$ rpki-client -vvf rpki.apnic.net/member_repository/A917B520/4CFC08DAB76C11EFB874276EC4F9AE02/3CFE7680BC5C11EFB951FD4FC4F9AE02.roa File: 3CFE7680BC5C11EFB951FD4FC4F9AE02.roa (raw, json) Hash identifier: NUffLHq82hY3xMoVf55lHNGR19ZjrAZu9OH8lX1bsUc= Subject key identifier: 2B:24:2B:91:7E:3C:F1:56:CE:FD:62:84:9C:DC:D3:9D:2F:13:74:96 Certificate issuer: /CN=A917B520/serialNumber=393EA78E4D93236E5071FB8AFFAD41D62426AA5D Certificate serial: 05 Authority key identifier: 39:3E:A7:8E:4D:93:23:6E:50:71:FB:8A:FF:AD:41:D6:24:26:AA:5D Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/OT6njk2TI25QcfuK_61B1iQmql0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B520/4CFC08DAB76C11EFB874276EC4F9AE02/3CFE7680BC5C11EFB951FD4FC4F9AE02.roa Signing time: Tue 17 Dec 2024 09:49:42 +0000 ROA not before: Tue 17 Dec 2024 09:49:42 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 150436 IP address blocks: 145.223.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B520/4CFC08DAB76C11EFB874276EC4F9AE02/OT6njk2TI25QcfuK_61B1iQmql0.crl rsync://rpki.apnic.net/member_repository/A917B520/4CFC08DAB76C11EFB874276EC4F9AE02/OT6njk2TI25QcfuK_61B1iQmql0.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/OT6njk2TI25QcfuK_61B1iQmql0.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 02:47:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B520 Validity Not Before: Dec 17 09:49:42 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=67614936-c7d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:57:c3:0f:9d:88:e9:fb:58:35:2b:fc:7e:d0: 91:86:b3:b6:ae:fd:48:f3:8f:83:66:bd:1f:ed:b0: a9:bd:53:09:b8:da:2f:c2:52:10:36:01:f9:ab:a1: 15:4f:2c:80:5b:c0:3b:45:90:1b:a5:74:77:fc:97: af:aa:29:2b:2f:22:29:4d:f0:11:c3:bb:38:de:57: e7:0d:3b:86:5b:78:59:03:57:04:cf:f1:cd:25:81: 20:54:1f:a5:8b:d8:64:00:b0:87:df:39:bc:cc:da: e1:b6:bb:9a:3e:de:2c:e2:17:62:34:56:35:9a:c2: 19:c4:78:4d:ec:b9:3e:4d:26:c2:c4:1a:9b:bc:6d: 45:d6:17:8e:52:2f:82:2d:4b:d6:6b:10:35:d4:83: d9:cf:5a:ce:06:76:29:8e:d1:82:6b:60:02:9f:d1: ff:b5:09:ea:8c:20:7b:4d:23:c4:44:a7:bf:e4:40: e0:da:cc:71:ed:21:33:64:87:27:ca:63:73:30:68: 75:9e:90:62:3d:3d:48:55:ab:a9:5a:39:b3:b6:ae: d5:39:19:23:30:23:38:29:4e:ab:2d:09:09:88:95: 23:19:4b:48:94:6c:5d:6f:a8:56:e6:9c:8a:2a:01: 33:33:de:c4:6b:91:3e:9e:72:c3:9b:93:95:df:e0: b2:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:24:2B:91:7E:3C:F1:56:CE:FD:62:84:9C:DC:D3:9D:2F:13:74:96 X509v3 Authority Key Identifier: keyid:39:3E:A7:8E:4D:93:23:6E:50:71:FB:8A:FF:AD:41:D6:24:26:AA:5D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B520/4CFC08DAB76C11EFB874276EC4F9AE02/OT6njk2TI25QcfuK_61B1iQmql0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/OT6njk2TI25QcfuK_61B1iQmql0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B520/4CFC08DAB76C11EFB874276EC4F9AE02/3CFE7680BC5C11EFB951FD4FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 145.223.128.0/18 Signature Algorithm: sha256WithRSAEncryption 31:a1:b4:bc:18:be:86:17:8a:b4:2f:88:4a:c4:56:96:7d:6a: 0c:37:4f:a7:f1:46:bd:a4:9a:95:5b:fe:54:2b:64:30:8c:5d: 87:28:da:9c:81:9b:56:1f:74:7d:28:7f:1c:17:b2:0e:48:4c: f2:08:60:ad:4f:fe:23:68:45:38:ed:35:8c:fd:27:df:e0:79: 73:13:27:73:26:0f:8f:d6:49:00:04:76:f7:94:fb:64:06:85: 82:d0:53:00:43:08:dd:ba:6f:57:98:6a:74:1e:16:93:d0:8a: eb:53:cb:b9:2a:36:fd:2d:a2:88:45:6d:26:af:b3:d0:aa:55: 64:a4:39:d2:4e:fc:b1:08:33:4e:77:f1:67:c1:bf:03:20:6e: 9b:6b:07:15:42:64:7c:66:98:7d:66:be:e7:1b:01:9e:33:d5: 84:a3:c6:dc:41:61:4f:4d:dc:b3:82:bd:bb:86:ed:49:e8:8e: 49:43:74:38:24:1c:b7:9c:0b:88:e8:bf:0b:c3:cb:97:1d:a4: 38:87:b3:0f:09:be:1f:57:25:a6:4c:c6:bb:82:13:d4:dd:1f: 2f:21:92:19:04:8a:a1:48:be:2b:e8:0b:41:5b:fb:f2:98:99: f6:ca:3e:2e:0f:2b:9f:a2:66:7a:a0:31:06:16:6a:8f:bc:ed: 2e:ed:55:28 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QjUyMDExMC8GA1UEBRMoMzkzRUE3OEU0RDkzMjM2RTUwNzFGQjhBRkZBRDQxRDYy NDI2QUE1RDAeFw0yNDEyMTcwOTQ5NDJaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3NjE0OTM2LWM3ZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJV8MPnYjp+1g1K/x+0JGGs7au/Ujzj4NmvR/tsKm9Uwm42i/CUhA2AfmroRVP LIBbwDtFkBuldHf8l6+qKSsvIilN8BHDuzjeV+cNO4ZbeFkDVwTP8c0lgSBUH6WL 2GQAsIffObzM2uG2u5o+3iziF2I0VjWawhnEeE3suT5NJsLEGpu8bUXWF45SL4It S9ZrEDXUg9nPWs4GdimO0YJrYAKf0f+1CeqMIHtNI8REp7/kQODazHHtITNkhyfK Y3MwaHWekGI9PUhVq6laObO2rtU5GSMwIzgpTqstCQmIlSMZS0iUbF1vqFbmnIoq ATMz3sRrkT6ecsObk5Xf4LKRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKyQrkX48 8VbO/WKEnNzTnS8TdJYwHwYDVR0jBBgwFoAUOT6njk2TI25QcfuK/61B1iQmql0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCNTIwLzRDRkMwOERBQjc2 QzExRUZCODc0Mjc2RUM0RjlBRTAyL09UNm5qazJUSTI1UWNmdUtfNjFCMWlRbXFs MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2MTFFMkEzRjI3RjdDNzJG RDFGRjIvT1Q2bmprMlRJMjVRY2Z1S182MUIxaVFtcWwwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QjUyMC80Q0ZDMDhEQUI3NkMxMUVGQjg3NDI3NkVDNEY5QUUwMi8zQ0ZFNzY4MEJD NUMxMUVGQjk1MUZENEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEBpHfgDANBgkqhkiG9w0BAQsFAAOCAQEAMaG0vBi+hheKtC+I SsRWln1qDDdPp/FGvaSalVv+VCtkMIxdhyjanIGbVh90fSh/HBeyDkhM8ghgrU/+ I2hFOO01jP0n3+B5cxMncyYPj9ZJAAR295T7ZAaFgtBTAEMI3bpvV5hqdB4Wk9CK 61PLuSo2/S2iiEVtJq+z0KpVZKQ50k78sQgzTnfxZ8G/AyBum2sHFUJkfGaYfWa+ 5xsBnjPVhKPG3EFhT03cs4K9u4btSeiOSUN0OCQct5wLiOi/C8PLlx2kOIezDwm+ H1clpkzGu4IT1N0fLyGSGQSKoUi+K+gLQVv78piZ9so+Lg8rn6JmeqAxBhZqj7zt Lu1VKA== -----END CERTIFICATE-----Generated at Thu Feb 6 00:52:35 2025 by rpki-client