$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa File: B10F5E8E557511EF9F54A83AC4F9AE02.roa (raw, json) Hash identifier: 9ouI2ir3UDLJZBNgzvNVJU3XlhjCNA/Di9+fPMk5VYw= Subject key identifier: F3:DF:35:75:FC:22:08:1B:76:B8:98:98:5E:48:EC:6D:5A:A6:C2:61 Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 042C Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa Signing time: Fri 22 Nov 2024 02:30:28 +0000 ROA not before: Fri 22 Nov 2024 02:30:28 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 135918 IP address blocks: 157.66.100.0/23 maxlen: 23 157.66.218.0/23 maxlen: 23 160.22.122.0/23 maxlen: 23 160.25.232.0/23 maxlen: 23 160.191.48.0/23 maxlen: 23 160.191.50.0/23 maxlen: 23 160.191.236.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1068 (0x42c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: Nov 22 02:30:28 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=673fecc4-8390 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1b:9b:11:83:c0:bd:c5:0f:b7:44:1e:9e:00: 54:5c:4f:fe:09:66:ae:bf:a7:9e:0e:3b:8f:fa:d5: e6:37:e2:22:49:78:f8:f7:93:de:dc:9d:b9:05:ae: 20:85:23:d0:d8:e3:9b:d5:31:9f:d9:17:c6:f3:73: 30:6e:8a:5c:0b:d3:b6:5d:bf:99:f1:28:9f:6d:3a: 21:2f:02:6b:b8:ff:77:c8:bb:78:d2:8f:59:0c:0e: 3c:f3:06:0a:b1:3d:7d:53:fa:82:74:9e:84:8f:9a: 53:44:6a:e7:95:71:98:7e:92:53:00:b3:df:4b:82: 30:aa:33:0c:4d:41:32:7b:da:5c:72:9d:f7:77:8e: 16:a5:bf:7f:d2:26:73:c3:e7:ad:e3:ed:61:50:25: af:0e:e9:bd:24:27:36:27:d9:2d:bf:1e:7b:c1:42: e0:a7:6d:0c:bf:d0:5a:2a:da:1f:7a:3d:97:92:53: 9e:1c:7e:48:e0:3d:5d:af:03:9a:8c:da:56:6b:38: b2:17:ff:aa:fc:a4:44:97:0e:93:49:1d:a0:52:94: d5:3f:82:39:5a:6c:83:a5:2b:32:72:19:7d:6f:4f: 15:90:07:c2:bd:b4:a0:0a:fd:2f:dd:0a:2a:2d:0f: 7b:cc:02:2b:fe:16:6d:e6:8b:d5:d3:e5:df:88:c3: 32:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:DF:35:75:FC:22:08:1B:76:B8:98:98:5E:48:EC:6D:5A:A6:C2:61 X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.66.100.0/23 157.66.218.0/23 160.22.122.0/23 160.25.232.0/23 160.191.48.0/22 160.191.236.0/23 Signature Algorithm: sha256WithRSAEncryption 75:7b:f9:a8:eb:e4:44:b4:84:24:fa:c4:6e:12:fc:c2:80:f0: df:1a:3d:fb:49:68:3e:c0:ee:7a:9f:71:a3:69:e7:57:ac:09: a3:83:88:51:c5:c8:43:3b:c0:83:6a:c7:ae:4e:4c:9f:27:40: 47:6c:47:aa:17:c2:ed:69:84:7b:19:17:af:26:2a:3d:c5:cd: 2a:11:42:62:5e:39:99:59:86:42:92:e7:f6:14:30:3d:2d:ac: 51:f7:94:e3:bf:52:96:00:6b:d5:8f:ee:c4:fd:8c:f4:6a:99: 01:dd:db:35:d9:10:05:67:26:df:16:b2:b2:77:b0:ca:2b:be: b4:00:23:cb:5c:19:15:5a:5c:39:c5:be:f5:b2:28:b6:26:63: f1:7c:6a:6e:94:0a:53:ea:e0:e7:1b:78:28:b8:85:49:a0:9a: e1:ea:80:3c:fb:f7:51:c3:5e:0c:6b:d5:43:51:a4:5b:29:9f: 02:1b:7d:67:04:47:20:27:a8:16:cf:77:9d:05:bf:6c:73:d4: 71:6e:75:83:6e:62:db:2f:e9:33:ab:cf:4d:61:c5:76:0e:f6: 03:e0:60:a3:b6:1d:72:62:bb:68:fe:a6:e4:f9:6c:92:45:fc: 64:52:5b:77:08:02:93:67:70:fb:80:50:7b:d6:a4:ad:09:da: 1f:a2:c3:e7 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICBCwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjQxMTIyMDIzMDI4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzNmZWNjNC04MzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArxubEYPAvcUPt0QengBUXE/+CWauv6eeDjuP+tXmN+IiSXj495Pe3J25Ba4g hSPQ2OOb1TGf2RfG83MwbopcC9O2Xb+Z8SifbTohLwJruP93yLt40o9ZDA488wYK sT19U/qCdJ6Ej5pTRGrnlXGYfpJTALPfS4IwqjMMTUEye9pccp33d44Wpb9/0iZz w+et4+1hUCWvDum9JCc2J9ktvx57wULgp20Mv9BaKtofej2XklOeHH5I4D1drwOa jNpWaziyF/+q/KRElw6TSR2gUpTVP4I5WmyDpSsychl9b08VkAfCvbSgCv0v3Qoq LQ97zAIr/hZt5ovV0+XfiMMyzQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFPPfNXX8 IggbdriYmF5I7G1apsJhMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQjEwRjVFOEU1 NTc1MTFFRjlGNTRBODNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAGdQmQDBAGdQtoDBAGgFnoDBAGgGegDBAKgvzADBAGgv+ww DQYJKoZIhvcNAQELBQADggEBAHV7+ajr5ES0hCT6xG4S/MKA8N8aPftJaD7A7nqf caNp51esCaODiFHFyEM7wINqx65OTJ8nQEdsR6oXwu1phHsZF68mKj3FzSoRQmJe OZlZhkKS5/YUMD0trFH3lOO/UpYAa9WP7sT9jPRqmQHd2zXZEAVnJt8WsrJ3sMor vrQAI8tcGRVaXDnFvvWyKLYmY/F8am6UClPq4OcbeCi4hUmgmuHqgDz791HDXgxr 1UNRpFspnwIbfWcERyAnqBbPd50Fv2xz1HFudYNuYtsv6TOrz01hxXYO9gPgYKO2 HXJiu2j+puT5bJJF/GRSW3cIApNncPuAUHvWpK0J2h+iw+c= -----END CERTIFICATE-----Generated at Fri Nov 22 04:05:36 2024 by rpki-client on console-ams.rpki-client.org