$ rpki-client -vvf rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/BE4B3228691411EFB573C120C4F9AE02.roa File: BE4B3228691411EFB573C120C4F9AE02.roa (raw, json) Hash identifier: OxIcyIjk9Gk2KhW91nK/PytcA5/iC82ufXWQaqLwD7c= Subject key identifier: 1B:39:57:97:4B:A7:48:02:E7:E9:1B:F3:29:1F:CD:FF:60:E9:18:0B Certificate issuer: /CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570 Certificate serial: 02A1 Authority key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/BE4B3228691411EFB573C120C4F9AE02.roa Signing time: Tue 03 Sep 2024 05:20:24 +0000 ROA not before: Tue 03 Sep 2024 05:20:24 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 150703 IP address blocks: 202.148.176.0/24 maxlen: 24 202.148.185.0/24 maxlen: 24 202.148.186.0/24 maxlen: 24 202.148.188.0/24 maxlen: 24 2400:cd00:1051::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 01:12:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 673 (0x2a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570 Validity Not Before: Sep 3 05:20:24 2024 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=66d69c98-1703 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:a5:42:8d:02:5e:f9:3f:16:f4:63:75:56:c7: 09:b4:61:78:9e:a8:0b:a1:3f:aa:e3:d3:9a:13:da: 9f:15:54:06:62:11:69:c1:1e:ae:6b:fa:90:0f:0b: c5:33:48:d8:05:44:4f:61:98:6f:d2:df:3a:c3:65: a1:af:af:58:a9:2e:e9:32:9f:f5:3a:ae:5e:38:00: 2f:d2:8c:22:47:1e:c1:e1:ec:de:95:c6:e6:5e:28: c7:c2:8e:1a:8c:f9:22:6a:70:18:39:aa:ca:f9:c0: 0f:1a:f1:4e:a2:b3:23:39:8f:86:b5:52:05:6c:ee: f1:90:76:0d:89:60:d1:92:fd:b1:32:cc:b2:af:8e: 93:91:46:8f:d4:d3:39:d4:7c:19:74:60:cd:d1:01: 07:1d:c2:26:d3:4f:04:f3:d1:19:4b:3f:35:ec:e6: 69:65:13:ec:c3:65:5f:b0:f3:b6:b2:33:e5:b3:c2: d6:a2:16:72:f3:b5:e3:d5:6e:40:7f:04:46:64:8a: 1c:b6:dc:8c:0a:7e:3f:70:08:59:ab:ee:ed:6e:c5: d9:60:fa:e9:98:c1:90:f5:de:73:70:3b:ba:bb:56: f9:5f:fd:1e:29:96:12:41:7b:b1:10:2e:f2:a5:39: 8e:9d:04:37:7c:59:eb:6e:30:4e:f2:83:d5:b2:f3: d7:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:39:57:97:4B:A7:48:02:E7:E9:1B:F3:29:1F:CD:FF:60:E9:18:0B X509v3 Authority Key Identifier: keyid:84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/BE4B3228691411EFB573C120C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.148.176.0/24 202.148.185.0-202.148.186.255 202.148.188.0/24 IPv6: 2400:cd00:1051::/48 Signature Algorithm: sha256WithRSAEncryption 9b:cb:9d:02:0e:97:36:c0:a7:f4:bd:58:48:b2:ac:76:07:04: 28:ce:0d:00:34:1e:f4:a0:9b:51:3d:d8:4d:58:6d:0c:4f:d6: 4e:2f:8d:c8:00:61:1f:07:84:22:ed:21:86:cf:b2:6d:13:44: 8b:d9:70:16:56:08:06:3e:64:d5:fb:59:53:8c:9c:40:12:a8: 06:48:7a:05:12:b6:61:27:9a:98:ae:c2:e7:6a:96:d8:8b:51: 69:b5:e3:b5:00:33:ea:02:a3:64:f1:29:b5:74:89:68:05:a2: d3:b2:91:bd:4c:dd:39:1a:dd:1c:c7:06:5c:13:30:e4:bf:2f: ea:ec:94:a8:c6:bb:90:19:92:14:15:a4:ad:67:6a:15:9f:aa: d6:c2:97:53:1a:b0:5a:ea:e4:d8:df:7e:23:a5:c4:7c:b2:8f: 6d:fb:dd:b1:02:d7:35:df:65:33:95:20:c0:82:8e:29:42:76: a4:17:7b:ea:0a:45:f4:95:06:fb:a1:79:70:e5:86:38:74:d6: 43:7f:ef:cf:f8:c6:62:97:e9:93:1a:96:88:e3:75:f6:be:3a: 8d:35:f6:0d:80:a5:17:a0:ad:68:71:84:a5:2a:ca:b0:12:c4: a7:78:0b:10:4e:de:85:4b:34:a6:e9:38:99:f4:f3:df:ab:87: 4f:a9:6e:65 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICAqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5QjJDMkE4MTFG NUMyMDE1NzAwHhcNMjQwOTAzMDUyMDI0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmQ2OWM5OC0xNzAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2aVCjQJe+T8W9GN1VscJtGF4nqgLoT+q49OaE9qfFVQGYhFpwR6ua/qQDwvF M0jYBURPYZhv0t86w2Whr69YqS7pMp/1Oq5eOAAv0owiRx7B4ezelcbmXijHwo4a jPkianAYOarK+cAPGvFOorMjOY+GtVIFbO7xkHYNiWDRkv2xMsyyr46TkUaP1NM5 1HwZdGDN0QEHHcIm008E89EZSz817OZpZRPsw2VfsPO2sjPls8LWohZy87Xj1W5A fwRGZIocttyMCn4/cAhZq+7tbsXZYPrpmMGQ9d5zcDu6u1b5X/0eKZYSQXuxEC7y pTmOnQQ3fFnrbjBO8oPVsvPXPQIDAQABo4ICujCCArYwHQYDVR0OBBYEFBs5V5dL p0gC5+kb8ykfzf9g6RgLMB8GA1UdIwQYMBaAFISFo57WtiEo7fT5mywqgR9cIBVw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDQyQS8yMEYyQ0IwMEVC OUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRhMklTanQ5UG1iTENxQkgxd2dG WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hJV2pudGEySVNqdDlQbWJMQ3FCSDF3Z0ZYQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjQ0MkEvMjBGMkNCMDBFQjlDMTFFQ0E2ODIxMjBDQzRGOUFFMDIvQkU0QjMyMjg2 OTE0MTFFRkI1NzNDMTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMCAEAgABMBoDBADKlLAwDAMEAMqUuQMEAMqUugMEAMqUvDAPBAIAAjAJAwcA JADNABBRMA0GCSqGSIb3DQEBCwUAA4IBAQCby50CDpc2wKf0vVhIsqx2BwQozg0A NB70oJtRPdhNWG0MT9ZOL43IAGEfB4Qi7SGGz7JtE0SL2XAWVggGPmTV+1lTjJxA EqgGSHoFErZhJ5qYrsLnapbYi1FpteO1ADPqAqNk8Sm1dIloBaLTspG9TN05Gt0c xwZcEzDkvy/q7JSoxruQGZIUFaStZ2oVn6rWwpdTGrBa6uTY334jpcR8so9t+92x Atc132UzlSDAgo4pQnakF3vqCkX0lQb7oXlw5YY4dNZDf+/P+MZil+mTGpaI43X2 vjqNNfYNgKUXoK1ocYSlKsqwEsSneAsQTt6FSzSm6TiZ9PPfq4dPqW5l -----END CERTIFICATE-----Generated at Sat Nov 23 03:58:35 2024 by rpki-client on console-ams.rpki-client.org