$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/7D9A528A990E11EE87118E20C4F9AE02.roa File: 7D9A528A990E11EE87118E20C4F9AE02.roa (raw, json) Hash identifier: fA6lgiU9W1T/RJxMZL8rvR0alvlrDGh5DnihGCPmKPE= Subject key identifier: BF:E5:12:C2:9F:46:2B:54:91:91:85:32:20:A1:25:68:0F:02:12:BD Certificate issuer: /CN=A91FA5A2/serialNumber=5B59FCB65341FD33789BFBAFA9637DF0CE404DAB Certificate serial: 65 Authority key identifier: 5B:59:FC:B6:53:41:FD:33:78:9B:FB:AF:A9:63:7D:F0:CE:40:4D:AB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/W1n8tlNB_TN4m_uvqWN98M5ATas.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/7D9A528A990E11EE87118E20C4F9AE02.roa Signing time: Mon 03 Jun 2024 08:42:25 +0000 ROA not before: Mon 03 Jun 2024 08:42:25 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 140577 IP address blocks: 168.100.128.0/19 maxlen: 19 168.100.128.0/20 maxlen: 20 168.100.128.0/21 maxlen: 21 168.100.136.0/21 maxlen: 21 168.100.140.0/24 maxlen: 24 168.100.141.0/24 maxlen: 24 168.100.142.0/24 maxlen: 24 168.100.143.0/24 maxlen: 24 168.100.144.0/20 maxlen: 20 168.100.148.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/W1n8tlNB_TN4m_uvqWN98M5ATas.crl rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/W1n8tlNB_TN4m_uvqWN98M5ATas.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/W1n8tlNB_TN4m_uvqWN98M5ATas.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA5A2/serialNumber=5B59FCB65341FD33789BFBAFA9637DF0CE404DAB Validity Not Before: Jun 3 08:42:25 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=665d81f0-6902 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:ac:e8:4c:60:ea:59:a9:d0:c5:f4:de:45:7b: a6:11:cd:d4:4d:c7:a0:d5:77:8e:6d:6a:2e:2a:d7: 68:65:0a:1a:ad:37:78:05:88:a1:43:62:9d:5c:7f: fa:16:40:99:30:72:68:19:da:d3:c4:1b:96:2a:80: 1c:a7:dd:4a:14:40:e9:53:8a:66:99:10:f2:89:0b: 80:6f:c3:e8:91:d5:f2:15:b9:7c:98:94:9f:e3:ba: 0a:f6:95:22:90:fe:9a:d2:b7:23:96:9e:78:d7:18: 52:4c:73:46:40:ca:cf:ae:7d:86:2b:e7:47:15:0d: 72:ee:29:61:c6:1c:00:c4:ae:15:55:a1:b7:09:a2: 41:93:c2:07:66:99:1d:61:c4:13:6a:b8:be:42:11: bc:29:55:d0:0f:a9:b9:42:a7:f7:c1:54:a9:49:3d: 27:c3:6f:b3:2d:fb:12:60:dd:c9:f3:97:91:3b:3f: 54:d8:a2:b0:c2:c1:8d:30:54:39:b4:f9:2b:b0:98: 87:bf:ad:9c:22:7f:d2:97:78:b6:26:d1:88:84:d0: 53:41:fa:18:29:ab:6e:2d:82:76:5d:cd:a6:26:b3: 06:e6:5a:db:7b:de:ec:cd:fc:60:37:e1:a3:f5:ee: b2:55:00:28:78:9b:b5:22:ba:67:4a:be:b8:d4:3c: e8:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:E5:12:C2:9F:46:2B:54:91:91:85:32:20:A1:25:68:0F:02:12:BD X509v3 Authority Key Identifier: keyid:5B:59:FC:B6:53:41:FD:33:78:9B:FB:AF:A9:63:7D:F0:CE:40:4D:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/W1n8tlNB_TN4m_uvqWN98M5ATas.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/W1n8tlNB_TN4m_uvqWN98M5ATas.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA5A2/3E16416898F611EEBBF1F417C4F9AE02/7D9A528A990E11EE87118E20C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 168.100.128.0/19 Signature Algorithm: sha256WithRSAEncryption 43:8a:89:83:3f:18:ab:6f:37:8f:f5:a9:58:78:88:16:51:9d: 3e:a2:4d:7d:f0:70:89:db:b3:c3:4c:a9:a4:8a:df:a2:ce:4d: f3:2d:d4:44:1e:ea:65:a1:3f:e1:57:32:ef:b9:c9:33:61:47: 53:fb:b0:b2:2e:a6:a0:52:ee:e9:5e:d9:4d:fd:fb:78:fa:55: ae:1b:a4:d8:87:7f:f2:41:ac:7c:41:76:40:f4:56:a4:ef:b8: bb:d2:3a:34:7e:d3:dd:94:0f:67:4c:bc:59:44:50:74:ab:18: 3f:61:22:03:23:f0:6c:f9:70:91:2b:19:34:f7:b6:35:c9:71: 03:62:ea:42:60:00:3b:a2:e5:d4:f8:a7:44:57:d8:16:c2:a5: 9d:9f:7a:88:a3:d1:61:4c:83:1c:50:1a:cd:2e:65:c9:75:b4: 86:76:55:ed:71:10:6d:b4:23:93:99:0b:0a:91:89:b2:4b:d1: ad:68:7f:b0:55:89:b4:fa:40:f1:97:52:46:4b:7b:f7:fe:b1: f2:3f:20:89:7f:39:09:a4:cc:ff:04:88:ea:a0:81:fc:b6:19: f6:20:0d:b6:a5:dd:45:0e:97:b9:fb:36:e4:56:1e:e9:4e:99: 5b:45:d0:09:c1:a1:f5:78:b3:eb:11:48:68:73:8f:0b:cd:1a: be:7e:eb:bd -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBZTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QTVBMjExMC8GA1UEBRMoNUI1OUZDQjY1MzQxRkQzMzc4OUJGQkFGQTk2MzdERjBD RTQwNERBQjAeFw0yNDA2MDMwODQyMjVaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY2NWQ4MWYwLTY5MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQClrOhMYOpZqdDF9N5Fe6YRzdRNx6DVd45tai4q12hlChqtN3gFiKFDYp1cf/oW QJkwcmgZ2tPEG5YqgByn3UoUQOlTimaZEPKJC4Bvw+iR1fIVuXyYlJ/jugr2lSKQ /prStyOWnnjXGFJMc0ZAys+ufYYr50cVDXLuKWHGHADErhVVobcJokGTwgdmmR1h xBNquL5CEbwpVdAPqblCp/fBVKlJPSfDb7Mt+xJg3cnzl5E7P1TYorDCwY0wVDm0 +SuwmIe/rZwif9KXeLYm0YiE0FNB+hgpq24tgnZdzaYmswbmWtt73uzN/GA34aP1 7rJVACh4m7UiumdKvrjUPOirAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUv+USwp9G K1SRkYUyIKElaA8CEr0wHwYDVR0jBBgwFoAUW1n8tlNB/TN4m/uvqWN98M5ATasw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBNUEyLzNFMTY0MTY4OThG NjExRUVCQkYxRjQxN0M0RjlBRTAyL1cxbjh0bE5CX1RONG1fdXZxV045OE01QVRh cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvVzFuOHRsTkJfVE40bV91dnFXTjk4TTVBVGFzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTVBMi8zRTE2NDE2ODk4RjYxMUVFQkJGMUY0MTdDNEY5QUUwMi83RDlBNTI4QTk5 MEUxMUVFODcxMThFMjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEBahkgDANBgkqhkiG9w0BAQsFAAOCAQEAQ4qJgz8Yq283j/Wp WHiIFlGdPqJNffBwiduzw0yppIrfos5N8y3URB7qZaE/4Vcy77nJM2FHU/uwsi6m oFLu6V7ZTf37ePpVrhuk2Id/8kGsfEF2QPRWpO+4u9I6NH7T3ZQPZ0y8WURQdKsY P2EiAyPwbPlwkSsZNPe2NclxA2LqQmAAO6Ll1PinRFfYFsKlnZ96iKPRYUyDHFAa zS5lyXW0hnZV7XEQbbQjk5kLCpGJskvRrWh/sFWJtPpA8ZdSRkt79/6x8j8giX85 CaTM/wSI6qCB/LYZ9iANtqXdRQ6Xufs25FYe6U6ZW0XQCcGh9Xiz6xFIaHOPC80a vn7rvQ== -----END CERTIFICATE-----Generated at Thu Nov 21 05:06:09 2024 by rpki-client on console-fra.rpki-client.org