$ rpki-client -vvf rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/501D5C12F0F811EDAE504410C4F9AE02.roa File: 501D5C12F0F811EDAE504410C4F9AE02.roa (raw, json) Hash identifier: 2V8LmGfEijF6o1bNlG7LBSmQ9+vATy7AAaOo2YiqfJ8= Subject key identifier: AE:0B:7B:4A:89:65:BF:6E:D5:35:5C:70:AE:30:01:0C:9C:B0:A0:EC Certificate issuer: /CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986 Certificate serial: 0C8B Authority key identifier: C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/501D5C12F0F811EDAE504410C4F9AE02.roa Signing time: Fri 12 May 2023 19:08:01 +0000 ROA not before: Fri 12 May 2023 19:08:01 +0000 ROA not after: Wed 29 May 2024 00:00:00 +0000 asID: 18230 IP address blocks: 59.152.0.0/20 maxlen: 20 59.152.0.0/24 maxlen: 24 59.152.1.0/24 maxlen: 24 59.152.2.0/24 maxlen: 24 59.152.4.0/24 maxlen: 24 59.152.5.0/24 maxlen: 24 59.152.6.0/24 maxlen: 24 59.152.7.0/24 maxlen: 24 59.152.8.0/24 maxlen: 24 59.152.9.0/24 maxlen: 24 59.152.10.0/24 maxlen: 24 59.152.12.0/24 maxlen: 24 59.152.13.0/24 maxlen: 24 59.152.15.0/24 maxlen: 24 2404:1b40::/32 maxlen: 32 2404:1b40::/48 maxlen: 48 2404:1b40:1::/48 maxlen: 48 2404:1b40:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Jul 2023 17:41:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3211 (0xc8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986 Validity Not Before: May 12 19:08:01 2023 GMT Not After : May 29 00:00:00 2024 GMT Subject: CN=645e8e90-c9b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:2d:97:05:31:d3:bc:33:ce:48:de:81:2f:5e: d5:77:39:a1:4f:54:ae:9d:7e:75:5f:53:6b:3f:56: d2:7e:b0:ca:e1:ce:1b:09:1d:d7:7c:0e:1c:0d:b9: 3f:62:16:81:fa:f2:b4:42:fe:fc:8d:63:da:e9:00: a6:06:5f:e7:de:e8:e9:01:c5:a1:c0:51:f5:3a:c8: b9:59:72:85:cc:6a:a6:7f:ca:ea:4c:aa:73:c8:66: ce:f8:f4:15:92:1f:de:32:7e:7b:d9:3d:7d:5d:5f: dd:27:5d:8c:5f:bc:4f:ef:fc:15:db:77:e8:98:be: da:1c:0c:14:27:0f:f3:89:3f:5d:88:58:c8:54:ac: 18:90:9f:dc:72:bd:98:d8:06:1f:5f:95:6c:f1:48: 35:1e:37:b8:c6:85:ce:40:ee:08:75:06:11:1f:57: fe:72:a5:25:22:2b:03:91:4c:90:86:77:cd:c4:cf: 1b:a5:25:28:9f:73:f0:08:29:59:7b:27:92:fe:04: 9a:ff:d7:aa:1f:44:5b:68:9e:d5:a3:b1:69:0f:79: f3:f4:3d:4a:aa:04:ff:45:35:b3:8e:e7:35:dd:cb: bf:57:56:ca:f8:06:bf:4b:8e:35:73:80:eb:a8:e0: ad:6f:f3:ec:a0:1f:b8:2d:1e:51:ec:bb:71:ba:86: a6:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:0B:7B:4A:89:65:BF:6E:D5:35:5C:70:AE:30:01:0C:9C:B0:A0:EC X509v3 Authority Key Identifier: keyid:C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/501D5C12F0F811EDAE504410C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.152.0.0/20 IPv6: 2404:1b40::/32 Signature Algorithm: sha256WithRSAEncryption 16:da:4a:93:28:a6:2b:94:52:14:b8:27:a1:b6:fb:4f:2d:ee: 57:55:d1:8e:b9:22:8c:63:78:2c:19:4f:ed:68:d4:fc:d0:96: 2a:14:6e:d9:13:19:6f:05:c4:76:99:6c:e5:c5:c1:86:03:9f: 93:fd:9f:44:53:67:13:a0:a9:98:de:0e:89:c1:8a:15:06:d4: ff:d5:db:f5:d0:5e:fc:d8:9d:02:8c:6f:b5:5e:db:a8:fd:fb: eb:34:25:db:e5:95:6a:3a:f1:89:fa:fc:81:9f:fa:85:5c:9f: ca:b9:47:2f:55:46:62:08:23:4f:ee:04:9f:e7:4c:4a:61:6a: e6:ea:b2:10:2f:81:63:e8:6c:23:4c:b9:66:93:5f:1e:87:60: 3c:c7:95:42:ee:80:0c:4d:60:63:f4:f9:21:c0:3d:eb:90:fd: d4:ab:b5:a6:83:08:f9:c8:b0:67:da:3c:ef:b4:ce:9a:64:d8: 2a:f5:25:1c:f9:d3:ae:43:1d:a4:a5:63:6c:e7:84:47:9b:d7: 03:65:82:e1:97:46:76:16:a2:6c:cc:ec:3b:93:a3:ee:09:35: d6:be:2c:fb:34:1c:31:e1:32:71:7e:cc:8a:91:d2:50:14:ec: 46:d2:35:bf:dd:20:51:ce:95:4c:5d:e1:f6:15:e8:67:02:19: ed:35:80:11 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICDIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUIwNkMxMTAvBgNVBAUTKEM4MzQ5M0MwMjk3Q0NCNThEMjgzNzk0NkQ2MDYzRjE0 QTdERUU5ODYwHhcNMjMwNTEyMTkwODAxWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD VQQDEw02NDVlOGU5MC1jOWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoC2XBTHTvDPOSN6BL17VdzmhT1SunX51X1NrP1bSfrDK4c4bCR3XfA4cDbk/ YhaB+vK0Qv78jWPa6QCmBl/n3ujpAcWhwFH1Osi5WXKFzGqmf8rqTKpzyGbO+PQV kh/eMn572T19XV/dJ12MX7xP7/wV23fomL7aHAwUJw/ziT9diFjIVKwYkJ/ccr2Y 2AYfX5Vs8Ug1Hje4xoXOQO4IdQYRH1f+cqUlIisDkUyQhnfNxM8bpSUon3PwCClZ eyeS/gSa/9eqH0RbaJ7Vo7FpD3nz9D1KqgT/RTWzjuc13cu/V1bK+Aa/S441c4Dr qOCtb/PsoB+4LR5R7LtxuoamkwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFK4Le0qJ Zb9u1TVccK4wAQycsKDsMB8GA1UdIwQYMBaAFMg0k8ApfMtY0oN5RtYGPxSn3umG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjA2Qy9FOUQ2MkU3NEZF QUUxMUU4OTEwRDRENjZDNEY5QUUwMi95RFNUd0NsOHkxalNnM2xHMWdZX0ZLZmU2 WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lEU1R3Q2w4eTFqU2czbEcxZ1lfRktmZTZZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUIwNkMvRTlENjJFNzRGRUFFMTFFODkxMEQ0RDY2QzRGOUFFMDIvNTAxRDVDMTJG MEY4MTFFREFFNTA0NDEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAQ7mAAwDQQCAAIwBwMFACQEG0AwDQYJKoZIhvcNAQELBQAD ggEBABbaSpMopiuUUhS4J6G2+08t7ldV0Y65IoxjeCwZT+1o1PzQlioUbtkTGW8F xHaZbOXFwYYDn5P9n0RTZxOgqZjeDonBihUG1P/V2/XQXvzYnQKMb7Ve26j9++s0 JdvllWo68Yn6/IGf+oVcn8q5Ry9VRmIII0/uBJ/nTEphaubqshAvgWPobCNMuWaT Xx6HYDzHlULugAxNYGP0+SHAPeuQ/dSrtaaDCPnIsGfaPO+0zppk2Cr1JRz5065D HaSlY2znhEeb1wNlguGXRnYWomzM7DuTo+4JNda+LPs0HDHhMnF+zIqR0lAU7EbS Nb/dIFHOlUxd4fYV6GcCGe01gBE= -----END CERTIFICATE-----Generated at Wed Jul 19 23:23:00 2023 by rpki-client on console-fra.rpki-client.org