$ rpki-client -vvf rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/15108EAC5E1011EE87C32570C4F9AE02.roa File: 15108EAC5E1011EE87C32570C4F9AE02.roa (raw, json) Hash identifier: whCaEj8Y9zA6+3DQnD2QStds6cPxOEthZZxPUxXEgAs= Subject key identifier: 6D:38:70:F5:6D:40:43:7D:1C:C2:0C:88:1C:40:35:55:7F:1D:D5:B0 Certificate issuer: /CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986 Certificate serial: 0CF1 Authority key identifier: C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/15108EAC5E1011EE87C32570C4F9AE02.roa Signing time: Mon 02 Oct 2023 07:19:06 +0000 ROA not before: Mon 02 Oct 2023 07:19:06 +0000 ROA not after: Wed 29 May 2024 00:00:00 +0000 asID: 18230 IP address blocks: 59.152.8.0/24 maxlen: 24 59.152.9.0/24 maxlen: 24 59.152.10.0/24 maxlen: 24 59.152.11.0/24 maxlen: 24 59.152.12.0/24 maxlen: 24 59.152.13.0/24 maxlen: 24 59.152.15.0/24 maxlen: 24 2404:1b40::/32 maxlen: 32 2404:1b40::/48 maxlen: 48 2404:1b40:1::/48 maxlen: 48 2404:1b40:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 14 Feb 2024 15:08:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3313 (0xcf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986 Validity Not Before: Oct 2 07:19:06 2023 GMT Not After : May 29 00:00:00 2024 GMT Subject: CN=651a6ee9-4989 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e5:f0:44:02:52:ad:f4:7e:01:9b:63:35:0d: b1:69:f4:df:61:8a:61:25:3e:96:98:cb:06:e0:7e: df:80:0b:cd:c4:1b:72:10:53:b0:a7:09:1a:0c:9f: 88:c4:8c:75:8a:04:40:b0:53:ad:65:0f:29:6e:7c: 2e:bd:ca:1c:9f:99:9f:2f:78:32:e6:b3:92:0b:3f: ec:97:c4:d0:9d:1d:9a:7a:d5:93:ea:32:e4:bf:5d: 85:4c:33:0b:40:c5:40:30:a6:71:0a:e8:88:47:bd: 53:6f:29:26:d7:73:38:35:9a:95:37:26:45:07:90: 6d:42:64:ce:60:06:06:ad:cf:ce:e4:56:e7:3c:21: 31:81:c6:ea:d5:84:db:e6:4f:70:ed:fc:7c:eb:37: ae:11:7d:cb:6f:df:0c:f5:8b:28:cb:cc:00:f9:6e: d8:c4:10:ef:96:27:22:53:0e:35:59:14:bf:82:bf: 9a:59:7a:db:d9:17:0b:d5:5f:f0:f5:e8:a0:2f:cc: 16:94:09:53:ff:25:65:9d:ca:0b:48:2b:7f:f4:4c: bc:e0:bf:e0:0f:8f:d2:ec:a6:c9:79:f0:c1:d4:90: f2:bc:9f:06:ad:8c:6d:83:a1:b7:cb:4e:d5:26:fe: 5a:9a:72:89:ca:7d:14:0c:3c:20:3a:6a:fe:53:c2: 03:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:38:70:F5:6D:40:43:7D:1C:C2:0C:88:1C:40:35:55:7F:1D:D5:B0 X509v3 Authority Key Identifier: keyid:C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/15108EAC5E1011EE87C32570C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.152.8.0-59.152.13.255 59.152.15.0/24 IPv6: 2404:1b40::/32 Signature Algorithm: sha256WithRSAEncryption 10:09:52:96:31:84:02:9d:e5:b0:41:86:18:9d:d3:30:5c:7a: 81:16:b0:10:1a:cd:ee:bd:48:a4:83:c4:25:80:45:c0:47:81: a8:1c:a3:5d:df:90:3f:01:4f:a4:61:4e:2a:e1:46:90:05:db: 9d:a6:70:b0:30:57:de:8c:fd:85:e9:4a:d8:a3:bc:5c:4f:c2: d2:e4:62:5d:4a:ba:71:3f:d4:8a:9d:34:04:7c:ff:dd:19:9c: bf:65:86:72:4e:05:e6:67:b2:d4:bb:ba:aa:f3:b3:c5:9b:c7: bd:64:d9:3a:79:ba:ad:9f:4f:73:0c:4e:d9:a1:85:f2:b8:ff: 3e:76:a2:14:3a:03:77:c0:de:15:a0:92:a8:69:34:6b:bb:41: 8d:bf:6c:1e:5e:4e:54:8e:09:c0:06:6b:26:f7:2f:4e:bd:ba: 3c:c2:18:cf:3d:91:fd:cf:45:b2:5a:2b:3a:8d:98:fa:e1:6c: b6:22:fc:37:89:b5:14:62:ea:b0:5d:f3:75:5b:c9:ba:f1:b6: 28:a5:c6:d3:29:25:db:a2:c2:e1:af:4c:cf:3c:9a:88:a8:a1: e1:1c:e0:81:7e:80:03:3b:db:c6:e0:a7:04:2c:04:97:8e:68: a5:3a:62:6c:e8:56:24:39:64:5b:b3:13:1a:e1:f8:c6:06:22: c4:7d:3e:91 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgICDPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUIwNkMxMTAvBgNVBAUTKEM4MzQ5M0MwMjk3Q0NCNThEMjgzNzk0NkQ2MDYzRjE0 QTdERUU5ODYwHhcNMjMxMDAyMDcxOTA2WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD VQQDEw02NTFhNmVlOS00OTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw+XwRAJSrfR+AZtjNQ2xafTfYYphJT6WmMsG4H7fgAvNxBtyEFOwpwkaDJ+I xIx1igRAsFOtZQ8pbnwuvcocn5mfL3gy5rOSCz/sl8TQnR2aetWT6jLkv12FTDML QMVAMKZxCuiIR71Tbykm13M4NZqVNyZFB5BtQmTOYAYGrc/O5FbnPCExgcbq1YTb 5k9w7fx86zeuEX3Lb98M9Ysoy8wA+W7YxBDvliciUw41WRS/gr+aWXrb2RcL1V/w 9eigL8wWlAlT/yVlncoLSCt/9Ey84L/gD4/S7KbJefDB1JDyvJ8GrYxtg6G3y07V Jv5amnKJyn0UDDwgOmr+U8IDRwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFG04cPVt QEN9HMIMiBxANVV/HdWwMB8GA1UdIwQYMBaAFMg0k8ApfMtY0oN5RtYGPxSn3umG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjA2Qy9FOUQ2MkU3NEZF QUUxMUU4OTEwRDRENjZDNEY5QUUwMi95RFNUd0NsOHkxalNnM2xHMWdZX0ZLZmU2 WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lEU1R3Q2w4eTFqU2czbEcxZ1lfRktmZTZZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUIwNkMvRTlENjJFNzRGRUFFMTFFODkxMEQ0RDY2QzRGOUFFMDIvMTUxMDhFQUM1 RTEwMTFFRTg3QzMyNTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E LTArMBoEAgABMBQwDAMEAzuYCAMEATuYDAMEADuYDzANBAIAAjAHAwUAJAQbQDAN BgkqhkiG9w0BAQsFAAOCAQEAEAlSljGEAp3lsEGGGJ3TMFx6gRawEBrN7r1IpIPE JYBFwEeBqByjXd+QPwFPpGFOKuFGkAXbnaZwsDBX3oz9helK2KO8XE/C0uRiXUq6 cT/Uip00BHz/3Rmcv2WGck4F5mey1Lu6qvOzxZvHvWTZOnm6rZ9PcwxO2aGF8rj/ PnaiFDoDd8DeFaCSqGk0a7tBjb9sHl5OVI4JwAZrJvcvTr26PMIYzz2R/c9Fslor Oo2Y+uFstiL8N4m1FGLqsF3zdVvJuvG2KKXG0ykl26LC4a9MzzyaiKih4RzggX6A AzvbxuCnBCwEl45opTpibOhWJDlkW7MTGuH4xgYixH0+kQ== -----END CERTIFICATE-----Generated at Wed Feb 7 20:39:47 2024 by rpki-client on console-ams.rpki-client.org