$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/0171064E1E7511EFA136126DC4F9AE02.roa File: 0171064E1E7511EFA136126DC4F9AE02.roa (raw, json) Hash identifier: XFxbQQJDj0rE3ZIrAGCdNw3StLs+W3TJQN2I+ajNUy8= Subject key identifier: C9:36:22:56:1C:7E:CD:61:67:8F:42:F2:B5:4F:90:2B:25:7F:51:03 Certificate issuer: /CN=A9125475/serialNumber=DE9D64016291EA2A16F3B7956A0F4035B709E547 Certificate serial: 251D Authority key identifier: DE:9D:64:01:62:91:EA:2A:16:F3:B7:95:6A:0F:40:35:B7:09:E5:47 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3p1kAWKR6ioW87eVag9ANbcJ5Uc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/0171064E1E7511EFA136126DC4F9AE02.roa Signing time: Mon 02 Dec 2024 14:30:20 +0000 ROA not before: Mon 02 Dec 2024 14:30:20 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 64777 IP address blocks: 209.15.120.0/24 maxlen: 24 209.15.121.0/24 maxlen: 24 209.15.122.0/24 maxlen: 24 209.15.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3p1kAWKR6ioW87eVag9ANbcJ5Uc.crl rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3p1kAWKR6ioW87eVag9ANbcJ5Uc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3p1kAWKR6ioW87eVag9ANbcJ5Uc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 14:20:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9501 (0x251d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125475, serialNumber=DE9D64016291EA2A16F3B7956A0F4035B709E547 Validity Not Before: Dec 2 14:30:20 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=674dc47c-ef40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:bc:44:6a:ae:59:32:ee:db:43:ec:0f:64:92: b7:dd:f2:01:ba:5a:25:ce:3f:af:d5:d8:da:31:de: 7d:06:96:46:95:ac:fe:e2:73:0b:21:23:ba:1d:df: 83:3d:ed:48:94:10:23:9c:d4:b4:48:d6:a9:a9:65: 88:91:74:45:d0:e7:77:3a:c0:0a:bf:96:31:43:48: ed:4b:36:2a:12:f1:94:d6:89:b2:b5:24:9b:33:54: 90:8a:2c:b5:11:2f:d7:2b:44:ec:40:2c:fe:68:03: 1a:3a:a8:09:a5:4e:1c:f7:0f:11:42:91:a7:50:72: e1:7c:03:d1:a7:ff:f1:6e:17:b7:28:6c:42:6d:10: cc:0e:0d:a3:1a:61:23:b0:48:da:44:d9:8e:24:3f: 90:17:cd:ee:3c:32:e3:70:23:3f:33:6e:c7:8e:8c: 3a:5c:ec:db:60:5d:20:30:03:0e:16:a3:f4:cf:6f: 18:57:2c:1b:72:44:7c:5b:30:f1:c4:7c:4c:d2:ba: b9:63:2c:c9:d4:f6:96:c2:e0:07:a0:65:c3:fa:61: c5:01:28:f9:94:17:e2:28:48:dd:e0:51:54:d0:27: d4:b0:aa:34:21:a8:bc:ac:a2:21:38:2b:a9:98:56: 26:d6:31:c1:6d:4d:38:7d:89:6d:05:83:a4:59:ee: ae:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:36:22:56:1C:7E:CD:61:67:8F:42:F2:B5:4F:90:2B:25:7F:51:03 X509v3 Authority Key Identifier: keyid:DE:9D:64:01:62:91:EA:2A:16:F3:B7:95:6A:0F:40:35:B7:09:E5:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3p1kAWKR6ioW87eVag9ANbcJ5Uc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3p1kAWKR6ioW87eVag9ANbcJ5Uc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/0171064E1E7511EFA136126DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 209.15.120.0/22 Signature Algorithm: sha256WithRSAEncryption 82:01:37:43:ab:36:01:a2:95:db:bb:61:8d:a9:ed:44:5f:d7: 4f:58:2d:a0:93:fd:f5:d0:c9:2b:0f:63:1c:67:b0:e8:f2:4d: 99:51:aa:bc:b6:8b:1e:b0:4d:86:54:19:ca:15:2c:73:aa:6d: a3:82:a8:8c:1b:da:a5:46:ef:db:09:87:a6:9a:7c:11:d6:76: 84:ca:80:52:44:34:fb:9b:64:93:23:41:a3:e9:50:1b:e0:d8: 54:75:fe:80:e1:7c:6e:56:cc:42:1a:30:56:13:67:83:bc:e3: 57:ed:93:df:cc:45:96:9c:21:10:07:61:5d:57:35:8f:96:a8: 6e:1e:d6:92:46:d5:af:76:9a:82:2e:e7:10:59:db:9d:8e:93: 0a:0d:53:e9:47:a8:8c:ff:fd:90:41:43:80:4d:db:db:ed:2f: 31:e2:59:ff:91:e3:e2:58:42:28:00:fe:72:75:c4:b1:65:11: e7:66:34:c5:8f:7b:6c:ed:e6:8e:34:ad:60:25:35:0d:cf:57: 8d:95:d3:0a:bb:16:70:b3:20:d5:02:be:e3:1c:b5:44:03:af: e0:5c:c9:09:5d:22:a7:ba:31:f4:74:d3:d5:93:ae:eb:c7:03: 2a:64:8b:00:c4:d7:5b:cf:91:1c:0d:db:4f:00:b8:b7:39:e2: 5f:e8:23:f0 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICJR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjU0NzUxMTAvBgNVBAUTKERFOUQ2NDAxNjI5MUVBMkExNkYzQjc5NTZBMEY0MDM1 QjcwOUU1NDcwHhcNMjQxMjAyMTQzMDIwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRkYzQ3Yy1lZjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2rxEaq5ZMu7bQ+wPZJK33fIBulolzj+v1djaMd59BpZGlaz+4nMLISO6Hd+D Pe1IlBAjnNS0SNapqWWIkXRF0Od3OsAKv5YxQ0jtSzYqEvGU1omytSSbM1SQiiy1 ES/XK0TsQCz+aAMaOqgJpU4c9w8RQpGnUHLhfAPRp//xbhe3KGxCbRDMDg2jGmEj sEjaRNmOJD+QF83uPDLjcCM/M27Hjow6XOzbYF0gMAMOFqP0z28YVywbckR8WzDx xHxM0rq5YyzJ1PaWwuAHoGXD+mHFASj5lBfiKEjd4FFU0CfUsKo0Iai8rKIhOCup mFYm1jHBbU04fYltBYOkWe6u6QIDAQABo4IClTCCApEwHQYDVR0OBBYEFMk2IlYc fs1hZ49C8rVPkCslf1EDMB8GA1UdIwQYMBaAFN6dZAFikeoqFvO3lWoPQDW3CeVH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS84RDk0NzFGNjI5 MDYxMUU1OTNCRkM2MjZDNEY5QUUwMi8zcDFrQVdLUjZpb1c4N2VWYWc5QU5iY0o1 VWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNwMWtBV0tSNmlvVzg3ZVZhZzlBTmJjSjVVYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjU0NzUvOEQ5NDcxRjYyOTA2MTFFNTkzQkZDNjI2QzRGOUFFMDIvMDE3MTA2NEUx RTc1MTFFRkExMzYxMjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBALRD3gwDQYJKoZIhvcNAQELBQADggEBAIIBN0OrNgGildu7 YY2p7URf109YLaCT/fXQySsPYxxnsOjyTZlRqry2ix6wTYZUGcoVLHOqbaOCqIwb 2qVG79sJh6aafBHWdoTKgFJENPubZJMjQaPpUBvg2FR1/oDhfG5WzEIaMFYTZ4O8 41ftk9/MRZacIRAHYV1XNY+WqG4e1pJG1a92moIu5xBZ252OkwoNU+lHqIz//ZBB Q4BN29vtLzHiWf+R4+JYQigA/nJ1xLFlEedmNMWPe2zt5o40rWAlNQ3PV42V0wq7 FnCzINUCvuMctUQDr+BcyQldIqe6MfR009WTruvHAypkiwDE11vPkRwN208AuLc5 4l/oI/A= -----END CERTIFICATE-----Generated at Tue Apr 15 13:25:37 2025 by rpki-client