxMUVFOTExQUZCNjNDNEY5QUUwMi84MUI5RTBBNkFG ODkxMUVFQjk1ODc0NDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAZ0KJjANBgkqhkiG9w0BAQsFAAOCAQEAxyUv2CklcBag4XhC UKz11klSncuQqOLhsMAWnqy/eS5iNo31jVWl5SilR2n5Q7YKssipfRx3h1wt65zp tJwzHm78+i1FhBdhRjd5ScTHYMMEHEMi5Rzkv3Px+y5W11qzon7RcmuEgM6gdHCj E6ayTj7xlcDNe/ruUl1/7A+yTr71G+ZVCPeLQ4eBcinB02Q5whTsJ5w0eNYh0Irt xYQ07milVZNK5/vqhk7EdSCFQyfKnvskH9o6HkK0slXJ8V7yKCRe7elg9N/BX326 P31zltA9to+Bij6XtsdUy4fZ8VHGsrnKbyfni9pct/GaUMqM6X+7YnV/C0+T+WcM hXFKkQ== -----END CERTIFICATE-----Generated at Tue Jun 25 10:01:20 2024 by rpki-client on console-fra.rpki-client.org