$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/BFC0298670DC11EF8B65D95AC4F9AE02.roa File: BFC0298670DC11EF8B65D95AC4F9AE02.roa (raw, json) Hash identifier: xXgZmTOjB2R5QXQ+RZB2yUg6+3TlEC2Vj8vF4e6Tnwo= Subject key identifier: 59:E2:E7:E5:E1:98:0F:AD:BF:AE:9A:77:EB:CB:C2:27:4A:B7:8E:DF Certificate issuer: /CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Certificate serial: 82 Authority key identifier: 70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/BFC0298670DC11EF8B65D95AC4F9AE02.roa Signing time: Thu 12 Sep 2024 07:58:09 +0000 ROA not before: Thu 12 Sep 2024 07:58:08 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 152299 IP address blocks: 157.10.38.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 130 (0x82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Validity Not Before: Sep 12 07:58:08 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=66e29f10-1988 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:b3:90:7f:4d:57:b1:33:f5:72:8f:e3:33:30: 7a:da:37:0f:57:69:20:43:c6:cc:06:37:5f:06:61: df:c5:8e:69:75:69:e5:24:77:91:d1:6f:38:10:93: 28:2e:b2:e9:e6:6a:f3:98:ac:51:51:48:4b:77:52: d4:03:3e:e1:bf:90:f1:73:95:2c:32:70:d7:eb:f5: 77:76:3e:59:96:37:90:f0:80:48:83:08:7d:c7:ef: e8:04:f2:37:9b:b9:ec:77:19:dd:0f:6b:4d:db:3d: 57:74:03:c4:f9:34:7c:c8:0b:49:8d:bc:c5:c7:51: 71:4c:de:a8:c9:e8:0a:84:aa:58:77:8f:b9:72:7a: de:44:e3:cc:30:2a:94:35:e1:cc:9d:8a:49:49:86: 21:a0:2f:c9:19:08:37:0b:f2:50:5c:ef:19:d3:dd: c2:ef:bd:ae:a8:60:bb:27:fa:65:ed:1e:0e:7c:12: 55:61:99:ee:d9:b3:2d:88:cb:96:e6:c3:d4:c2:ba: 90:70:84:f8:a2:93:f5:30:bb:d8:35:d8:98:1d:19: 59:e2:c7:53:7a:2d:f1:01:67:57:d3:e5:a1:40:a9: cc:1b:3c:41:f8:db:15:71:aa:ff:2e:0c:ff:8a:33: 9f:e8:2e:6a:c7:f9:9a:5d:cb:10:52:2f:49:2d:2f: 61:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:E2:E7:E5:E1:98:0F:AD:BF:AE:9A:77:EB:CB:C2:27:4A:B7:8E:DF X509v3 Authority Key Identifier: keyid:70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/BFC0298670DC11EF8B65D95AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.10.38.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:21:fc:d4:13:a0:45:88:8b:78:2d:d1:5e:30:11:49:08:f8: 3d:3a:3e:5e:21:b2:1c:1f:d0:83:46:77:51:14:ff:0a:5f:61: a2:bf:77:1a:95:88:6d:83:c0:4d:01:e6:e1:1f:06:20:46:c7: 97:76:b8:7e:5d:65:4a:79:3b:55:cb:91:de:61:a6:39:1e:30: 1d:4a:7e:c7:bd:df:32:0a:5d:fa:99:0e:2e:62:51:d0:5f:cc: a9:5b:03:0f:10:b2:4d:13:7c:55:52:52:af:bd:de:25:a6:15: 45:c3:33:ab:3b:17:5b:05:94:c2:86:18:5d:0e:53:8b:71:a0: fa:10:9b:a8:f3:18:fb:26:8d:69:58:c2:3a:72:fb:12:6b:04: 29:5e:c5:6f:d2:3b:a8:82:a9:8e:62:64:46:51:59:ab:d2:7e: 2b:2a:21:81:d9:5f:ea:06:9a:3d:b8:f0:52:bb:e8:31:10:b1: af:2d:f0:e1:96:4a:43:7a:fa:4e:0c:88:91:31:95:af:35:36: 94:98:0a:5f:1d:0a:de:ee:4b:5b:96:0e:4b:c3:b5:a2:46:02: fb:e8:61:fd:1a:02:14:bc:fe:2d:00:0d:af:0b:8b:d1:39:90: 51:92:3f:e5:2b:43:23:b1:32:7e:8c:98:b9:a0:6b:4e:32:1c: 68:6c:04:3e -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAIIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFEMTYxMTAvBgNVBAUTKDcwOEYxRTA3MTMzODU1QzgwNzRFRUQ1RjhDODNCNDQ2 NkE2MDdBQzIwHhcNMjQwOTEyMDc1ODA4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmUyOWYxMC0xOTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzbOQf01XsTP1co/jMzB62jcPV2kgQ8bMBjdfBmHfxY5pdWnlJHeR0W84EJMo LrLp5mrzmKxRUUhLd1LUAz7hv5Dxc5UsMnDX6/V3dj5ZljeQ8IBIgwh9x+/oBPI3 m7nsdxndD2tN2z1XdAPE+TR8yAtJjbzFx1FxTN6oyegKhKpYd4+5cnreROPMMCqU NeHMnYpJSYYhoC/JGQg3C/JQXO8Z093C772uqGC7J/pl7R4OfBJVYZnu2bMtiMuW 5sPUwrqQcIT4opP1MLvYNdiYHRlZ4sdTei3xAWdX0+WhQKnMGzxB+NsVcar/Lgz/ ijOf6C5qx/maXcsQUi9JLS9hTwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFni5+Xh mA+tv66ad+vLwidKt47fMB8GA1UdIwQYMBaAFHCPHgcTOFXIB07tX4yDtEZqYHrC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUQxNi82NTZEMTdBOEFF OUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZjZ0hUdTFmaklPMFJtcGdl c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2NJOGVCeE00VmNnSFR1MWZqSU8wUm1wZ2VzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzFEMTYvNjU2RDE3QThBRTlDMTFFRTkxMUFGQjYzQzRGOUFFMDIvQkZDMDI5ODY3 MERDMTFFRjhCNjVEOTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBACdCiYwDQYJKoZIhvcNAQELBQADggEBAD0h/NQToEWIi3gt 0V4wEUkI+D06Pl4hshwf0INGd1EU/wpfYaK/dxqViG2DwE0B5uEfBiBGx5d2uH5d ZUp5O1XLkd5hpjkeMB1Kfse93zIKXfqZDi5iUdBfzKlbAw8Qsk0TfFVSUq+93iWm FUXDM6s7F1sFlMKGGF0OU4txoPoQm6jzGPsmjWlYwjpy+xJrBClexW/SO6iCqY5i ZEZRWavSfisqIYHZX+oGmj248FK76DEQsa8t8OGWSkN6+k4MiJExla81NpSYCl8d Ct7uS1uWDkvDtaJGAvvoYf0aAhS8/i0ADa8Li9E5kFGSP+UrQyOxMn6MmLmga04y HGhsBD4= -----END CERTIFICATE-----Generated at Thu Nov 21 05:05:58 2024 by rpki-client on console-fra.rpki-client.org