$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa File: BD3F9B2CB9F511EEA9136568C4F9AE02.roa (raw, json) Hash identifier: oevlbAavYhdzIM9ldd0+HNp07jRu5g3iCfUc4zR0hWg= Subject key identifier: 6F:E9:3D:0E:EF:BB:D5:E4:EB:CB:DE:CF:F1:2C:EF:A2:34:DD:E6:2E Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Certificate serial: 03B4 Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa Signing time: Tue 05 Nov 2024 07:33:01 +0000 ROA not before: Tue 05 Nov 2024 07:33:01 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 140815 IP address blocks: 157.10.170.0/23 maxlen: 24 157.10.196.0/23 maxlen: 24 157.10.202.0/23 maxlen: 24 157.20.224.0/23 maxlen: 24 157.66.162.0/23 maxlen: 24 157.66.194.0/23 maxlen: 24 157.66.196.0/23 maxlen: 24 160.22.158.0/23 maxlen: 24 160.25.82.0/23 maxlen: 24 160.25.84.0/23 maxlen: 24 160.25.206.0/23 maxlen: 24 160.30.48.0/23 maxlen: 24 160.191.34.0/23 maxlen: 24 160.191.112.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 948 (0x3b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12 Validity Not Before: Nov 5 07:33:01 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=6729ca2d-065d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:ba:33:22:97:59:b2:54:08:d0:b9:05:9c:9e: 63:0c:fa:cc:99:a8:26:ec:fd:d6:a2:5f:b8:55:c8: 99:8f:e0:6c:61:19:78:e0:5e:a8:b9:25:25:12:85: e1:07:47:71:d1:67:bf:0d:d7:3f:8e:bb:d5:4a:45: 65:d3:1e:ec:23:52:bd:6a:f1:a7:f3:a9:d7:b1:62: f9:a0:78:d5:41:e7:42:fe:2d:9f:71:41:79:f1:ba: 00:8c:cc:31:67:bf:9a:bb:ee:1e:f8:17:c3:b6:65: b3:cb:e3:5e:e5:66:6c:1f:dc:ab:e5:01:44:7b:99: 02:ac:37:c7:24:5a:47:43:43:f9:18:20:45:3c:97: 7f:9d:9f:be:d2:f3:ac:23:3f:e2:e6:7b:88:69:11: ee:94:77:90:7d:7a:3a:4a:1e:28:58:53:df:77:18: 66:2a:cc:ac:21:6d:e5:6c:8b:9d:a1:07:11:8e:6c: 05:ee:22:b2:80:85:b7:21:c2:8f:58:26:14:48:77: 70:b1:99:bf:8c:06:9c:14:68:53:5c:d0:73:f6:e2: 46:4f:67:7d:bb:c2:1c:e9:c7:d7:d3:62:6a:4a:9d: fe:c7:b5:2c:f0:11:e7:af:31:62:c8:5b:aa:f0:ef: b9:da:fb:c0:68:3a:83:12:2c:94:4f:22:83:18:66: 8c:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:E9:3D:0E:EF:BB:D5:E4:EB:CB:DE:CF:F1:2C:EF:A2:34:DD:E6:2E X509v3 Authority Key Identifier: keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/BD3F9B2CB9F511EEA9136568C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.10.170.0/23 157.10.196.0/23 157.10.202.0/23 157.20.224.0/23 157.66.162.0/23 157.66.194.0-157.66.197.255 160.22.158.0/23 160.25.82.0-160.25.85.255 160.25.206.0/23 160.30.48.0/23 160.191.34.0/23 160.191.112.0/23 Signature Algorithm: sha256WithRSAEncryption ae:1a:1f:c9:e6:17:bc:ad:1e:b0:53:52:ec:e2:4a:43:71:ec: af:46:c7:4a:b4:14:45:c6:7e:88:27:33:e6:bb:3f:65:bc:c6: 06:67:ce:57:0a:2f:89:4c:09:43:fb:fd:d4:83:bf:4f:05:02: 7b:f6:88:56:e2:8b:bb:04:78:6b:03:bd:f0:2b:ad:71:64:d3: 7a:da:ff:3e:5c:35:58:08:d3:92:8e:c9:ce:e9:ff:ee:e6:4e: d4:e6:7a:46:59:f0:41:7f:38:ad:02:ae:2e:e8:ba:e8:a9:b4: 5f:86:7a:21:20:01:2f:e2:53:f5:f9:f4:92:be:4a:e7:69:ec: fd:a7:28:2d:42:1a:c9:26:69:62:5e:24:dc:53:38:58:10:91: 2e:54:ba:6d:da:72:fc:9c:60:41:e0:aa:5e:f8:87:d6:61:4f: 26:a6:73:05:8f:d5:14:23:31:8b:05:60:93:7d:78:53:97:fe: 77:71:08:94:bb:9e:d6:2e:47:b2:da:38:15:7e:32:c8:a1:c1: 3d:13:43:be:6e:da:c9:a2:1d:6e:ea:07:0d:4e:2b:b2:92:1c: 29:5a:42:60:de:b3:f9:03:ea:c5:0b:7d:e8:2a:89:6c:2a:bc: ef:c2:e2:b2:85:da:73:d6:97:12:48:37:ed:4a:6d:e9:72:99: 77:e1:d2:87 -----BEGIN CERTIFICATE----- MIIFwzCCBKugAwIBAgICA7QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy ODRGODBFMTIwHhcNMjQxMTA1MDczMzAxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzI5Y2EyZC0wNjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzbozIpdZslQI0LkFnJ5jDPrMmagm7P3Wol+4VciZj+BsYRl44F6ouSUlEoXh B0dx0We/Ddc/jrvVSkVl0x7sI1K9avGn86nXsWL5oHjVQedC/i2fcUF58boAjMwx Z7+au+4e+BfDtmWzy+Ne5WZsH9yr5QFEe5kCrDfHJFpHQ0P5GCBFPJd/nZ++0vOs Iz/i5nuIaRHulHeQfXo6Sh4oWFPfdxhmKsysIW3lbIudoQcRjmwF7iKygIW3IcKP WCYUSHdwsZm/jAacFGhTXNBz9uJGT2d9u8Ic6cfX02JqSp3+x7Us8BHnrzFiyFuq 8O+52vvAaDqDEiyUTyKDGGaM3QIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFG/pPQ7v u9Xk68vez/Es76I03eYuMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5 REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQkQzRjlCMkNC OUY1MTFFRUE5MTM2NTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcQYIKwYBBQUHAQcBAf8E YjBgMF4EAgABMFgDBAGdCqoDBAGdCsQDBAGdCsoDBAGdFOADBAGdQqIwDAMEAZ1C wgMEAZ1CxAMEAaAWnjAMAwQBoBlSAwQBoBlUAwQBoBnOAwQBoB4wAwQBoL8iAwQB oL9wMA0GCSqGSIb3DQEBCwUAA4IBAQCuGh/J5he8rR6wU1Ls4kpDceyvRsdKtBRF xn6IJzPmuz9lvMYGZ85XCi+JTAlD+/3Ug79PBQJ79ohW4ou7BHhrA73wK61xZNN6 2v8+XDVYCNOSjsnO6f/u5k7U5npGWfBBfzitAq4u6LroqbRfhnohIAEv4lP1+fSS vkrnaez9pygtQhrJJmliXiTcUzhYEJEuVLpt2nL8nGBB4Kpe+IfWYU8mpnMFj9UU IzGLBWCTfXhTl/53cQiUu57WLkey2jgVfjLIocE9E0O+btrJoh1u6gcNTiuykhwp WkJg3rP5A+rFC33oKolsKrzvwuKyhdpz1pcSSDftSm3pcpl34dKH -----END CERTIFICATE-----Generated at Fri Nov 22 03:53:02 2024 by rpki-client on console-fra.rpki-client.org