$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6DBD/F9C0E11E790911EE99EDD11FC4F9AE02/72F76026790A11EE88F94A29C4F9AE02.roa File: 72F76026790A11EE88F94A29C4F9AE02.roa (raw, json) Hash identifier: M5okbmPskJKDVlJwduPye0T0WluK6gpVPBIELGmRiL0= Subject key identifier: A2:40:92:6F:39:5B:9D:1D:D4:96:29:9F:15:C3:C6:37:10:59:62:BF Certificate issuer: /CN=A91D6DBD/serialNumber=272D71AD62645775CCDFBB5770478E5943EA6595 Certificate serial: 0B Authority key identifier: 27:2D:71:AD:62:64:57:75:CC:DF:BB:57:70:47:8E:59:43:EA:65:95 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Jy1xrWJkV3XM37tXcEeOWUPqZZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D6DBD/F9C0E11E790911EE99EDD11FC4F9AE02/72F76026790A11EE88F94A29C4F9AE02.roa Signing time: Wed 01 Nov 2023 23:39:12 +0000 ROA not before: Wed 01 Nov 2023 23:39:12 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 9792 IP address blocks: 192.65.182.0/24 maxlen: 24 192.160.169.0/24 maxlen: 24 192.160.170.0/24 maxlen: 24 198.22.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D6DBD/F9C0E11E790911EE99EDD11FC4F9AE02/Jy1xrWJkV3XM37tXcEeOWUPqZZU.crl rsync://rpki.apnic.net/member_repository/A91D6DBD/F9C0E11E790911EE99EDD11FC4F9AE02/Jy1xrWJkV3XM37tXcEeOWUPqZZU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Jy1xrWJkV3XM37tXcEeOWUPqZZU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 04:52:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D6DBD/serialNumber=272D71AD62645775CCDFBB5770478E5943EA6595 Validity Not Before: Nov 1 23:39:12 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=6542e1a0-7b49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7a:87:76:79:5d:8c:cf:48:0b:71:7d:e2:d0: ba:dc:9b:91:db:f0:1f:d4:4e:af:67:dd:96:3b:ef: 2d:30:7f:d2:bb:17:d2:dd:97:e0:64:8c:a6:73:87: 84:00:3d:da:6a:df:46:d9:df:1e:be:23:66:4c:83: ae:c6:2e:74:c7:d3:ed:cf:dd:2d:e1:9c:da:b8:a7: dd:f4:9a:66:24:ff:6c:cc:e8:e8:1d:b0:7c:7f:94: 3f:17:ed:ef:fc:c4:74:99:52:b6:ea:ef:7f:86:e4: ba:1b:01:c1:fc:8a:55:bb:d4:e3:06:6a:38:15:d7: 11:27:2c:54:bc:81:4c:ee:9d:24:93:b1:0a:2d:14: ed:c6:10:3a:c6:9f:14:17:19:ed:f9:4e:be:61:23: d2:4e:36:ca:3f:ec:0a:9d:dc:16:c9:90:99:bb:91: 53:aa:bb:8e:f1:0e:27:1b:27:f7:09:fe:2d:e7:f1: c6:f6:44:66:07:95:2b:f9:71:16:4b:74:6b:12:3c: 02:87:ab:e0:d5:1a:c4:e8:c4:6b:50:79:7b:50:28: b8:bb:e5:4e:45:c0:9d:45:d9:59:af:f8:84:d3:28: 9b:cc:6f:5c:52:bb:7f:db:1d:fa:8a:79:31:5f:c1: b0:61:e1:21:05:24:81:95:8b:b2:b1:48:7d:6b:cb: b3:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:40:92:6F:39:5B:9D:1D:D4:96:29:9F:15:C3:C6:37:10:59:62:BF X509v3 Authority Key Identifier: keyid:27:2D:71:AD:62:64:57:75:CC:DF:BB:57:70:47:8E:59:43:EA:65:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D6DBD/F9C0E11E790911EE99EDD11FC4F9AE02/Jy1xrWJkV3XM37tXcEeOWUPqZZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Jy1xrWJkV3XM37tXcEeOWUPqZZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6DBD/F9C0E11E790911EE99EDD11FC4F9AE02/72F76026790A11EE88F94A29C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 192.65.182.0/24 192.160.169.0-192.160.170.255 198.22.61.0/24 Signature Algorithm: sha256WithRSAEncryption a6:e6:13:28:fe:e0:6e:ca:f5:30:6c:08:07:09:49:62:08:d0: 02:c5:38:4a:51:33:67:79:6c:b5:b6:b2:a5:94:80:f6:8e:ff: 65:11:f7:f2:b3:6c:cf:dc:93:1d:63:97:6b:59:87:a4:2a:5e: 6d:c9:80:f4:bb:86:5a:6f:d6:6a:eb:d4:0c:e5:24:8e:64:79: f2:f0:1b:ed:3a:c0:6a:a7:3e:2f:cc:1b:ea:66:df:1f:61:8f: ac:b4:11:46:e4:9f:28:f4:b6:6a:bc:d5:b3:06:fc:6c:04:73: ca:3d:8c:53:0e:c9:98:1f:99:8b:73:a3:0e:bc:0e:2f:57:48: 38:54:a9:ec:88:dc:40:f0:4f:75:80:04:fa:01:0d:b8:94:6a: 20:46:73:22:7c:86:bb:ab:7b:b1:60:41:8e:50:70:7b:60:25: 3b:12:89:11:ca:07:c5:2d:e3:5a:9f:44:a2:c5:e5:b9:25:a6: e1:34:05:a2:97:3f:1a:51:48:ec:74:3c:c8:e2:0d:93:01:82: 27:2b:b7:e1:05:31:39:39:17:b6:ba:5e:6b:d2:9f:8d:fc:ee: 9b:9e:43:80:3f:7d:d7:f5:37:5f:ff:e4:16:31:22:af:00:ab: c2:61:de:90:9d:a6:1d:51:46:67:5d:e7:a5:a4:6b:3f:c1:a5: af:3c:88:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE NkRCRDExMC8GA1UEBRMoMjcyRDcxQUQ2MjY0NTc3NUNDREZCQjU3NzA0NzhFNTk0 M0VBNjU5NTAeFw0yMzExMDEyMzM5MTJaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1NDJlMWEwLTdiNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC/eod2eV2Mz0gLcX3i0Lrcm5Hb8B/UTq9n3ZY77y0wf9K7F9Ldl+BkjKZzh4QA Pdpq30bZ3x6+I2ZMg67GLnTH0+3P3S3hnNq4p930mmYk/2zM6OgdsHx/lD8X7e/8 xHSZUrbq73+G5LobAcH8ilW71OMGajgV1xEnLFS8gUzunSSTsQotFO3GEDrGnxQX Ge35Tr5hI9JONso/7Aqd3BbJkJm7kVOqu47xDicbJ/cJ/i3n8cb2RGYHlSv5cRZL dGsSPAKHq+DVGsToxGtQeXtQKLi75U5FwJ1F2Vmv+ITTKJvMb1xSu3/bHfqKeTFf wbBh4SEFJIGVi7KxSH1ry7N5AgMBAAGjggKpMIICpTAdBgNVHQ4EFgQUokCSbzlb nR3UlimfFcPGNxBZYr8wHwYDVR0jBBgwFoAUJy1xrWJkV3XM37tXcEeOWUPqZZUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ2REJEL0Y5QzBFMTFFNzkw OTExRUU5OUVERDExRkM0RjlBRTAyL0p5MXhyV0prVjNYTTM3dFhjRWVPV1VQcVpa VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSnkxeHJXSmtWM1hNMzd0WGNFZU9XVVBxWlpVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NkRCRC9GOUMwRTExRTc5MDkxMUVFOTlFREQxMUZDNEY5QUUwMi83MkY3NjAyNjc5 MEExMUVFODhGOTRBMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAzBggrBgEFBQcBBwEB/wQk MCIwIAQCAAEwGgMEAMBBtjAMAwQAwKCpAwQAwKCqAwQAxhY9MA0GCSqGSIb3DQEB CwUAA4IBAQCm5hMo/uBuyvUwbAgHCUliCNACxThKUTNneWy1trKllID2jv9lEffy s2zP3JMdY5drWYekKl5tyYD0u4Zab9Zq69QM5SSOZHny8BvtOsBqpz4vzBvqZt8f YY+stBFG5J8o9LZqvNWzBvxsBHPKPYxTDsmYH5mLc6MOvA4vV0g4VKnsiNxA8E91 gAT6AQ24lGogRnMifIa7q3uxYEGOUHB7YCU7EokRygfFLeNan0SixeW5JabhNAWi lz8aUUjsdDzI4g2TAYInK7fhBTE5ORe2ul5r0p+N/O6bnkOAP33X9Tdf/+QWMSKv AKvCYd6QnaYdUUZnXeelpGs/waWvPIhm -----END CERTIFICATE-----Generated at Fri May 3 09:09:34 2024 by rpki-client on console-fra.rpki-client.org