$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/C19C2720CA2711EE82C12B0CC4F9AE02.roa File: C19C2720CA2711EE82C12B0CC4F9AE02.roa (raw, json) Hash identifier: VHJTWsm4wzJziIer/htU6hv3gqL/KMd1K2nOD3+RJsA= Subject key identifier: 9B:0A:13:0A:0D:6C:BF:30:A1:65:05:95:58:4D:AB:14:E4:B8:C5:6F Certificate issuer: /CN=A91CD1A2/serialNumber=C3E200D4005D9A23E4BFAEAE0EDB72EA43F1D096 Certificate serial: 7D Authority key identifier: C3:E2:00:D4:00:5D:9A:23:E4:BF:AE:AE:0E:DB:72:EA:43:F1:D0:96 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w-IA1ABdmiPkv66uDtty6kPx0JY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/C19C2720CA2711EE82C12B0CC4F9AE02.roa Signing time: Thu 03 Oct 2024 05:09:25 +0000 ROA not before: Thu 03 Oct 2024 05:09:25 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 136582 IP address blocks: 157.15.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/w-IA1ABdmiPkv66uDtty6kPx0JY.crl rsync://rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/w-IA1ABdmiPkv66uDtty6kPx0JY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w-IA1ABdmiPkv66uDtty6kPx0JY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 125 (0x7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD1A2/serialNumber=C3E200D4005D9A23E4BFAEAE0EDB72EA43F1D096 Validity Not Before: Oct 3 05:09:25 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66fe2705-5499 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:c2:0d:62:d1:e0:e4:5a:53:a2:08:2d:9a:bd: ed:a7:d9:5e:59:81:4a:01:bd:88:68:27:b0:91:62: 7d:53:d6:17:ae:30:31:28:92:ce:a5:f2:0c:98:cb: a9:51:c6:d6:47:01:38:39:1f:26:a7:51:1d:b1:12: a8:2a:a9:10:44:5f:a1:20:ee:d0:10:ec:63:47:eb: 68:fa:05:2f:61:cc:b1:da:3c:a5:b9:37:d8:04:28: 24:57:b1:a6:2e:c6:95:7f:08:f7:c7:1b:ac:9b:f9: 36:e6:32:49:65:ed:9f:bb:cf:40:e2:1b:af:43:a5: 65:c3:26:fc:ae:61:8b:68:d6:14:40:39:d0:98:32: 27:92:1a:2c:cf:b2:71:3f:7d:3d:bc:1d:53:87:b8: 08:d8:2a:60:f7:0b:85:e2:c3:6d:a0:4c:ff:38:f1: 5b:87:e6:2e:34:b3:4e:1e:ba:6e:46:8f:74:64:42: bc:9d:32:ce:f6:66:99:b1:8e:57:a7:aa:9f:24:8a: 74:52:a4:79:4d:d2:ab:f8:34:8a:fc:3b:a8:e8:dc: 73:07:de:8a:b2:3c:4f:d9:b6:76:74:65:28:f0:f5: 21:d1:16:d9:b0:6e:27:ff:c1:25:25:c4:4e:9f:0e: 77:50:c8:f0:c7:ba:48:b8:9a:a8:e4:9c:8e:a3:f9: 57:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:0A:13:0A:0D:6C:BF:30:A1:65:05:95:58:4D:AB:14:E4:B8:C5:6F X509v3 Authority Key Identifier: keyid:C3:E2:00:D4:00:5D:9A:23:E4:BF:AE:AE:0E:DB:72:EA:43:F1:D0:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/w-IA1ABdmiPkv66uDtty6kPx0JY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w-IA1ABdmiPkv66uDtty6kPx0JY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD1A2/1A1E3DE4C9FA11EE83F5B029C4F9AE02/C19C2720CA2711EE82C12B0CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.15.225.0/24 Signature Algorithm: sha256WithRSAEncryption 92:91:15:92:17:7d:b7:c9:97:1a:1b:5a:23:67:3f:c3:d2:9e: e3:b9:04:b4:58:e5:29:68:c7:7b:aa:dd:ca:fc:ff:ac:4c:85: be:15:b7:9f:6f:4b:28:30:57:af:1f:5f:bf:61:71:c6:2a:37: 50:2a:00:08:3d:b9:fe:84:53:e4:0d:9c:d7:a2:b2:93:8e:30: f1:45:46:db:ec:43:53:3a:9e:9c:69:89:2f:fa:83:58:06:78: 75:04:69:9f:e2:ec:78:a9:72:17:61:4f:09:fb:3d:8c:d8:c3: 55:cf:44:69:3c:20:00:63:af:7c:ed:ad:28:36:0e:cd:41:50: 02:8a:57:02:51:ce:22:c2:76:b0:d0:79:42:81:2a:02:ca:ef: f2:0a:5c:7f:ed:3d:32:98:f8:35:a0:0d:e6:78:7c:e7:23:1b: 0a:cc:5f:eb:83:04:b1:83:c1:5c:32:71:b2:b7:4b:86:bd:fa: 4e:ad:34:90:7e:8c:db:2d:a7:31:bd:69:a7:23:8d:41:43:e1: 59:bb:ba:58:e6:15:cc:7d:62:7e:33:3f:a3:d1:bc:49:3f:eb: ce:a5:f8:b3:ab:ee:13:ad:e7:01:6d:96:8d:f8:21:21:04:50: a8:76:e7:00:2e:1d:c5:c6:95:f2:5e:18:26:ec:34:36:0a:bc: b3:5f:d8:9f -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBfTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RDFBMjExMC8GA1UEBRMoQzNFMjAwRDQwMDVEOUEyM0U0QkZBRUFFMEVEQjcyRUE0 M0YxRDA5NjAeFw0yNDEwMDMwNTA5MjVaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2ZmUyNzA1LTU0OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD6wg1i0eDkWlOiCC2ave2n2V5ZgUoBvYhoJ7CRYn1T1heuMDEoks6l8gyYy6lR xtZHATg5HyanUR2xEqgqqRBEX6Eg7tAQ7GNH62j6BS9hzLHaPKW5N9gEKCRXsaYu xpV/CPfHG6yb+TbmMkll7Z+7z0DiG69DpWXDJvyuYYto1hRAOdCYMieSGizPsnE/ fT28HVOHuAjYKmD3C4Xiw22gTP848VuH5i40s04eum5Gj3RkQrydMs72Zpmxjlen qp8kinRSpHlN0qv4NIr8O6jo3HMH3oqyPE/ZtnZ0ZSjw9SHRFtmwbif/wSUlxE6f DndQyPDHuki4mqjknI6j+VczAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUmwoTCg1s vzChZQWVWE2rFOS4xW8wHwYDVR0jBBgwFoAUw+IA1ABdmiPkv66uDtty6kPx0JYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNEMUEyLzFBMUUzREU0QzlG QTExRUU4M0Y1QjAyOUM0RjlBRTAyL3ctSUExQUJkbWlQa3Y2NnVEdHR5NmtQeDBK WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdy1JQTFBQmRtaVBrdjY2dUR0dHk2a1B4MEpZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDFBMi8xQTFFM0RFNEM5RkExMUVFODNGNUIwMjlDNEY5QUUwMi9DMTlDMjcyMENB MjcxMUVFODJDMTJCMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAJ0P4TANBgkqhkiG9w0BAQsFAAOCAQEAkpEVkhd9t8mXGhta I2c/w9Ke47kEtFjlKWjHe6rdyvz/rEyFvhW3n29LKDBXrx9fv2Fxxio3UCoACD25 /oRT5A2c16Kyk44w8UVG2+xDUzqenGmJL/qDWAZ4dQRpn+LseKlyF2FPCfs9jNjD Vc9EaTwgAGOvfO2tKDYOzUFQAopXAlHOIsJ2sNB5QoEqAsrv8gpcf+09Mpj4NaAN 5nh85yMbCsxf64MEsYPBXDJxsrdLhr36Tq00kH6M2y2nMb1ppyONQUPhWbu6WOYV zH1ifjM/o9G8ST/rzqX4s6vuE63nAW2WjfghIQRQqHbnAC4dxcaV8l4YJuw0Ngq8 s1/Ynw== -----END CERTIFICATE-----Generated at Thu Nov 21 05:06:05 2024 by rpki-client on console-fra.rpki-client.org