$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/3055F0C8BAAC11EEB1F2C972C4F9AE02.roa File: 3055F0C8BAAC11EEB1F2C972C4F9AE02.roa (raw, json) Hash identifier: 7jzOqvzUj7kJ8Y4zUUKzQ2gjUk/CKGVV3DYS1ROQx2c= Subject key identifier: 58:F7:BC:27:93:9E:55:1E:98:45:C4:6F:9B:E0:C3:4A:DA:78:CD:79 Certificate issuer: /CN=A91FA851/serialNumber=50A0DC9558A6C40DDCD535FB7B5C0BEEA66E04E4 Certificate serial: 09 Authority key identifier: 50:A0:DC:95:58:A6:C4:0D:DC:D5:35:FB:7B:5C:0B:EE:A6:6E:04:E4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UKDclVimxA3c1TX7e1wL7qZuBOQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/3055F0C8BAAC11EEB1F2C972C4F9AE02.roa Signing time: Wed 24 Jan 2024 18:14:03 +0000 ROA not before: Wed 24 Jan 2024 18:14:03 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 138548 IP address blocks: 157.15.20.0/23 maxlen: 23 157.15.20.0/24 maxlen: 24 157.15.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/UKDclVimxA3c1TX7e1wL7qZuBOQ.crl rsync://rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/UKDclVimxA3c1TX7e1wL7qZuBOQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UKDclVimxA3c1TX7e1wL7qZuBOQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 08:46:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA851/serialNumber=50A0DC9558A6C40DDCD535FB7B5C0BEEA66E04E4 Validity Not Before: Jan 24 18:14:03 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=65b1536b-b0bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:6a:cd:bb:5e:19:fc:c4:12:0f:09:7b:86:c9: 30:6a:a0:01:7e:c4:33:6f:9e:f8:19:a4:5f:28:6f: eb:03:2b:98:9e:61:e6:4a:7c:d5:49:b0:a0:67:ed: 36:65:e2:92:4d:53:3b:7f:33:32:f0:60:3c:7f:8d: 03:6c:ce:3a:dc:1c:72:5a:07:b8:4a:70:9e:d5:a9: 7e:74:4d:87:8d:e9:1c:dc:aa:c9:4c:32:2f:c5:ee: 8f:2a:77:40:07:f7:e2:39:8f:c7:2d:8f:de:46:33: 41:b5:c5:c8:ed:19:51:56:d8:75:50:d0:55:34:da: c4:7f:f9:a8:30:a9:d0:fc:cf:04:6b:94:cc:2e:fd: 25:cb:3c:41:6f:c6:7b:1f:8d:9c:1f:bd:c7:55:a9: bd:08:7e:57:7b:ee:53:89:1b:78:60:4a:64:76:74: fd:82:17:b4:5e:b5:92:b2:94:3f:92:8b:d2:ea:bf: ff:ee:c2:fa:aa:1c:d1:31:7d:8d:3b:a7:d3:76:fa: 70:ad:80:6e:c1:39:de:d8:7e:00:c7:23:d3:ac:5a: 8a:09:19:63:08:2d:19:a1:22:23:77:1c:31:02:f5: 2b:a7:07:e2:64:66:71:e5:9f:29:2c:18:79:24:e2: 16:c3:97:02:58:1b:98:96:46:b4:82:5a:07:9a:53: 7a:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:F7:BC:27:93:9E:55:1E:98:45:C4:6F:9B:E0:C3:4A:DA:78:CD:79 X509v3 Authority Key Identifier: keyid:50:A0:DC:95:58:A6:C4:0D:DC:D5:35:FB:7B:5C:0B:EE:A6:6E:04:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/UKDclVimxA3c1TX7e1wL7qZuBOQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UKDclVimxA3c1TX7e1wL7qZuBOQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA851/8BC5127CB9DF11EE94B4242AC4F9AE02/3055F0C8BAAC11EEB1F2C972C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.15.20.0/23 Signature Algorithm: sha256WithRSAEncryption 32:ef:59:86:60:63:9c:a9:6a:3d:b1:f3:ff:14:4d:ca:f5:7f: 23:4d:06:55:ce:fa:ed:eb:cd:b9:7b:be:48:46:d4:89:a9:84: 13:64:2e:01:fc:f1:0a:91:80:73:af:ac:99:df:4c:45:55:3c: 04:b3:7d:32:6a:c2:6c:9f:1e:ad:24:bc:44:c1:e5:9c:ad:bb: 7c:09:19:f2:3e:be:fc:8f:28:cd:f3:b1:a9:a0:89:f1:cc:33: cf:36:5d:61:12:53:4c:26:56:bb:3d:f8:41:03:f5:5d:dc:dc: 17:ea:23:66:97:ec:c8:c9:5e:bf:35:64:94:78:22:fb:63:78: cf:18:0d:fb:7d:0d:21:61:f5:da:5d:1d:f8:d0:6f:d2:2d:df: 25:dd:06:39:1f:92:f2:47:53:a7:80:f7:4b:91:84:50:bd:3e: 78:83:bf:02:a6:ec:57:fd:bf:10:c0:ec:d7:e7:72:b7:82:d9: 88:c6:bc:68:aa:0a:5f:70:0c:1d:2e:7c:ba:55:97:bd:d9:81: fd:47:8e:ab:1f:71:01:63:75:8b:c5:4c:00:1b:d7:51:9c:2c: 4c:1c:97:cc:b3:61:ca:8a:3b:c5:77:03:0d:ac:bc:7a:05:b0: f6:13:79:6e:64:5c:8f:6e:6e:b1:08:08:bf:c7:76:6c:88:33: 41:32:82:45 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QTg1MTExMC8GA1UEBRMoNTBBMERDOTU1OEE2QzQwRERDRDUzNUZCN0I1QzBCRUVB NjZFMDRFNDAeFw0yNDAxMjQxODE0MDNaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1YjE1MzZiLWIwYmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCkas27Xhn8xBIPCXuGyTBqoAF+xDNvnvgZpF8ob+sDK5ieYeZKfNVJsKBn7TZl 4pJNUzt/MzLwYDx/jQNszjrcHHJaB7hKcJ7VqX50TYeN6RzcqslMMi/F7o8qd0AH 9+I5j8ctj95GM0G1xcjtGVFW2HVQ0FU02sR/+agwqdD8zwRrlMwu/SXLPEFvxnsf jZwfvcdVqb0Ifld77lOJG3hgSmR2dP2CF7RetZKylD+Si9Lqv//uwvqqHNExfY07 p9N2+nCtgG7BOd7YfgDHI9OsWooJGWMILRmhIiN3HDEC9SunB+JkZnHlnyksGHkk 4hbDlwJYG5iWRrSCWgeaU3qzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWPe8J5Oe VR6YRcRvm+DDStp4zXkwHwYDVR0jBBgwFoAUUKDclVimxA3c1TX7e1wL7qZuBOQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBODUxLzhCQzUxMjdDQjlE RjExRUU5NEI0MjQyQUM0RjlBRTAyL1VLRGNsVmlteEEzYzFUWDdlMXdMN3FadUJP US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvVUtEY2xWaW14QTNjMVRYN2Uxd0w3cVp1Qk9RLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTg1MS84QkM1MTI3Q0I5REYxMUVFOTRCNDI0MkFDNEY5QUUwMi8zMDU1RjBDOEJB QUMxMUVFQjFGMkM5NzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAZ0PFDANBgkqhkiG9w0BAQsFAAOCAQEAMu9ZhmBjnKlqPbHz /xRNyvV/I00GVc767evNuXu+SEbUiamEE2QuAfzxCpGAc6+smd9MRVU8BLN9MmrC bJ8erSS8RMHlnK27fAkZ8j6+/I8ozfOxqaCJ8cwzzzZdYRJTTCZWuz34QQP1Xdzc F+ojZpfsyMlevzVklHgi+2N4zxgN+30NIWH12l0d+NBv0i3fJd0GOR+S8kdTp4D3 S5GEUL0+eIO/AqbsV/2/EMDs1+dyt4LZiMa8aKoKX3AMHS58ulWXvdmB/UeOqx9x AWN1i8VMABvXUZwsTByXzLNhyoo7xXcDDay8egWw9hN5bmRcj25usQgIv8d2bIgz QTKCRQ== -----END CERTIFICATE-----Generated at Sat Jun 1 11:14:33 2024 by rpki-client on console-fra.rpki-client.org