$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/4C3A869614DF11EEAB46A86DC4F9AE02.roa File: 4C3A869614DF11EEAB46A86DC4F9AE02.roa (raw, json) Hash identifier: 5lFgcyDbE0vFu9KIfC8bZV0EZn0X+DwTY3qN8a6qiYk= Subject key identifier: 76:9A:AD:10:86:4E:AA:D2:A0:2E:D5:B8:AC:69:C9:00:0C:7B:95:9D Certificate issuer: /CN=A91A4B1A/serialNumber=9858CE4B4BC72E76E668C47D44898C090896ABEB Certificate serial: CF Authority key identifier: 98:58:CE:4B:4B:C7:2E:76:E6:68:C4:7D:44:89:8C:09:08:96:AB:EB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mFjOS0vHLnbmaMR9RImMCQiWq-s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/4C3A869614DF11EEAB46A86DC4F9AE02.roa Signing time: Thu 28 Dec 2023 16:33:40 +0000 ROA not before: Thu 28 Dec 2023 16:33:40 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 2511 IP address blocks: 192.5.216.0/24 maxlen: 24 192.26.94.0/24 maxlen: 24 192.47.167.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/mFjOS0vHLnbmaMR9RImMCQiWq-s.crl rsync://rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/mFjOS0vHLnbmaMR9RImMCQiWq-s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mFjOS0vHLnbmaMR9RImMCQiWq-s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 207 (0xcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4B1A/serialNumber=9858CE4B4BC72E76E668C47D44898C090896ABEB Validity Not Before: Dec 28 16:33:40 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=658da364-7b9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:4d:01:7e:00:54:b7:70:8c:67:61:46:6c:de: f5:29:95:da:2f:08:41:b8:59:f6:86:13:80:26:12: df:b4:87:11:bf:25:9d:e3:b8:ec:3a:0a:be:b0:bb: 13:3f:1a:a7:7a:a8:38:ba:98:f3:72:a3:7e:ff:69: a5:02:09:33:7d:93:ee:8c:a4:00:66:36:d2:35:32: 37:e0:1a:eb:3e:11:c4:bc:30:c0:6a:23:8d:78:a4: f2:2f:87:23:c5:56:02:77:f1:c0:4f:7d:c3:bb:d1: 28:75:6e:be:b0:02:88:d0:41:5c:d2:5a:98:07:07: e0:a6:2e:bc:93:9a:4e:63:83:7b:05:e8:27:5c:8b: 1c:e0:94:69:b1:8e:cf:08:2b:a0:52:a6:94:e9:4e: 21:fb:03:5d:2d:85:ae:fd:1c:ea:4d:cc:7b:e3:85: a6:17:c1:83:fc:42:4d:2a:95:7c:f3:f3:07:ce:5e: 96:5e:e3:a0:a3:d8:4e:e9:30:e9:b3:79:87:41:d2: c5:f2:1a:a7:d8:43:0e:04:32:be:2e:cb:fa:ea:9c: cc:15:ec:f6:29:5c:52:0f:a0:e8:95:bc:10:cb:33: 32:4c:5c:89:23:c8:c9:83:f0:9c:2b:a9:f7:b1:ef: 1b:d6:bd:8a:66:79:30:59:e3:5c:a1:4f:65:df:b8: 7a:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:9A:AD:10:86:4E:AA:D2:A0:2E:D5:B8:AC:69:C9:00:0C:7B:95:9D X509v3 Authority Key Identifier: keyid:98:58:CE:4B:4B:C7:2E:76:E6:68:C4:7D:44:89:8C:09:08:96:AB:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/mFjOS0vHLnbmaMR9RImMCQiWq-s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mFjOS0vHLnbmaMR9RImMCQiWq-s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B1A/B45F3FC4819A11ED8D61BA2BC4F9AE02/4C3A869614DF11EEAB46A86DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.5.216.0/24 192.26.94.0/24 192.47.167.0/24 Signature Algorithm: sha256WithRSAEncryption 30:14:43:ed:e5:c4:4e:e7:0b:ad:e6:7f:f8:4d:7e:bb:4a:40: 0b:cb:d3:48:26:11:15:30:99:0d:4d:15:78:e2:7f:19:73:8b: e6:06:a8:d3:a8:39:17:a7:7a:be:4e:bd:6d:d8:06:e9:02:d1: f0:93:d0:1c:09:93:b0:7c:52:3e:2e:23:b2:1c:1c:af:ce:dd: 73:25:4b:12:73:36:85:c6:31:74:d7:51:e9:a5:bc:e3:32:39: 7d:11:03:48:82:4f:a9:27:ae:7c:37:54:f4:09:c9:7d:08:0b: 29:8e:01:dc:36:82:9c:5b:91:f9:a1:61:4c:a5:ea:78:d9:61: f8:22:45:ff:f8:cf:12:b9:c2:6e:ce:a8:42:4d:02:f1:1c:99: fa:63:fe:22:c7:b4:32:09:8c:ee:24:3b:84:0c:9c:f6:ad:16: 07:ae:a0:97:6e:97:4a:0b:40:9a:c2:89:23:e9:5b:12:5c:79: 9b:06:aa:ac:3c:74:56:a6:81:ab:98:b2:5e:14:8d:fb:ca:69: 3b:40:a0:f0:d9:62:a2:d5:af:1a:6e:b7:fb:96:ed:bd:db:80: ef:6a:c6:a8:3e:eb:50:9b:a2:fb:ee:ec:77:cc:4e:40:c0:b1: f0:55:72:62:94:bd:3c:7b:b3:df:0b:f6:57:fa:da:e5:01:3a: 48:26:b5:d8 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRCMUExMTAvBgNVBAUTKDk4NThDRTRCNEJDNzJFNzZFNjY4QzQ3RDQ0ODk4QzA5 MDg5NkFCRUIwHhcNMjMxMjI4MTYzMzQwWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NThkYTM2NC03YjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4k0BfgBUt3CMZ2FGbN71KZXaLwhBuFn2hhOAJhLftIcRvyWd47jsOgq+sLsT Pxqneqg4upjzcqN+/2mlAgkzfZPujKQAZjbSNTI34BrrPhHEvDDAaiONeKTyL4cj xVYCd/HAT33Du9EodW6+sAKI0EFc0lqYBwfgpi68k5pOY4N7BegnXIsc4JRpsY7P CCugUqaU6U4h+wNdLYWu/RzqTcx744WmF8GD/EJNKpV88/MHzl6WXuOgo9hO6TDp s3mHQdLF8hqn2EMOBDK+Lsv66pzMFez2KVxSD6DolbwQyzMyTFyJI8jJg/CcK6n3 se8b1r2KZnkwWeNcoU9l37h6gwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHaarRCG TqrSoC7VuKxpyQAMe5WdMB8GA1UdIwQYMBaAFJhYzktLxy525mjEfUSJjAkIlqvr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIxQS9CNDVGM0ZDNDgx OUExMUVEOEQ2MUJBMkJDNEY5QUUwMi9tRmpPUzB2SExuYm1hTVI5UkltTUNRaVdx LXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL21Gak9TMHZITG5ibWFNUjlSSW1NQ1FpV3Etcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRCMUEvQjQ1RjNGQzQ4MTlBMTFFRDhENjFCQTJCQzRGOUFFMDIvNEMzQTg2OTYx NERGMTFFRUFCNDZBODZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgABMBIDBADABdgDBADAGl4DBADAL6cwDQYJKoZIhvcNAQELBQADggEB ADAUQ+3lxE7nC63mf/hNfrtKQAvL00gmERUwmQ1NFXjifxlzi+YGqNOoORener5O vW3YBukC0fCT0BwJk7B8Uj4uI7IcHK/O3XMlSxJzNoXGMXTXUemlvOMyOX0RA0iC T6knrnw3VPQJyX0ICymOAdw2gpxbkfmhYUyl6njZYfgiRf/4zxK5wm7OqEJNAvEc mfpj/iLHtDIJjO4kO4QMnPatFgeuoJdul0oLQJrCiSPpWxJceZsGqqw8dFamgauY sl4UjfvKaTtAoPDZYqLVrxput/uW7b3bgO9qxqg+61Cbovvu7HfMTkDAsfBVcmKU vTx7s98L9lf62uUBOkgmtdg= -----END CERTIFICATE-----Generated at Fri May 10 17:11:03 2024 by rpki-client on console-fra.rpki-client.org