$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/A7034AFA7F8411EC9036F64CC4F9AE02.roa File: A7034AFA7F8411EC9036F64CC4F9AE02.roa (raw, json) Hash identifier: WtwzNtkr/sMDE1Pw4fKTao1GvYsAwYCq34T3uS2XRT4= Subject key identifier: 80:63:72:88:29:9E:4C:4E:DF:73:AC:8C:1C:EE:96:C2:48:69:7B:AB Certificate issuer: /CN=A91DDCB6/serialNumber=65DFF2EE3F9BB2EB24551E1D18F1D63DEC0A6E17 Certificate serial: 072A Authority key identifier: 65:DF:F2:EE:3F:9B:B2:EB:24:55:1E:1D:18:F1:D6:3D:EC:0A:6E:17 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zd_y7j-bsuskVR4dGPHWPewKbhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/A7034AFA7F8411EC9036F64CC4F9AE02.roa Signing time: Tue 10 Oct 2023 21:49:04 +0000 ROA not before: Tue 10 Oct 2023 21:49:04 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 132420 IP address blocks: 146.88.24.0/22 maxlen: 24 164.52.192.0/19 maxlen: 24 205.147.96.0/21 maxlen: 24 205.147.108.0/22 maxlen: 24 216.48.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/Zd_y7j-bsuskVR4dGPHWPewKbhc.crl rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/Zd_y7j-bsuskVR4dGPHWPewKbhc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zd_y7j-bsuskVR4dGPHWPewKbhc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1834 (0x72a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDCB6/serialNumber=65DFF2EE3F9BB2EB24551E1D18F1D63DEC0A6E17 Validity Not Before: Oct 10 21:49:04 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=6525c6d0-aab2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:42:4a:a3:79:4a:e9:15:0c:99:c5:ef:a5:f4: cf:0c:81:d9:74:23:62:9b:e5:e8:dd:71:bf:26:49: 6a:a4:34:42:8c:1d:13:8b:d9:2c:05:7c:de:41:ad: 7f:19:24:a8:5d:89:66:4a:21:24:c2:a9:43:33:6a: 4b:9f:55:06:e9:74:ab:e5:21:b1:d7:8e:15:96:f6: 55:c3:31:a6:e6:00:9a:b6:35:bc:88:fe:5a:0d:49: 18:e3:c1:45:78:f5:13:8f:9b:1c:93:90:00:a1:06: 70:28:50:1b:00:a5:39:75:76:a6:ff:d5:9a:c4:df: 8b:0b:c5:05:d7:d3:2a:99:f2:fc:b2:7f:f3:47:ef: 0b:e1:13:1b:50:07:b5:e2:bc:59:8e:26:0b:27:c8: c5:74:99:b5:d0:40:34:3b:22:9a:80:b5:92:e2:86: 1a:a8:b2:45:63:c2:15:6b:c4:f5:ca:20:61:bc:df: bc:ff:2d:c2:a1:d0:b6:37:9f:bb:9d:65:91:9c:da: a0:52:7c:76:45:c4:6e:f7:e0:64:d9:35:ec:18:06: fe:b2:11:7a:e5:ce:42:3c:ad:ac:f7:76:3a:62:71: d6:fa:3d:d8:11:b4:50:28:7e:29:0c:db:aa:1d:6b: 7c:eb:49:89:a4:5b:a8:22:36:56:af:aa:d7:80:d8: 0f:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:63:72:88:29:9E:4C:4E:DF:73:AC:8C:1C:EE:96:C2:48:69:7B:AB X509v3 Authority Key Identifier: keyid:65:DF:F2:EE:3F:9B:B2:EB:24:55:1E:1D:18:F1:D6:3D:EC:0A:6E:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/Zd_y7j-bsuskVR4dGPHWPewKbhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zd_y7j-bsuskVR4dGPHWPewKbhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDCB6/E883DFD6CC3D11EA8BC45C29C4F9AE02/A7034AFA7F8411EC9036F64CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 146.88.24.0/22 164.52.192.0/19 205.147.96.0/21 205.147.108.0/22 216.48.176.0/20 Signature Algorithm: sha256WithRSAEncryption 62:36:c5:4f:48:4c:84:1d:bf:1b:e0:29:eb:7f:f6:9d:4b:63: 05:6d:96:e4:f9:5f:f9:db:f5:2b:d3:de:12:8f:9f:bb:b4:bb: db:f4:17:3b:6e:ed:2d:12:0e:e2:b3:5b:fa:e0:8c:a9:5a:39: b4:88:19:77:0f:89:4c:41:1f:f0:0e:f2:18:ff:40:86:64:62: 8e:8e:58:77:f0:6f:21:d6:9a:68:cb:ed:45:33:42:5c:d8:6f: 91:bd:d7:31:1d:d7:ff:ce:a5:74:a4:18:10:75:10:dc:52:ec: 27:9a:52:be:0b:d3:f5:f6:1d:27:78:a3:63:98:6e:91:69:68: 60:66:eb:37:45:0b:6f:c0:6c:a8:be:95:9c:34:3b:4a:b3:84: 71:c9:97:e5:40:96:a4:d2:38:01:c1:10:8e:fd:9b:f0:7c:0b: a4:b4:be:5e:34:12:fd:15:54:18:70:56:be:9b:13:03:fb:b2: 57:7a:c5:11:42:9f:4d:f8:9f:22:e0:89:90:8c:d8:c0:83:12: 43:e4:5c:25:62:8f:67:1c:d2:ad:44:c1:82:04:5e:75:1d:8a: c6:e8:5a:3d:49:68:d6:a8:8f:4f:22:1a:1a:e6:02:33:94:04: 7c:a9:16:ec:f9:4f:b5:0a:5b:9f:d3:c9:43:5f:47:4a:d7:fe: 02:49:8c:c7 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICByowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERDQjYxMTAvBgNVBAUTKDY1REZGMkVFM0Y5QkIyRUIyNDU1MUUxRDE4RjFENjNE RUMwQTZFMTcwHhcNMjMxMDEwMjE0OTA0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NTI1YzZkMC1hYWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr0JKo3lK6RUMmcXvpfTPDIHZdCNim+Xo3XG/JklqpDRCjB0Ti9ksBXzeQa1/ GSSoXYlmSiEkwqlDM2pLn1UG6XSr5SGx144VlvZVwzGm5gCatjW8iP5aDUkY48FF ePUTj5sck5AAoQZwKFAbAKU5dXam/9WaxN+LC8UF19MqmfL8sn/zR+8L4RMbUAe1 4rxZjiYLJ8jFdJm10EA0OyKagLWS4oYaqLJFY8IVa8T1yiBhvN+8/y3CodC2N5+7 nWWRnNqgUnx2RcRu9+Bk2TXsGAb+shF65c5CPK2s93Y6YnHW+j3YEbRQKH4pDNuq HWt860mJpFuoIjZWr6rXgNgPhwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFIBjcogp nkxO33OsjBzulsJIaXurMB8GA1UdIwQYMBaAFGXf8u4/m7LrJFUeHRjx1j3sCm4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERENCNi9FODgzREZENkND M0QxMUVBOEJDNDVDMjlDNEY5QUUwMi9aZF95N2otYnN1c2tWUjRkR1BIV1Bld0ti aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1pkX3k3ai1ic3Vza1ZSNGRHUEhXUGV3S2JoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RERDQjYvRTg4M0RGRDZDQzNEMTFFQThCQzQ1QzI5QzRGOUFFMDIvQTcwMzRBRkE3 Rjg0MTFFQzkwMzZGNjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAKSWBgDBAWkNMADBAPNk2ADBALNk2wDBATYMLAwDQYJKoZI hvcNAQELBQADggEBAGI2xU9ITIQdvxvgKet/9p1LYwVtluT5X/nb9SvT3hKPn7u0 u9v0Fztu7S0SDuKzW/rgjKlaObSIGXcPiUxBH/AO8hj/QIZkYo6OWHfwbyHWmmjL 7UUzQlzYb5G91zEd1//OpXSkGBB1ENxS7CeaUr4L0/X2HSd4o2OYbpFpaGBm6zdF C2/AbKi+lZw0O0qzhHHJl+VAlqTSOAHBEI79m/B8C6S0vl40Ev0VVBhwVr6bEwP7 sld6xRFCn034nyLgiZCM2MCDEkPkXCVij2cc0q1EwYIEXnUdisboWj1JaNaoj08i GhrmAjOUBHypFuz5T7UKW5/TyUNfR0rX/gJJjMc= -----END CERTIFICATE-----Generated at Sun May 19 00:16:20 2024 by rpki-client on console-fra.rpki-client.org