$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/DC83E52CE12F11EEB059D53CC4F9AE02.roa File: DC83E52CE12F11EEB059D53CC4F9AE02.roa (raw, json) Hash identifier: 249vQRK+GvD/GCbeVcmTEXlgIHoMNFvIXLi9I4vUM34= Subject key identifier: 63:86:CF:D2:FC:A8:39:E3:A4:CA:DF:80:9F:C8:29:37:37:66:5F:D9 Certificate issuer: /CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88 Certificate serial: 07A9 Authority key identifier: 7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/DC83E52CE12F11EEB059D53CC4F9AE02.roa Signing time: Wed 13 Mar 2024 11:50:17 +0000 ROA not before: Wed 13 Mar 2024 11:50:17 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 21859 IP address blocks: 169.136.82.0/24 maxlen: 24 169.136.85.0/24 maxlen: 24 169.136.105.0/24 maxlen: 24 169.136.109.0/24 maxlen: 24 169.136.120.0/24 maxlen: 24 169.136.122.0/24 maxlen: 24 169.136.128.0/24 maxlen: 24 169.136.129.0/24 maxlen: 24 169.136.130.0/24 maxlen: 24 169.136.134.0/24 maxlen: 24 169.136.135.0/24 maxlen: 24 169.136.138.0/24 maxlen: 24 169.136.142.0/24 maxlen: 24 169.136.143.0/24 maxlen: 24 169.136.146.0/24 maxlen: 24 169.136.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 22:16:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1961 (0x7a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88 Validity Not Before: Mar 13 11:50:17 2024 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=65f192f9-6690 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:87:22:e3:2f:f1:22:b1:24:2a:e2:69:4a:15: bd:5b:b4:aa:1d:d5:f0:cb:db:e3:77:6a:79:d8:f4: 57:76:7f:69:22:7e:9e:1f:0b:70:d4:cc:de:cb:b3: fc:0a:ba:d3:10:a0:f6:01:6f:71:88:13:93:ee:ca: dd:f8:84:5b:9b:40:41:d1:5e:32:04:22:2d:2a:ec: 2d:0f:05:8e:b0:6f:0e:30:98:c1:10:2e:27:65:f2: 94:ea:dc:c9:bb:68:6b:a2:5b:1c:6f:30:f1:22:4a: 42:78:3a:1f:1a:8e:90:16:bc:8c:60:33:23:97:e4: 74:5f:d0:bb:48:fb:06:f9:eb:c0:e0:5e:82:27:8a: b0:51:78:bc:b6:2f:83:82:3c:53:cc:14:52:f2:2f: 59:93:bf:68:ca:69:04:a0:25:39:07:78:e8:8e:1e: c1:6c:ca:ff:57:63:c5:2b:78:55:1c:f0:3e:0c:d1: a2:d1:5c:2a:95:35:58:8b:21:c5:d1:e8:7f:a3:3b: 18:5f:4a:85:b7:4e:4b:a3:e0:bd:4a:ee:b0:ef:ec: 3b:5c:99:e9:27:25:3b:dd:e4:0e:7e:16:8a:eb:36: de:39:c8:ed:48:a8:90:da:9f:1c:81:08:38:ac:fc: d2:0a:57:55:11:e8:04:bf:8f:32:af:4e:4a:11:9c: 4d:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:86:CF:D2:FC:A8:39:E3:A4:CA:DF:80:9F:C8:29:37:37:66:5F:D9 X509v3 Authority Key Identifier: keyid:7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/DC83E52CE12F11EEB059D53CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 169.136.82.0/24 169.136.85.0/24 169.136.105.0/24 169.136.109.0/24 169.136.120.0/24 169.136.122.0/24 169.136.128.0-169.136.130.255 169.136.134.0/23 169.136.138.0/24 169.136.142.0/23 169.136.146.0/24 169.136.191.0/24 Signature Algorithm: sha256WithRSAEncryption 66:a5:91:1a:fe:cb:89:72:ac:a8:94:03:53:b6:9f:96:8f:63: 0d:b5:1f:b7:70:8a:7e:6f:33:1a:61:80:bc:5d:cd:1f:cb:13: 70:c4:a6:13:e4:89:22:fe:1d:e1:b1:91:85:85:da:d9:1e:39: 52:6e:e9:41:10:f2:30:40:33:37:27:e8:bd:02:e8:58:94:b1: c9:eb:9b:b7:4d:37:8d:e2:0c:1d:28:ae:e3:c0:88:d4:86:fb: 0f:fb:b2:53:5a:9e:c4:df:89:40:64:3c:fc:31:49:5d:68:e7: c9:95:fc:5f:ef:fa:9a:be:e4:99:10:6f:11:2e:96:03:8e:39: 97:d1:af:25:33:e3:e6:e3:ca:bd:1e:db:b9:fa:4b:ab:75:05: bd:1d:09:54:cf:5c:a8:52:60:05:fb:79:e4:7e:cb:40:2c:ff: 1c:a5:a5:e6:66:fc:3f:01:f7:fa:0b:b7:4b:ad:6c:d9:7b:08: c7:69:aa:5a:f0:24:14:1f:1a:df:b7:72:81:5d:db:8b:b0:3b: df:c7:80:a1:5c:80:82:05:0a:29:18:dd:09:fa:8d:77:4d:a3: 32:c6:78:47:65:e8:df:33:f6:68:27:b6:46:82:35:8c:08:47: ec:0b:1c:ab:d2:0c:64:7f:ba:4e:77:19:7e:f6:e8:26:33:5d: 11:b8:6a:94 -----BEGIN CERTIFICATE----- MIIFuzCCBKOgAwIBAgICB6kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REY5M0ExMTAvBgNVBAUTKDdFMjQ0MzEwRDdBNDU2RUIxMjdCOTI2QzQyRjI2RDc5 RTlBQ0RCODgwHhcNMjQwMzEzMTE1MDE3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NWYxOTJmOS02NjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA64ci4y/xIrEkKuJpShW9W7SqHdXwy9vjd2p52PRXdn9pIn6eHwtw1Mzey7P8 CrrTEKD2AW9xiBOT7srd+IRbm0BB0V4yBCItKuwtDwWOsG8OMJjBEC4nZfKU6tzJ u2hrolscbzDxIkpCeDofGo6QFryMYDMjl+R0X9C7SPsG+evA4F6CJ4qwUXi8ti+D gjxTzBRS8i9Zk79oymkEoCU5B3jojh7BbMr/V2PFK3hVHPA+DNGi0VwqlTVYiyHF 0eh/ozsYX0qFt05Lo+C9Su6w7+w7XJnpJyU73eQOfhaK6zbeOcjtSKiQ2p8cgQg4 rPzSCldVEegEv48yr05KEZxNtQIDAQABo4IC3zCCAtswHQYDVR0OBBYEFGOGz9L8 qDnjpMrfgJ/IKTc3Zl/ZMB8GA1UdIwQYMBaAFH4kQxDXpFbrEnuSbELybXnprNuI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GN0RGQTcyRUU1 RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9maVJERU5la1Z1c1NlNUpzUXZKdGVlbXMy NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ZpUkRFTmVrVnVzU2U1SnNRdkp0ZWVtczI0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REY5M0EvRjdERkE3MkVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvREM4M0U1MkNF MTJGMTFFRUIwNTlENTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E WjBYMFYEAgABMFADBACpiFIDBACpiFUDBACpiGkDBACpiG0DBACpiHgDBACpiHow DAMEB6mIgAMEAKmIggMEAamIhgMEAKmIigMEAamIjgMEAKmIkgMEAKmIvzANBgkq hkiG9w0BAQsFAAOCAQEAZqWRGv7LiXKsqJQDU7aflo9jDbUft3CKfm8zGmGAvF3N H8sTcMSmE+SJIv4d4bGRhYXa2R45Um7pQRDyMEAzNyfovQLoWJSxyeubt003jeIM HSiu48CI1Ib7D/uyU1qexN+JQGQ8/DFJXWjnyZX8X+/6mr7kmRBvES6WA445l9Gv JTPj5uPKvR7bufpLq3UFvR0JVM9cqFJgBft55H7LQCz/HKWl5mb8PwH3+gu3S61s 2XsIx2mqWvAkFB8a37dygV3bi7A738eAoVyAggUKKRjdCfqNd02jMsZ4R2Xo3zP2 aCe2RoI1jAhH7Ascq9IMZH+6TncZfvboJjNdEbhqlA== -----END CERTIFICATE-----Generated at Thu May 2 23:19:03 2024 by rpki-client on console-ams.rpki-client.org