$ rpki-client -vvf rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa File: 907FFB3C5C8511EDA172EE5CC4F9AE02.roa (raw, json) Hash identifier: J/wY1oGi+dPrVbFhpoWx/8vt8JGgbXNBe9bqBycipxI= Subject key identifier: D6:33:52:B6:61:A6:10:E7:59:88:DC:46:A9:B6:34:C7:20:A8:A3:05 Certificate issuer: /CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Certificate serial: 0294 Authority key identifier: 24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa Signing time: Mon 07 Oct 2024 03:11:05 +0000 ROA not before: Mon 07 Oct 2024 03:11:05 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 12888 IP address blocks: 168.153.3.0/24 maxlen: 24 168.153.4.0/24 maxlen: 24 168.153.5.0/24 maxlen: 24 168.153.6.0/24 maxlen: 24 168.153.7.0/24 maxlen: 24 168.153.8.0/24 maxlen: 24 168.153.32.0/22 maxlen: 22 168.153.40.0/22 maxlen: 22 168.153.64.0/22 maxlen: 22 168.153.96.0/24 maxlen: 24 168.153.106.0/24 maxlen: 24 168.153.107.0/24 maxlen: 24 168.153.108.0/24 maxlen: 24 168.153.109.0/24 maxlen: 24 168.153.110.0/24 maxlen: 24 168.153.111.0/24 maxlen: 24 168.153.144.0/22 maxlen: 22 168.153.160.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 19:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 660 (0x294) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Validity Not Before: Oct 7 03:11:05 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=67035149-b87d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:2d:f3:5f:a5:12:f2:df:6b:b8:e4:12:1b:ee: 8e:aa:e2:94:10:f4:5e:06:53:bb:8f:3e:83:7e:0c: 4b:3c:0f:c6:e1:3a:e1:ee:5b:35:dc:ff:08:67:44: db:3e:d6:5d:0d:09:40:5a:54:0c:a7:68:b4:fa:15: 1e:ff:81:9b:d1:83:66:7a:9e:f8:50:1b:42:29:4a: d9:67:2a:06:f3:a9:a2:d7:fb:1e:09:25:78:aa:59: c9:db:67:26:f5:69:96:4d:67:cd:b9:1a:74:43:5a: 07:9c:89:0d:2a:74:4a:22:4d:fb:e2:a0:dd:76:92: a1:9a:64:b2:c1:d5:1e:fa:b3:7b:ae:15:d0:83:d4: 67:88:a6:87:50:92:d4:30:58:c0:0f:00:af:b9:97: 8c:1b:84:57:a6:21:67:a8:53:06:ee:4b:a0:da:b7: 3a:97:65:21:f9:fd:c2:99:56:e3:7e:5f:fd:d1:11: 2f:20:eb:1d:a4:a3:0a:53:0e:a1:bc:d4:0f:2f:5d: d3:91:a1:61:61:b6:30:77:d6:b8:18:dd:b2:e4:76: 0a:ed:b7:f7:35:aa:af:41:d2:2e:83:b8:fb:b7:fd: b9:f1:f4:a1:82:38:ab:57:1d:21:c4:01:00:99:7d: b1:36:a2:81:8d:a3:f1:bb:0b:78:8d:7a:dd:9d:ad: ca:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:33:52:B6:61:A6:10:E7:59:88:DC:46:A9:B6:34:C7:20:A8:A3:05 X509v3 Authority Key Identifier: keyid:24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 168.153.3.0-168.153.8.255 168.153.32.0/22 168.153.40.0/22 168.153.64.0/22 168.153.96.0/24 168.153.106.0-168.153.111.255 168.153.144.0/22 168.153.160.0/22 Signature Algorithm: sha256WithRSAEncryption b6:51:01:17:8c:71:98:63:93:fc:ac:8a:e4:f1:4e:5e:78:0a: d6:97:62:68:a3:7d:79:7c:b2:77:0e:9e:d1:78:92:9c:f8:71: 4b:80:8c:03:03:ce:fa:d0:6b:6b:41:32:56:e8:dd:bc:61:be: 63:f1:24:fd:a8:69:23:06:79:89:96:3c:42:82:63:9e:b1:63: 3b:70:3b:7b:b0:a1:a0:d7:5b:a6:53:9c:39:c0:f6:18:54:ac: 7b:c4:42:e2:1a:3e:06:aa:60:80:9f:6e:2b:6f:0d:bc:86:ab: 68:5a:5a:77:0f:f7:ae:b6:b4:5d:29:19:96:10:ec:cc:ee:53: e6:06:37:fc:a0:ef:09:8a:73:a3:0d:d5:26:24:9e:ae:18:0e: 0b:e6:84:f6:97:67:95:f6:e0:85:69:94:e9:d3:1c:3b:4d:cb: 86:fb:89:8a:b1:69:f4:e8:f6:61:60:7c:0e:f6:c3:51:2c:96: 09:96:b3:ce:d4:f3:fb:7e:ca:f5:93:5c:58:7b:c9:c8:7e:3b: 94:cc:ff:6c:c7:a3:41:ce:41:ad:af:0c:73:ac:4d:3f:63:05: 15:a2:bd:ee:66:41:56:6b:3c:82:f6:9e:f2:99:e0:d2:a9:51: a2:0f:e6:75:41:e2:2a:15:6d:ea:4c:79:3c:f3:7b:44:03:6e: d1:5c:b4:87 -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgICApQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3MTMxMTAvBgNVBAUTKDI0QzhCQkY5MzBDRDJEMTIzOTlBQkRGOUM5Q0FCMTRC MUNENzlGNkIwHhcNMjQxMDA3MDMxMTA1WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzAzNTE0OS1iODdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2y3zX6US8t9ruOQSG+6OquKUEPReBlO7jz6DfgxLPA/G4Trh7ls13P8IZ0Tb PtZdDQlAWlQMp2i0+hUe/4Gb0YNmep74UBtCKUrZZyoG86mi1/seCSV4qlnJ22cm 9WmWTWfNuRp0Q1oHnIkNKnRKIk374qDddpKhmmSywdUe+rN7rhXQg9RniKaHUJLU MFjADwCvuZeMG4RXpiFnqFMG7kug2rc6l2Uh+f3CmVbjfl/90REvIOsdpKMKUw6h vNQPL13TkaFhYbYwd9a4GN2y5HYK7bf3NaqvQdIug7j7t/258fShgjirVx0hxAEA mX2xNqKBjaPxuwt4jXrdna3KzQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFNYzUrZh phDnWYjcRqm2NMcgqKMFMB8GA1UdIwQYMBaAFCTIu/kwzS0SOZq9+cnKsUsc159r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTcxMy8zNDk5NENCNEUw REExMUVDOTRDN0UwNjJDNEY5QUUwMi9KTWk3LVRETkxSSTVtcjM1eWNxeFN4elhu MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0pNaTctVEROTFJJNW1yMzV5Y3F4U3h6WG4ycy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUE3MTMvMzQ5OTRDQjRFMERBMTFFQzk0QzdFMDYyQzRGOUFFMDIvOTA3RkZCM0M1 Qzg1MTFFREExNzJFRTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E SjBIMEYEAgABMEAwDAMEAKiZAwMEAKiZCAMEAqiZIAMEAqiZKAMEAqiZQAMEAKiZ YDAMAwQBqJlqAwQEqJlgAwQCqJmQAwQCqJmgMA0GCSqGSIb3DQEBCwUAA4IBAQC2 UQEXjHGYY5P8rIrk8U5eeArWl2Joo315fLJ3Dp7ReJKc+HFLgIwDA8760GtrQTJW 6N28Yb5j8ST9qGkjBnmJljxCgmOesWM7cDt7sKGg11umU5w5wPYYVKx7xELiGj4G qmCAn24rbw28hqtoWlp3D/eutrRdKRmWEOzM7lPmBjf8oO8JinOjDdUmJJ6uGA4L 5oT2l2eV9uCFaZTp0xw7TcuG+4mKsWn06PZhYHwO9sNRLJYJlrPO1PP7fsr1k1xY e8nIfjuUzP9sx6NBzkGtrwxzrE0/YwUVor3uZkFWazyC9p7ymeDSqVGiD+Z1QeIq FW3qTHk883tEA27RXLSH -----END CERTIFICATE-----Generated at Thu Nov 21 03:21:49 2024 by rpki-client on console-ams.rpki-client.org