$ rpki-client -vvf rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/B95187FC2FB811EBBF9A864BC4F9AE02.roa File: B95187FC2FB811EBBF9A864BC4F9AE02.roa (raw, json) Hash identifier: j3Mdp3VdpFJP8qi33NyGvoVivwkHNNacPK2sV9tj6Kg= Subject key identifier: 55:AC:73:98:A6:5F:B6:E9:21:74:ED:D6:5A:0F:D6:44:1D:0D:41:EB Certificate issuer: /CN=A9186E8A/serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493 Certificate serial: 06C1 Authority key identifier: BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/B95187FC2FB811EBBF9A864BC4F9AE02.roa Signing time: Fri 05 Apr 2024 00:02:18 +0000 ROA not before: Fri 05 Apr 2024 00:02:18 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 21859 IP address blocks: 152.32.230.0/24 maxlen: 24 152.32.232.0/24 maxlen: 24 165.154.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1729 (0x6c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9186E8A/serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493 Validity Not Before: Apr 5 00:02:18 2024 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=660f3f89-676a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b6:b1:ef:15:23:58:fe:8f:ca:51:40:46:a0: ba:34:a6:14:72:1c:62:6c:1f:34:b1:37:d4:da:d6: db:75:6a:4c:4f:71:ae:50:97:58:b8:13:11:4f:a2: bf:4a:53:6b:75:52:82:6b:99:fa:0b:57:fe:c9:8b: f3:27:1d:8e:85:05:d6:6c:93:b7:1b:3a:2d:b7:d0: 6f:95:0a:d5:a7:33:aa:5d:64:11:ca:de:6d:13:a4: 3d:76:0b:02:1e:dc:22:26:77:a9:00:a4:17:ca:70: e7:73:b4:b6:ae:d0:c4:43:64:e3:8e:92:47:92:1a: 75:19:c3:7a:47:c8:89:a6:c9:53:9b:cd:83:73:8a: 56:07:14:c0:96:60:ba:c2:03:fb:92:0c:26:57:27: 79:a4:34:90:68:59:fc:d6:ae:b1:1a:7e:ca:df:5f: 9d:ab:0a:0e:16:81:e8:a9:de:50:95:cb:2e:5f:14: 13:4f:01:17:c8:88:35:28:da:09:ed:26:d2:75:69: c8:f3:39:cf:ce:5a:28:96:0a:d9:a5:0e:5c:64:ce: d1:2d:05:8f:58:71:23:c9:7f:db:ed:60:ca:7a:d2: 74:38:67:54:ee:1e:cb:ef:fe:f0:fe:77:0b:b8:ff: 6c:58:55:52:8a:63:73:98:64:91:57:dc:51:4e:f8: 65:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:AC:73:98:A6:5F:B6:E9:21:74:ED:D6:5A:0F:D6:44:1D:0D:41:EB X509v3 Authority Key Identifier: keyid:BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/B95187FC2FB811EBBF9A864BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 152.32.230.0/24 152.32.232.0/24 165.154.125.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:cb:a4:e0:3d:74:0c:61:58:e9:f2:03:ed:aa:d6:10:8b:75: 63:17:39:a8:27:99:20:9c:c2:88:46:be:77:0e:98:ed:29:a0: 06:09:0a:ee:bb:7a:e5:1d:95:37:9a:86:b1:a0:f1:6d:b1:c5: 48:7c:4f:80:03:40:ab:f7:97:9d:52:05:2b:fe:a9:ff:8e:88: c9:ac:e0:ef:8a:1b:8e:a4:0d:6d:bc:88:09:6b:4b:15:2e:12: 5a:97:31:cf:28:81:20:34:8f:f0:67:02:b9:87:e6:7c:0c:16: da:06:1e:d1:ca:2e:60:92:0f:aa:1d:e4:05:5f:85:55:96:37: 23:56:cc:13:d2:cd:37:c6:53:48:fc:4b:1b:a6:5a:d8:16:b9: 82:77:e2:15:f3:1d:3b:77:d2:6b:73:c1:54:0a:4b:23:7b:ac: 94:3f:4f:c9:a1:8e:18:41:f0:12:62:cb:78:84:85:39:a9:70: 8d:b2:18:bb:28:ca:98:1f:44:87:9c:85:f3:ed:27:a1:fb:b8: 40:70:30:e8:b1:61:97:b2:e2:6c:e8:8e:36:0a:92:e5:2a:5b: a4:56:c8:ad:78:08:a7:ba:2f:ff:b5:74:f8:25:b6:f1:bd:dd: d5:05:ab:42:42:46:d0:50:8d:93:22:a0:d5:34:10:2b:46:e6: ad:ca:c2:bf -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICBsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODZFOEExMTAvBgNVBAUTKEJERDVFOUE3NkYxQUM0QzhFNTE3OTdFQ0U5OUUzRENF RUNFRTc0OTMwHhcNMjQwNDA1MDAwMjE4WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02NjBmM2Y4OS02NzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzrax7xUjWP6PylFARqC6NKYUchxibB80sTfU2tbbdWpMT3GuUJdYuBMRT6K/ SlNrdVKCa5n6C1f+yYvzJx2OhQXWbJO3Gzott9BvlQrVpzOqXWQRyt5tE6Q9dgsC HtwiJnepAKQXynDnc7S2rtDEQ2TjjpJHkhp1GcN6R8iJpslTm82Dc4pWBxTAlmC6 wgP7kgwmVyd5pDSQaFn81q6xGn7K31+dqwoOFoHoqd5QlcsuXxQTTwEXyIg1KNoJ 7SbSdWnI8znPzloolgrZpQ5cZM7RLQWPWHEjyX/b7WDKetJ0OGdU7h7L7/7w/ncL uP9sWFVSimNzmGSRV9xRTvhlkwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFWsc5im X7bpIXTt1loP1kQdDUHrMB8GA1UdIwQYMBaAFL3V6advGsTI5ReX7OmePc7s7nST MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkU4QS8zMTQ4REM5RTJE RkYxMUVCODY4QTkxMzVDNEY5QUUwMi92ZFhwcDI4YXhNamxGNWZzNlo0OXp1enVk Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3ZkWHBwMjhheE1qbEY1ZnM2WjQ5enV6dWRKTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODZFOEEvMzE0OERDOUUyREZGMTFFQjg2OEE5MTM1QzRGOUFFMDIvQjk1MTg3RkMy RkI4MTFFQkJGOUE4NjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBACYIOYDBACYIOgDBAClmn0wDQYJKoZIhvcNAQELBQADggEB AC3LpOA9dAxhWOnyA+2q1hCLdWMXOagnmSCcwohGvncOmO0poAYJCu67euUdlTea hrGg8W2xxUh8T4ADQKv3l51SBSv+qf+OiMms4O+KG46kDW28iAlrSxUuElqXMc8o gSA0j/BnArmH5nwMFtoGHtHKLmCSD6od5AVfhVWWNyNWzBPSzTfGU0j8SxumWtgW uYJ34hXzHTt30mtzwVQKSyN7rJQ/T8mhjhhB8BJiy3iEhTmpcI2yGLsoypgfRIec hfPtJ6H7uEBwMOixYZey4mzojjYKkuUqW6RWyK14CKe6L/+1dPgltvG93dUFq0JC RtBQjZMioNU0ECtG5q3Kwr8= -----END CERTIFICATE-----Generated at Wed Nov 20 23:11:46 2024 by rpki-client on console-fra.rpki-client.org