$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/C5FFC332641C11EFAEC91A2CC4F9AE02.roa File: C5FFC332641C11EFAEC91A2CC4F9AE02.roa (raw, json) Hash identifier: u4ruZ96aOsEF+VWmoS7WaQkE4RPkVRrBuBKptWViuMM= Subject key identifier: 9A:7B:6F:D9:C0:70:2B:55:53:EC:0B:21:FA:D5:E9:EF:F9:F2:1A:60 Certificate issuer: /CN=A91B4C1B/serialNumber=CEE73A95D5CCEE062E7D5EBA1B5A127052E12538 Certificate serial: 02 Authority key identifier: CE:E7:3A:95:D5:CC:EE:06:2E:7D:5E:BA:1B:5A:12:70:52:E1:25:38 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zuc6ldXM7gYufV66G1oScFLhJTg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/C5FFC332641C11EFAEC91A2CC4F9AE02.roa Signing time: Tue 27 Aug 2024 02:33:42 +0000 ROA not before: Tue 27 Aug 2024 02:33:42 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 153192 IP address blocks: 160.30.76.0/23 maxlen: 23 160.30.76.0/24 maxlen: 24 160.30.77.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/zuc6ldXM7gYufV66G1oScFLhJTg.crl rsync://rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/zuc6ldXM7gYufV66G1oScFLhJTg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zuc6ldXM7gYufV66G1oScFLhJTg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Oct 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4C1B/serialNumber=CEE73A95D5CCEE062E7D5EBA1B5A127052E12538 Validity Not Before: Aug 27 02:33:42 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66cd3b05-9d78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b8:fc:4e:f1:9e:11:9e:98:87:59:05:d2:13: 8e:8a:b7:b5:c9:04:26:fc:66:55:7f:41:c3:92:45: e3:5d:90:94:70:c8:84:56:54:b3:53:31:81:28:50: be:c6:14:5a:66:b9:a7:69:5b:5c:01:31:22:ca:7e: 33:01:ff:38:8d:40:7e:53:4e:38:71:81:07:27:94: 43:01:12:57:60:3f:7a:bc:fd:c3:05:ac:ba:67:30: 2c:ad:e7:8b:3c:42:4f:63:6a:f2:bd:0c:7d:a7:4b: 2b:5c:0e:02:68:98:6c:e0:1d:b5:0c:e1:8b:e5:5f: 9c:42:fe:80:d4:78:86:9c:8a:7a:d6:1d:39:b8:43: df:bb:6c:be:4f:91:08:9e:da:6d:8d:91:0b:1e:f1: 47:ee:13:52:3a:22:72:8e:a7:b6:e5:29:c1:90:d6: 36:36:a8:86:36:6b:85:55:46:14:69:ae:a7:4b:9e: 27:9f:17:86:c5:f9:cf:73:8a:85:5d:76:fb:3f:d8: 55:be:6a:19:d5:cb:e2:e3:fe:25:9e:49:dc:7a:84: 92:48:20:9f:4a:49:f3:55:6a:f3:62:96:5b:16:41: d9:cc:fe:61:50:69:07:e3:05:1e:5a:54:59:7f:2e: 6c:4a:7f:4a:95:d7:a2:79:67:6c:03:9f:51:60:68: 30:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:7B:6F:D9:C0:70:2B:55:53:EC:0B:21:FA:D5:E9:EF:F9:F2:1A:60 X509v3 Authority Key Identifier: keyid:CE:E7:3A:95:D5:CC:EE:06:2E:7D:5E:BA:1B:5A:12:70:52:E1:25:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/zuc6ldXM7gYufV66G1oScFLhJTg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zuc6ldXM7gYufV66G1oScFLhJTg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4C1B/CF3735D0641B11EF9891547FC4F9AE02/C5FFC332641C11EFAEC91A2CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.30.76.0/23 Signature Algorithm: sha256WithRSAEncryption 24:12:f2:44:2d:9c:42:9f:56:84:d6:d7:24:1b:42:50:16:95: d0:00:a4:0b:41:8b:c4:b9:0c:04:92:07:6e:13:64:46:a9:57: 59:ab:10:6c:5f:5f:8d:e9:96:b8:d5:d7:df:8d:29:3b:e1:3e: 98:5c:99:f8:c5:d9:ff:30:9c:62:09:8b:3a:ca:e2:7e:b5:ab: 04:1b:ba:07:e7:33:85:b3:10:3d:c2:33:b1:a4:76:d5:8b:cd: c0:2a:a2:ea:ad:85:07:b7:c5:51:21:02:91:e5:97:07:31:14: 3b:0c:16:e2:17:3b:ce:35:9a:18:c8:4b:fc:1a:f0:49:77:23: 05:4a:31:83:2a:cf:51:0d:9b:2f:64:90:50:72:64:af:85:57: 43:58:41:43:82:b5:2c:70:60:2b:b6:4d:5e:3e:68:e4:18:71: e7:c8:de:18:d2:dd:98:14:c2:85:d9:02:7f:a5:ab:45:0d:eb: 2a:12:22:58:0b:2e:37:55:2a:fd:f9:51:16:92:37:ab:41:fc: 9f:3d:ec:4e:55:15:b8:28:9d:8c:1e:42:74:43:c0:cf:d7:59: 04:37:08:fb:b7:21:2a:13:aa:f6:74:cb:9e:c2:bf:a8:51:df: 1f:49:4f:58:af:46:e7:33:6c:33:e3:93:71:d8:61:e4:b8:a6: 91:6a:34:f1 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NEMxQjExMC8GA1UEBRMoQ0VFNzNBOTVENUNDRUUwNjJFN0Q1RUJBMUI1QTEyNzA1 MkUxMjUzODAeFw0yNDA4MjcwMjMzNDJaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2Y2QzYjA1LTlkNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJuPxO8Z4RnpiHWQXSE46Kt7XJBCb8ZlV/QcOSReNdkJRwyIRWVLNTMYEoUL7G FFpmuadpW1wBMSLKfjMB/ziNQH5TTjhxgQcnlEMBEldgP3q8/cMFrLpnMCyt54s8 Qk9javK9DH2nSytcDgJomGzgHbUM4YvlX5xC/oDUeIacinrWHTm4Q9+7bL5PkQie 2m2NkQse8UfuE1I6InKOp7blKcGQ1jY2qIY2a4VVRhRprqdLniefF4bF+c9zioVd dvs/2FW+ahnVy+Lj/iWeSdx6hJJIIJ9KSfNVavNillsWQdnM/mFQaQfjBR5aVFl/ LmxKf0qV16J5Z2wDn1FgaDB3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUmntv2cBw K1VT7Ash+tXp7/nyGmAwHwYDVR0jBBgwFoAUzuc6ldXM7gYufV66G1oScFLhJTgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0QzFCL0NGMzczNUQwNjQx QjExRUY5ODkxNTQ3RkM0RjlBRTAyL3p1YzZsZFhNN2dZdWZWNjZHMW9TY0ZMaEpU Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvenVjNmxkWE03Z1l1ZlY2Nkcxb1NjRkxoSlRnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NEMxQi9DRjM3MzVEMDY0MUIxMUVGOTg5MTU0N0ZDNEY5QUUwMi9DNUZGQzMzMjY0 MUMxMUVGQUVDOTFBMkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaAeTDANBgkqhkiG9w0BAQsFAAOCAQEAJBLyRC2cQp9WhNbX JBtCUBaV0ACkC0GLxLkMBJIHbhNkRqlXWasQbF9fjemWuNXX340pO+E+mFyZ+MXZ /zCcYgmLOsrifrWrBBu6B+czhbMQPcIzsaR21YvNwCqi6q2FB7fFUSECkeWXBzEU OwwW4hc7zjWaGMhL/BrwSXcjBUoxgyrPUQ2bL2SQUHJkr4VXQ1hBQ4K1LHBgK7ZN Xj5o5Bhx58jeGNLdmBTChdkCf6WrRQ3rKhIiWAsuN1Uq/flRFpI3q0H8nz3sTlUV uCidjB5CdEPAz9dZBDcI+7chKhOq9nTLnsK/qFHfH0lPWK9G5zNsM+OTcdhh5Lim kWo08Q== -----END CERTIFICATE-----Generated at Wed Oct 23 07:33:24 2024 by rpki-client on console-fra.rpki-client.org