$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/14BC2D3ACCAA11EA9E95D81BC4F9AE02.roa File: 14BC2D3ACCAA11EA9E95D81BC4F9AE02.roa (raw, json) Hash identifier: 98329fqq1rcM5a5i1jzq2lGAM+aRICAqy7c3vDm1V6Q= Subject key identifier: A7:F2:86:2A:CE:B9:CE:99:C2:B7:59:4F:6A:9F:71:F2:9C:18:97:5E Certificate issuer: /CN=A9146207/serialNumber=9E668E6E67BAD0ACF940A228C4BC093B8B24002B Certificate serial: 227B Authority key identifier: 9E:66:8E:6E:67:BA:D0:AC:F9:40:A2:28:C4:BC:09:3B:8B:24:00:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/14BC2D3ACCAA11EA9E95D81BC4F9AE02.roa Signing time: Thu 20 Jul 2023 16:12:58 +0000 ROA not before: Thu 20 Jul 2023 16:12:58 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 18190 IP address blocks: 120.28.15.0/24 maxlen: 24 120.28.56.0/24 maxlen: 24 124.6.146.0/24 maxlen: 24 222.127.129.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.crl rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 16:30:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8827 (0x227b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9146207/serialNumber=9E668E6E67BAD0ACF940A228C4BC093B8B24002B Validity Not Before: Jul 20 16:12:58 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=64b95d0a-1a3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:5e:52:26:57:3d:22:19:b5:ff:5b:c4:98:9f: 64:c0:4e:3d:63:1d:13:67:d9:d7:8d:d1:c7:45:af: 8b:f4:d4:88:fd:ef:f8:76:0a:cd:80:b8:6a:9c:98: 0c:76:7e:9a:08:33:cb:fa:69:4c:c3:cc:64:95:09: d2:ce:8c:ba:b8:42:54:4c:fa:ab:8d:79:05:99:b5: dc:06:6f:29:82:f1:cd:44:3b:a7:b1:0a:9a:08:bf: 29:d4:c6:8f:e5:b1:e1:9e:a7:6a:5e:df:25:a0:f6: bb:d4:e0:de:ac:fa:64:70:59:e8:91:60:96:23:56: 61:c2:66:1c:bd:1a:4d:45:b2:79:f5:ed:5e:b6:3d: d9:a0:08:8f:07:21:7c:2f:46:77:c6:e8:26:a5:19: ff:ee:89:45:49:1a:8d:ff:0c:d2:b8:4b:e3:dc:59: d8:3e:a6:c6:63:d9:db:ee:08:18:c9:0f:55:4d:a2: 93:22:23:97:7d:4b:f4:3d:d8:ef:fb:c5:7c:c3:d0: dc:7d:71:6f:12:5d:81:bf:9a:59:39:19:74:cd:a7: 7c:a2:93:73:bc:8f:b7:fe:c2:05:fa:c8:91:51:b2: 7c:30:37:e7:6e:05:35:79:e1:e6:b8:b6:81:ba:11: e7:9c:6f:dc:f4:32:1f:cd:ba:91:5d:87:82:33:4a: 5a:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:F2:86:2A:CE:B9:CE:99:C2:B7:59:4F:6A:9F:71:F2:9C:18:97:5E X509v3 Authority Key Identifier: keyid:9E:66:8E:6E:67:BA:D0:AC:F9:40:A2:28:C4:BC:09:3B:8B:24:00:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/14BC2D3ACCAA11EA9E95D81BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.28.15.0/24 120.28.56.0/24 124.6.146.0/24 222.127.129.0/24 Signature Algorithm: sha256WithRSAEncryption 0c:93:6f:4e:3a:e0:83:b3:1c:43:e6:7c:85:e6:82:61:90:68: 12:bf:a0:e5:aa:ec:e2:a9:03:08:89:09:97:82:39:f6:2f:bb: 1e:f5:50:96:cf:73:1b:76:34:28:ae:03:a2:a8:f6:31:fd:7d: 37:e4:e6:0a:ab:d7:3a:59:51:14:5a:e1:6c:6a:f7:ce:d6:ed: ac:bd:33:89:fe:3c:a4:8d:a8:e3:09:fb:0e:b1:f8:ca:ed:0e: 77:ef:2d:d5:5d:75:04:1b:16:38:49:12:e0:ee:32:8a:b1:1b: 25:f0:b8:8d:a5:92:31:96:ea:eb:1e:56:b7:30:08:1a:99:32: 4b:d2:0c:d3:63:d3:9e:30:23:c9:48:e2:94:b0:c7:57:75:b8: d8:65:97:96:e7:9a:1b:4f:e7:8b:57:51:7a:23:e3:f8:b6:9c: dd:4c:5f:3a:1c:75:5f:a0:fe:f5:de:74:37:37:87:f4:47:d0: 8c:5d:3c:66:2e:cd:11:57:29:47:3c:13:20:0c:ec:72:15:8e: 01:84:4e:bf:ea:23:58:6e:be:46:b4:dc:f1:5e:35:f6:16:b5: f5:ac:1d:d0:c6:e5:fb:e1:13:b0:e1:06:03:28:95:12:f8:82: 3b:b5:4c:45:c8:f5:80:89:92:87:5c:19:2d:1a:b7:37:e9:44: e2:5a:f7:5e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICInswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDYyMDcxMTAvBgNVBAUTKDlFNjY4RTZFNjdCQUQwQUNGOTQwQTIyOEM0QkMwOTNC OEIyNDAwMkIwHhcNMjMwNzIwMTYxMjU4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NGI5NWQwYS0xYTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs15SJlc9Ihm1/1vEmJ9kwE49Yx0TZ9nXjdHHRa+L9NSI/e/4dgrNgLhqnJgM dn6aCDPL+mlMw8xklQnSzoy6uEJUTPqrjXkFmbXcBm8pgvHNRDunsQqaCL8p1MaP 5bHhnqdqXt8loPa71ODerPpkcFnokWCWI1ZhwmYcvRpNRbJ59e1etj3ZoAiPByF8 L0Z3xugmpRn/7olFSRqN/wzSuEvj3FnYPqbGY9nb7ggYyQ9VTaKTIiOXfUv0Pdjv +8V8w9DcfXFvEl2Bv5pZORl0zad8opNzvI+3/sIF+siRUbJ8MDfnbgU1eeHmuLaB uhHnnG/c9DIfzbqRXYeCM0pa3wIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFKfyhirO uc6ZwrdZT2qfcfKcGJdeMB8GA1UdIwQYMBaAFJ5mjm5nutCs+UCiKMS8CTuLJAAr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy9GRTc1NjM0MDAy Q0IxMUU2ODY1QjhGM0JDNEY5QUUwMi9ubWFPYm1lNjBLejVRS0lveEx3Sk80c2tB Q3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25tYU9ibWU2MEt6NVFLSW94THdKTzRza0FDcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDYyMDcvRkU3NTYzNDAwMkNCMTFFNjg2NUI4RjNCQzRGOUFFMDIvMTRCQzJEM0FD Q0FBMTFFQTlFOTVEODFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAB4HA8DBAB4HDgDBAB8BpIDBADef4EwDQYJKoZIhvcNAQEL BQADggEBAAyTb0464IOzHEPmfIXmgmGQaBK/oOWq7OKpAwiJCZeCOfYvux71UJbP cxt2NCiuA6Ko9jH9fTfk5gqr1zpZURRa4Wxq987W7ay9M4n+PKSNqOMJ+w6x+Mrt DnfvLdVddQQbFjhJEuDuMoqxGyXwuI2lkjGW6useVrcwCBqZMkvSDNNj054wI8lI 4pSwx1d1uNhll5bnmhtP54tXUXoj4/i2nN1MXzocdV+g/vXedDc3h/RH0IxdPGYu zRFXKUc8EyAM7HIVjgGETr/qI1huvka03PFeNfYWtfWsHdDG5fvhE7DhBgMolRL4 gju1TEXI9YCJkodcGS0atzfpROJa914= -----END CERTIFICATE-----Generated at Fri May 31 17:44:23 2024 by rpki-client on console-fra.rpki-client.org