$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/1818952C8D5811EFAD3A5D3BC4F9AE02.roa File: 1818952C8D5811EFAD3A5D3BC4F9AE02.roa (raw, json) Hash identifier: tKSHJqdsSmpGgJzA0ThHFbJCNwhgg/q9aM0ZWxNfpP8= Subject key identifier: 60:70:7D:24:1D:C2:11:93:DD:07:BB:8C:B5:DD:7E:0B:B4:DA:18:00 Certificate issuer: /CN=A91E0855/serialNumber=D32A5ADC0542C2E817C202BE6B7281E869D17897 Certificate serial: 33 Authority key identifier: D3:2A:5A:DC:05:42:C2:E8:17:C2:02:BE:6B:72:81:E8:69:D1:78:97 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/1818952C8D5811EFAD3A5D3BC4F9AE02.roa Signing time: Fri 18 Oct 2024 13:51:38 +0000 ROA not before: Fri 18 Oct 2024 13:51:38 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 151151 IP address blocks: 160.25.224.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.crl rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Oct 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0855/serialNumber=D32A5ADC0542C2E817C202BE6B7281E869D17897 Validity Not Before: Oct 18 13:51:38 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=671267e9-f233 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:db:6b:ac:b2:84:ad:47:67:fb:ca:fe:5b:9d: 14:a0:90:00:39:9a:20:e6:27:7e:07:f7:f5:84:95: ed:1e:d5:6c:9d:5d:ce:2a:be:0e:cd:36:97:f1:43: cc:da:1a:64:65:f5:17:2b:40:d3:cd:fa:50:7d:df: 78:04:77:39:9a:c0:2e:a7:0f:8e:7e:31:a6:5b:36: 8d:b7:de:58:98:fc:b1:08:dc:cd:de:f2:b9:4d:4a: fc:00:78:8f:ee:88:9b:80:be:aa:f3:d7:29:c3:87: 46:61:c7:d2:7f:69:99:de:5f:22:7c:cd:57:9f:80: 79:56:23:f4:1c:d3:4e:30:14:e0:eb:6a:63:58:2b: d4:a6:59:7e:e0:59:51:40:b6:52:e0:a8:c6:1c:f2: db:82:12:aa:b7:15:8d:49:d4:07:fc:8d:07:99:0e: 92:7b:a8:28:be:2a:0b:23:b5:17:8b:7f:fb:a6:bb: d2:64:aa:73:1b:99:b2:fc:f1:e9:aa:c8:15:54:43: 67:73:ee:7b:aa:71:af:35:f7:b4:6d:68:28:2d:3d: e0:c1:54:f6:1a:cb:b2:ba:8e:77:5b:33:01:57:93: 47:fd:22:d0:37:45:7b:e2:ab:01:62:0a:85:e1:9d: 07:27:3b:c3:a2:e3:c1:2e:57:ad:c2:7f:f1:70:0a: db:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:70:7D:24:1D:C2:11:93:DD:07:BB:8C:B5:DD:7E:0B:B4:DA:18:00 X509v3 Authority Key Identifier: keyid:D3:2A:5A:DC:05:42:C2:E8:17:C2:02:BE:6B:72:81:E8:69:D1:78:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/1818952C8D5811EFAD3A5D3BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.25.224.0/23 Signature Algorithm: sha256WithRSAEncryption 06:e6:f7:7b:5b:07:38:86:62:12:e9:d9:95:94:a9:6e:b0:c7: d3:6f:db:e5:c2:aa:7d:43:11:ae:12:1d:92:24:50:21:70:37: a2:d5:0b:ff:ab:6f:d1:de:b0:52:3a:4c:6b:b6:7c:dc:83:17: 27:f0:d0:dc:b8:2f:63:66:e1:a7:6b:01:c2:e6:c7:7c:5b:5c: e3:2c:9e:7a:19:69:dd:cf:8e:32:68:f8:49:b5:c7:70:e5:2f: 89:6a:1c:32:ea:18:ac:3b:4b:40:55:3a:10:f6:3b:ee:d5:17: 7d:e5:a7:5d:55:c2:34:04:94:2c:49:ba:a4:21:3e:06:81:f9: 66:55:3d:b4:b9:27:3a:05:25:bd:c4:4c:75:22:c7:a6:08:9c: e3:db:d7:94:ff:f0:65:de:8e:20:8c:d7:a3:12:81:45:1e:92: 79:e9:60:1a:f4:56:7d:52:38:f4:b1:38:ee:54:2c:f4:9c:61: 6a:7f:a0:bf:41:c1:f8:83:cc:78:f8:d0:16:68:5a:5f:48:4d: e8:3d:82:6f:22:50:2d:8f:12:9b:69:26:99:81:8b:ed:d3:db: 05:fe:7a:af:d6:fb:23:e8:c2:32:9c:22:01:0f:e1:1a:54:1a: 13:36:b0:88:2d:2c:4e:f9:ec:9b:c7:98:53:b4:18:70:0a:8d: cc:51:09:4e -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF MDg1NTExMC8GA1UEBRMoRDMyQTVBREMwNTQyQzJFODE3QzIwMkJFNkI3MjgxRTg2 OUQxNzg5NzAeFw0yNDEwMTgxMzUxMzhaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY3MTI2N2U5LWYyMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDb22ussoStR2f7yv5bnRSgkAA5miDmJ34H9/WEle0e1WydXc4qvg7NNpfxQ8za GmRl9RcrQNPN+lB933gEdzmawC6nD45+MaZbNo233liY/LEI3M3e8rlNSvwAeI/u iJuAvqrz1ynDh0Zhx9J/aZneXyJ8zVefgHlWI/Qc004wFODramNYK9SmWX7gWVFA tlLgqMYc8tuCEqq3FY1J1Af8jQeZDpJ7qCi+KgsjtReLf/umu9JkqnMbmbL88emq yBVUQ2dz7nuqca8197RtaCgtPeDBVPYay7K6jndbMwFXk0f9ItA3RXviqwFiCoXh nQcnO8Oi48EuV63Cf/FwCtstAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUYHB9JB3C EZPdB7uMtd1+C7TaGAAwHwYDVR0jBBgwFoAU0ypa3AVCwugXwgK+a3KB6GnReJcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUwODU1LzUwNENGRkUyNDQ5 NjExRUY4RTg0RTYzREM0RjlBRTAyLzB5cGEzQVZDd3VnWHdnSy1hM0tCNkduUmVK Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMHlwYTNBVkN3dWdYd2dLLWEzS0I2R25SZUpjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MDg1NS81MDRDRkZFMjQ0OTYxMUVGOEU4NEU2M0RDNEY5QUUwMi8xODE4OTUyQzhE NTgxMUVGQUQzQTVEM0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaAZ4DANBgkqhkiG9w0BAQsFAAOCAQEABub3e1sHOIZiEunZ lZSpbrDH02/b5cKqfUMRrhIdkiRQIXA3otUL/6tv0d6wUjpMa7Z83IMXJ/DQ3Lgv Y2bhp2sBwubHfFtc4yyeehlp3c+OMmj4SbXHcOUviWocMuoYrDtLQFU6EPY77tUX feWnXVXCNASULEm6pCE+BoH5ZlU9tLknOgUlvcRMdSLHpgic49vXlP/wZd6OIIzX oxKBRR6SeelgGvRWfVI49LE47lQs9Jxhan+gv0HB+IPMePjQFmhaX0hN6D2CbyJQ LY8Sm2kmmYGL7dPbBf56r9b7I+jCMpwiAQ/hGlQaEzawiC0sTvnsm8eYU7QYcAqN zFEJTg== -----END CERTIFICATE-----Generated at Wed Oct 23 07:46:03 2024 by rpki-client on console-ams.rpki-client.org