$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/B3DA6A4CBDDE11EA9977C550C4F9AE02.roa File: B3DA6A4CBDDE11EA9977C550C4F9AE02.roa (raw, json) Hash identifier: hLopRGI6rdl08AJGeEUD3NEH2lXMhewx+U/f5fpD8OU= Subject key identifier: 27:89:06:2A:E2:90:C6:C8:E4:26:25:8C:75:44:28:10:06:61:3D:CA Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 1AC7 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/B3DA6A4CBDDE11EA9977C550C4F9AE02.roa Signing time: Thu 25 Jul 2024 06:54:23 +0000 ROA not before: Thu 25 Jul 2024 06:54:23 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 58758 IP address blocks: 158.144.42.0/23 maxlen: 23 158.144.42.0/24 maxlen: 24 158.144.43.0/24 maxlen: 24 158.144.44.0/24 maxlen: 24 158.144.183.0/24 maxlen: 24 158.144.185.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 05:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6855 (0x1ac7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: Jul 25 06:54:23 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=66a1f69e-15d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6e:f7:b7:68:e4:04:b2:51:ed:16:37:4a:bf: 76:b2:f7:a9:8b:ca:db:08:8a:08:ad:95:ca:f1:c6: 5d:ad:0e:71:b6:87:04:1e:25:25:4d:7b:fb:26:b9: 4a:ca:19:c1:ee:06:86:d5:59:e5:cf:2a:ea:d7:6a: f7:f5:de:bb:86:9c:b9:cf:96:ac:9d:ec:57:98:4d: 89:76:d4:9e:f5:32:e6:ef:72:92:b7:e2:45:5e:a2: a2:2a:f7:39:92:ed:f2:6e:aa:ed:b9:a2:cb:a4:2a: 9a:b5:96:8c:e4:d5:95:99:f8:ec:c8:a2:a5:d7:cf: 1a:d6:20:2f:2b:2b:bf:bc:df:af:ca:33:9b:a4:ca: dd:13:3b:4e:b4:aa:ad:b8:8b:0e:18:50:6c:77:fa: a8:14:ff:09:c1:f6:aa:5c:64:da:41:db:b5:e2:67: 5d:c7:04:06:e3:ad:c0:dd:91:6b:d3:d0:3e:36:aa: db:51:4a:c8:13:24:05:fb:f6:38:e9:5d:8c:53:cc: dd:76:3b:95:fc:78:c9:43:c2:5c:92:6e:6c:bf:c7: 9f:b0:39:87:fa:d9:02:fd:ae:83:ff:b5:69:60:65: 33:9b:16:cf:82:51:85:87:1e:86:83:31:81:f3:dd: f6:27:c2:e0:d9:74:64:bd:e3:90:0b:85:19:66:89: 6b:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:89:06:2A:E2:90:C6:C8:E4:26:25:8C:75:44:28:10:06:61:3D:CA X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/B3DA6A4CBDDE11EA9977C550C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 158.144.42.0-158.144.44.255 158.144.183.0/24 158.144.185.0/24 Signature Algorithm: sha256WithRSAEncryption ce:d7:d2:94:06:30:4d:8d:c2:5e:f2:40:46:90:82:52:39:43: 80:81:bd:36:94:a0:1c:df:98:c0:83:db:3c:39:19:57:0a:01: e7:99:ce:5f:56:a9:98:09:79:90:69:10:48:58:55:f2:0c:8b: ff:90:5c:a1:93:4b:93:43:dd:87:02:a1:7a:b6:48:1f:52:d6: 01:4b:55:23:ee:bb:d3:4b:8b:6b:b8:27:64:98:dc:37:6b:81: b6:3a:18:fe:68:f5:78:46:9a:59:d0:4d:f4:09:81:b6:60:5f: 35:a3:28:35:df:22:1c:6f:60:e3:d9:5e:bb:56:75:2a:64:ac: f2:df:5b:f7:be:8c:4d:8f:b7:29:45:26:dd:c3:86:0f:bd:32: 57:0b:b0:90:a0:ac:c9:78:6a:75:ea:f6:20:f5:aa:22:5d:a5: a3:05:e0:46:df:cc:24:62:38:35:8c:f5:44:40:52:e7:3f:62: 3a:a6:70:e5:23:2e:96:48:30:6e:7e:52:f6:6a:89:dc:ef:10: e3:97:20:99:d9:7c:88:b8:83:ed:c9:6f:51:8d:a4:64:2e:1e: 11:d7:fe:56:59:99:ff:7e:16:21:b2:ce:61:73:21:f9:b4:07: af:3b:48:4a:50:b6:db:e4:27:46:b7:20:98:af:07:f4:08:60: 19:d4:cb:60 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICGscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjQwNzI1MDY1NDIzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmExZjY5ZS0xNWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy273t2jkBLJR7RY3Sr92svepi8rbCIoIrZXK8cZdrQ5xtocEHiUlTXv7JrlK yhnB7gaG1Vnlzyrq12r39d67hpy5z5asnexXmE2JdtSe9TLm73KSt+JFXqKiKvc5 ku3ybqrtuaLLpCqatZaM5NWVmfjsyKKl188a1iAvKyu/vN+vyjObpMrdEztOtKqt uIsOGFBsd/qoFP8JwfaqXGTaQdu14mddxwQG463A3ZFr09A+NqrbUUrIEyQF+/Y4 6V2MU8zddjuV/HjJQ8Jckm5sv8efsDmH+tkC/a6D/7VpYGUzmxbPglGFhx6GgzGB 8932J8Lg2XRkveOQC4UZZolrLQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFCeJBiri kMbI5CYljHVEKBAGYT3KMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjNEQTZBNENC RERFMTFFQTk5NzdDNTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgABMBowDAMEAZ6QKgMEAJ6QLAMEAJ6QtwMEAJ6QuTANBgkqhkiG9w0B AQsFAAOCAQEAztfSlAYwTY3CXvJARpCCUjlDgIG9NpSgHN+YwIPbPDkZVwoB55nO X1apmAl5kGkQSFhV8gyL/5BcoZNLk0PdhwKherZIH1LWAUtVI+6700uLa7gnZJjc N2uBtjoY/mj1eEaaWdBN9AmBtmBfNaMoNd8iHG9g49leu1Z1KmSs8t9b976MTY+3 KUUm3cOGD70yVwuwkKCsyXhqder2IPWqIl2lowXgRt/MJGI4NYz1REBS5z9iOqZw 5SMulkgwbn5S9mqJ3O8Q45cgmdl8iLiD7clvUY2kZC4eEdf+VlmZ/34WIbLOYXMh +bQHrztISlC22+QnRrcgmK8H9AhgGdTLYA== -----END CERTIFICATE-----Generated at Fri Nov 22 06:57:53 2024 by rpki-client on console-fra.rpki-client.org