$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/1E7AFF46066811ED8098BF45C4F9AE02.roa File: 1E7AFF46066811ED8098BF45C4F9AE02.roa (raw, json) Hash identifier: ev/mePXBEPvK6gb+f1OdX+Zvmji398YTTdWrnmFhOHo= Subject key identifier: BF:87:30:DA:CB:9D:02:A2:71:C6:60:F0:9D:51:71:B9:4B:79:C3:97 Certificate issuer: /CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Certificate serial: 13A6 Authority key identifier: 1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/1E7AFF46066811ED8098BF45C4F9AE02.roa Signing time: Mon 25 Dec 2023 09:40:37 +0000 ROA not before: Mon 25 Dec 2023 09:40:37 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 136907 IP address blocks: 149.232.128.0/19 maxlen: 19 149.232.128.0/20 maxlen: 20 149.232.144.0/20 maxlen: 20 159.138.78.0/24 maxlen: 24 159.138.112.0/21 maxlen: 21 159.138.113.0/24 maxlen: 24 159.138.114.0/24 maxlen: 24 159.138.116.0/24 maxlen: 24 159.138.208.0/21 maxlen: 21 166.108.192.0/18 maxlen: 18 166.108.192.0/20 maxlen: 20 166.108.208.0/20 maxlen: 20 166.108.224.0/20 maxlen: 20 166.108.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 17:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5030 (0x13a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Validity Not Before: Dec 25 09:40:37 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=65894e15-10c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a5:a7:95:00:b9:45:96:bb:5c:50:f0:ee:f2: 60:43:1d:99:0b:d8:ac:fb:fa:06:28:2a:80:e8:c8: 79:ea:65:33:f4:ca:0a:ad:20:d8:b3:8a:2d:5d:65: 59:e8:44:aa:2e:2c:0a:db:c8:af:3e:b0:9c:40:0d: dc:37:ec:ea:59:7a:2d:65:3b:7c:a9:17:97:0b:79: 80:48:98:1e:8e:f1:0d:82:76:df:c1:e2:47:21:cb: 21:76:12:98:2a:9d:b1:21:96:bb:55:57:a9:98:76: 1d:37:14:27:c8:23:33:84:5b:70:bf:d1:2f:6e:bc: e5:57:4b:bf:d3:ef:c0:0e:ca:50:4c:f2:06:44:d6: db:1b:99:eb:9f:78:e5:61:ba:f3:3b:76:ea:9a:03: ba:b4:60:ac:ff:e0:5e:90:59:d8:03:ef:50:d2:07: 83:19:24:b1:a5:d0:1a:8d:1d:84:76:6a:40:1a:90: 4e:dd:e6:2c:25:52:0c:6d:0c:f5:67:71:03:4f:9a: e9:90:c3:5b:00:21:3e:85:93:72:d1:6c:60:8f:87: 6f:47:94:90:26:de:29:37:2d:fc:f4:44:ea:a7:d9: 9d:85:62:47:96:97:96:db:97:11:a2:6f:3f:c9:eb: 78:87:01:12:fc:39:e0:f2:1d:c6:49:de:dd:b6:8e: a0:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:87:30:DA:CB:9D:02:A2:71:C6:60:F0:9D:51:71:B9:4B:79:C3:97 X509v3 Authority Key Identifier: keyid:1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/1E7AFF46066811ED8098BF45C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 149.232.128.0/19 159.138.78.0/24 159.138.112.0/21 159.138.208.0/21 166.108.192.0/18 Signature Algorithm: sha256WithRSAEncryption a2:2b:82:67:19:37:42:c4:a7:c5:fa:43:3c:4c:db:97:89:87: f4:73:e8:6d:89:d2:11:eb:2a:b8:79:2a:44:1b:15:fe:5c:81: 4e:7b:3f:56:34:9d:5f:d7:29:23:d4:53:ea:38:29:81:d1:f4: c2:0f:b8:f1:8d:c8:ef:b6:fb:84:11:b3:2e:17:11:b5:65:ef: 28:0b:07:b0:97:d6:98:d2:5b:3f:21:17:1f:70:08:e1:2a:19: 8a:ba:4c:17:99:70:57:a5:7b:6d:57:79:3f:39:aa:a7:6b:61: e1:8d:d4:c3:e9:55:9c:89:cf:48:cf:38:c5:db:97:a0:c6:78: fe:0a:af:2f:90:1c:17:9f:e3:95:da:a3:ac:d1:1c:3f:10:a0: 00:68:40:11:41:ce:25:0c:61:28:87:de:90:5c:db:1f:4f:e4: 55:52:3e:b8:05:93:97:b4:1c:fb:82:5e:e9:df:bd:4d:d4:d2: ef:6c:71:ef:d7:2e:32:0b:ec:9b:78:13:80:af:4c:ee:03:2d: 35:05:d8:8e:10:20:3f:08:a6:95:f4:7b:de:04:4e:3a:18:86: 64:8a:4d:10:23:3a:76:ec:00:88:3a:5a:3e:5d:86:de:c1:cb: 09:98:e7:21:70:11:37:58:57:f8:57:3e:f0:a2:32:b4:03:1a: 2a:fa:fb:29 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICE6YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDFFMTIzODQ1NjM3MUU3NDQ4OTQ2MjJFOThBQzFFRTU1 QjQxNDVFMTAwHhcNMjMxMjI1MDk0MDM3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTg5NGUxNS0xMGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsqWnlQC5RZa7XFDw7vJgQx2ZC9is+/oGKCqA6Mh56mUz9MoKrSDYs4otXWVZ 6ESqLiwK28ivPrCcQA3cN+zqWXotZTt8qReXC3mASJgejvENgnbfweJHIcshdhKY Kp2xIZa7VVepmHYdNxQnyCMzhFtwv9EvbrzlV0u/0+/ADspQTPIGRNbbG5nrn3jl YbrzO3bqmgO6tGCs/+BekFnYA+9Q0geDGSSxpdAajR2EdmpAGpBO3eYsJVIMbQz1 Z3EDT5rpkMNbACE+hZNy0Wxgj4dvR5SQJt4pNy389ETqp9mdhWJHlpeW25cRom8/ yet4hwES/Dng8h3GSd7dto6gSwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFL+HMNrL nQKiccZg8J1RcblLecOXMB8GA1UdIwQYMBaAFB4SOEVjcedEiUYi6YrB7lW0FF4Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC82OTdFMzU2QTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUwU0pSaUxwaXNIdVZiUVVY aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0hoSTRSV054NTBTSlJpTHBpc0h1VmJRVVhoQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U2NzgvNjk3RTM1NkE2OTU3MTFFOEE0MkJFNjgwQzRGOUFFMDIvMUU3QUZGNDYw NjY4MTFFRDgwOThCRjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAWV6IADBACfik4DBAOfinADBAOfitADBAambMAwDQYJKoZI hvcNAQELBQADggEBAKIrgmcZN0LEp8X6QzxM25eJh/Rz6G2J0hHrKrh5KkQbFf5c gU57P1Y0nV/XKSPUU+o4KYHR9MIPuPGNyO+2+4QRsy4XEbVl7ygLB7CX1pjSWz8h Fx9wCOEqGYq6TBeZcFele21XeT85qqdrYeGN1MPpVZyJz0jPOMXbl6DGeP4Kry+Q HBef45Xao6zRHD8QoABoQBFBziUMYSiH3pBc2x9P5FVSPrgFk5e0HPuCXunfvU3U 0u9sce/XLjIL7Jt4E4CvTO4DLTUF2I4QID8IppX0e94ETjoYhmSKTRAjOnbsAIg6 Wj5dht7BywmY5yFwETdYV/hXPvCiMrQDGir6+yk= -----END CERTIFICATE-----Generated at Tue Apr 16 18:27:57 2024 by rpki-client on console-fra.rpki-client.org