$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/3C2596F6EB4911EEB2A62E50C4F9AE02.roa File: 3C2596F6EB4911EEB2A62E50C4F9AE02.roa (raw, json) Hash identifier: TJP11oSnfvD4mF+ENIcQrt9LTUrmu+nmMaV+ZsaTtyg= Subject key identifier: D1:F2:DC:C0:D3:E6:56:A2:A8:DA:15:2A:00:06:8F:D4:6A:A8:7E:15 Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 042A Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/3C2596F6EB4911EEB2A62E50C4F9AE02.roa Signing time: Fri 22 Nov 2024 02:28:41 +0000 ROA not before: Fri 22 Nov 2024 02:28:41 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 45538 IP address blocks: 157.10.198.0/23 maxlen: 24 157.66.81.0/24 maxlen: 24 160.30.112.0/23 maxlen: 24 160.191.248.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 14:32:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1066 (0x42a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: Nov 22 02:28:41 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=673fec59-bdba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:da:dd:fd:ac:ff:9d:8a:75:b0:bc:c5:78:27: 5b:a8:4d:f8:46:1c:c6:40:d8:63:cd:cb:e6:65:9b: 6c:24:73:0f:5b:ef:0e:c3:5a:f3:2e:42:90:67:6b: fa:72:86:01:40:cb:12:2a:25:b5:87:48:6c:70:06: df:b4:50:62:69:83:58:cc:4a:c5:c5:dc:b0:9b:a1: d2:65:79:9d:7f:16:eb:ff:af:36:17:72:70:6b:42: 5c:0d:e0:41:a7:41:99:59:b6:95:d4:59:9c:10:ba: c0:4c:ab:5d:ee:f7:15:09:41:7b:59:a7:da:95:d6: e7:c4:27:d9:e6:de:a0:66:7e:8f:d7:55:c9:16:b4: 0b:f5:a7:c4:2a:29:8d:1f:3a:81:58:22:c1:e1:97: 20:7d:2d:06:35:d9:61:c9:a6:71:2c:6c:3e:92:5c: 08:6d:b9:2d:3e:3d:dd:6b:c7:0e:28:34:f3:df:fd: 64:81:8f:b4:d5:ed:7b:fe:24:85:c4:64:27:dc:c9: 5a:dc:c3:c9:cb:83:46:0d:96:af:15:d5:bd:36:76: 91:b7:c7:ca:07:79:1c:1f:bf:79:04:c5:3a:40:d0: 16:9e:83:34:3a:ce:4f:79:bf:4c:4a:1e:c6:8a:22: a9:78:7c:60:3b:e5:39:12:a7:0d:09:4b:2e:3a:4a: 37:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:F2:DC:C0:D3:E6:56:A2:A8:DA:15:2A:00:06:8F:D4:6A:A8:7E:15 X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/3C2596F6EB4911EEB2A62E50C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.10.198.0/23 157.66.81.0/24 160.30.112.0/23 160.191.248.0/23 Signature Algorithm: sha256WithRSAEncryption af:53:72:e2:9b:9d:19:7a:ec:ca:1b:5e:9c:bc:87:a1:78:62: 92:6b:be:1d:f7:cf:46:06:a0:4e:52:26:9d:aa:95:9b:f2:ce: c0:13:e1:af:00:70:b8:7f:fc:41:c4:9f:b9:bd:92:99:de:4a: f3:99:c3:42:9b:4c:2f:0b:70:90:a4:bf:e1:14:b6:97:4d:14: fc:42:56:e4:54:9c:43:c7:16:b5:a7:9f:6e:0e:9c:1d:2d:2d: 9b:0d:0b:71:a1:44:f9:b3:d4:cf:d6:34:24:df:be:b9:15:4f: f8:e1:4a:b6:52:2a:b8:5f:67:69:88:68:75:3c:8b:4e:30:b2: d9:24:0b:13:56:3a:0b:e5:7c:92:e0:88:0d:24:90:0a:bd:6f: 16:61:42:6f:8d:c8:2c:d8:14:d8:ea:2b:b9:c6:fc:97:51:a7: c1:26:ad:d6:e6:bf:c5:57:81:14:0f:f4:ca:93:d2:d2:bc:11: 7d:19:81:aa:da:8f:bc:d4:34:01:8f:22:ec:ae:77:fb:57:16: 11:3b:d2:6b:4b:d4:55:87:7a:6d:5e:b8:e4:ac:74:e0:2f:e8: b9:9a:b2:6f:fe:83:f3:4f:04:a0:5c:55:36:9c:19:57:71:e5: 48:c9:67:49:ce:8e:7e:72:2b:21:9d:41:85:18:ab:63:b6:5c: 79:75:55:3a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICBCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjQxMTIyMDIyODQxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzNmZWM1OS1iZGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAotrd/az/nYp1sLzFeCdbqE34RhzGQNhjzcvmZZtsJHMPW+8Ow1rzLkKQZ2v6 coYBQMsSKiW1h0hscAbftFBiaYNYzErFxdywm6HSZXmdfxbr/682F3Jwa0JcDeBB p0GZWbaV1FmcELrATKtd7vcVCUF7WafaldbnxCfZ5t6gZn6P11XJFrQL9afEKimN HzqBWCLB4ZcgfS0GNdlhyaZxLGw+klwIbbktPj3da8cOKDTz3/1kgY+01e17/iSF xGQn3Mla3MPJy4NGDZavFdW9NnaRt8fKB3kcH795BMU6QNAWnoM0Os5Peb9MSh7G iiKpeHxgO+U5EqcNCUsuOko3uQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFNHy3MDT 5laiqNoVKgAGj9RqqH4VMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvM0MyNTk2RjZF QjQ5MTFFRUIyQTYyRTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAGdCsYDBACdQlEDBAGgHnADBAGgv/gwDQYJKoZIhvcNAQEL BQADggEBAK9TcuKbnRl67MobXpy8h6F4YpJrvh33z0YGoE5SJp2qlZvyzsAT4a8A cLh//EHEn7m9kpneSvOZw0KbTC8LcJCkv+EUtpdNFPxCVuRUnEPHFrWnn24OnB0t LZsNC3GhRPmz1M/WNCTfvrkVT/jhSrZSKrhfZ2mIaHU8i04wstkkCxNWOgvlfJLg iA0kkAq9bxZhQm+NyCzYFNjqK7nG/JdRp8Emrdbmv8VXgRQP9MqT0tK8EX0Zgara j7zUNAGPIuyud/tXFhE70mtL1FWHem1euOSsdOAv6Lmasm/+g/NPBKBcVTacGVdx 5UjJZ0nOjn5yKyGdQYUYq2O2XHl1VTo= -----END CERTIFICATE-----Generated at Sun Nov 24 17:20:47 2024 by rpki-client on console-fra.rpki-client.org