$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/CB7AF50802CC11E6AA35863CC4F9AE02.roa File: CB7AF50802CC11E6AA35863CC4F9AE02.roa (raw, json) Hash identifier: n7pXi66lxgmnVUzRCaGjU+Jyqvcaobv+LRa6sWK36IE= Subject key identifier: EF:BF:CD:AE:62:0E:6D:D9:02:CF:3B:B9:B0:BD:4A:26:F3:A7:88:A1 Certificate issuer: /CN=A9146207/serialNumber=9E668E6E67BAD0ACF940A228C4BC093B8B24002B Certificate serial: 2408 Authority key identifier: 9E:66:8E:6E:67:BA:D0:AC:F9:40:A2:28:C4:BC:09:3B:8B:24:00:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/CB7AF50802CC11E6AA35863CC4F9AE02.roa Signing time: Fri 26 Jul 2024 16:33:42 +0000 ROA not before: Fri 26 Jul 2024 16:33:42 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 38445 IP address blocks: 120.28.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.crl rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 15:58:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9224 (0x2408) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9146207/serialNumber=9E668E6E67BAD0ACF940A228C4BC093B8B24002B Validity Not Before: Jul 26 16:33:42 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66a3cfe5-a7e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:87:ce:34:2f:70:dc:77:77:e5:06:c6:2f:cf: d9:3f:16:c3:4a:4f:ce:ba:0c:54:3d:4f:f7:ae:20: 87:40:f0:95:6a:8a:83:08:97:4b:4f:51:d5:a9:7f: f9:3d:fa:1d:b0:50:ab:f9:1d:d1:5f:96:5b:a7:a3: 1e:ce:70:5e:b5:d4:87:4b:cb:5a:d8:8e:47:32:0f: cc:71:81:d3:13:cb:f4:88:2f:77:99:53:5a:8c:a7: fa:fe:6c:86:66:49:66:42:1d:44:36:41:34:96:c2: e7:8c:cb:28:05:44:26:4d:47:db:8a:8f:81:33:7c: d6:b4:34:8c:c8:18:7d:52:3a:be:59:9e:53:dd:ef: 34:21:51:2d:06:07:b9:86:41:2d:ed:df:2b:11:67: 6b:43:04:de:61:89:89:26:25:c5:6c:02:67:99:bf: 07:6e:68:6b:11:35:42:2a:97:05:05:ca:42:65:6e: fc:17:7d:25:c5:4d:b5:5e:51:ac:fd:f3:e7:1a:f4: a0:a9:b0:c5:db:52:eb:37:77:56:f0:39:b8:70:b5: 7e:a0:af:c4:08:a1:65:7e:e1:e0:04:3b:74:cd:c3: 49:0c:ae:95:fc:57:31:03:2e:34:c9:2c:1f:4f:ad: a6:4b:43:0c:f8:db:8b:2c:33:d6:04:58:00:7b:97: b2:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:BF:CD:AE:62:0E:6D:D9:02:CF:3B:B9:B0:BD:4A:26:F3:A7:88:A1 X509v3 Authority Key Identifier: keyid:9E:66:8E:6E:67:BA:D0:AC:F9:40:A2:28:C4:BC:09:3B:8B:24:00:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/CB7AF50802CC11E6AA35863CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.28.21.0/24 Signature Algorithm: sha256WithRSAEncryption 25:f4:2b:aa:09:08:8c:f6:b9:2d:b3:c7:bb:53:90:e9:f6:1e: ac:04:1b:5a:5c:7a:63:95:5f:b0:c6:bf:31:5a:47:1e:1f:2c: a6:01:09:46:90:c8:65:fa:14:b6:d0:6e:55:79:31:a9:01:99: ef:59:55:f6:92:a6:ed:7a:34:e0:81:2d:0f:cc:4b:f6:50:65: 60:84:42:65:16:6b:69:73:73:d6:60:08:10:c3:e8:fe:e8:f2: df:70:e6:3c:df:10:ce:30:05:ab:d4:63:ab:c3:fc:62:3a:8f: cf:e9:c7:5b:f4:02:bc:36:a0:14:ff:d0:f8:d4:ab:97:18:e3: dd:31:02:9d:fc:6e:3e:64:46:74:da:10:ee:ad:80:5f:ed:fd: 18:d8:fb:c5:c5:b7:a3:e2:14:75:b5:b3:1a:91:5f:2d:58:d9: 36:f0:03:16:ce:51:dd:5c:2a:a3:c0:4f:12:6f:a7:9c:4d:10: 9e:7a:87:0f:48:0a:a3:bf:d8:48:6f:97:09:35:b0:cc:a7:79: e1:43:2e:4b:88:73:64:de:d3:80:d7:63:4f:9c:37:5f:e4:a9: 41:c4:b2:ac:0b:26:3a:ac:cb:8f:13:25:1c:05:c5:bb:21:87: b2:27:21:ac:ad:4a:3c:8b:1d:4a:e6:ee:a1:4e:1e:bb:2c:11: 0c:71:db:03 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICJAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDYyMDcxMTAvBgNVBAUTKDlFNjY4RTZFNjdCQUQwQUNGOTQwQTIyOEM0QkMwOTNC OEIyNDAwMkIwHhcNMjQwNzI2MTYzMzQyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmEzY2ZlNS1hN2U5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArYfONC9w3Hd35QbGL8/ZPxbDSk/OugxUPU/3riCHQPCVaoqDCJdLT1HVqX/5 PfodsFCr+R3RX5Zbp6MeznBetdSHS8ta2I5HMg/McYHTE8v0iC93mVNajKf6/myG ZklmQh1ENkE0lsLnjMsoBUQmTUfbio+BM3zWtDSMyBh9Ujq+WZ5T3e80IVEtBge5 hkEt7d8rEWdrQwTeYYmJJiXFbAJnmb8HbmhrETVCKpcFBcpCZW78F30lxU21XlGs /fPnGvSgqbDF21LrN3dW8Dm4cLV+oK/ECKFlfuHgBDt0zcNJDK6V/FcxAy40ySwf T62mS0MM+NuLLDPWBFgAe5eyGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFO+/za5i Dm3ZAs87ubC9Sibzp4ihMB8GA1UdIwQYMBaAFJ5mjm5nutCs+UCiKMS8CTuLJAAr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy9GRTc1NjM0MDAy Q0IxMUU2ODY1QjhGM0JDNEY5QUUwMi9ubWFPYm1lNjBLejVRS0lveEx3Sk80c2tB Q3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25tYU9ibWU2MEt6NVFLSW94THdKTzRza0FDcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDYyMDcvRkU3NTYzNDAwMkNCMTFFNjg2NUI4RjNCQzRGOUFFMDIvQ0I3QUY1MDgw MkNDMTFFNkFBMzU4NjNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAB4HBUwDQYJKoZIhvcNAQELBQADggEBACX0K6oJCIz2uS2z x7tTkOn2HqwEG1pcemOVX7DGvzFaRx4fLKYBCUaQyGX6FLbQblV5MakBme9ZVfaS pu16NOCBLQ/MS/ZQZWCEQmUWa2lzc9ZgCBDD6P7o8t9w5jzfEM4wBavUY6vD/GI6 j8/px1v0Arw2oBT/0PjUq5cY490xAp38bj5kRnTaEO6tgF/t/RjY+8XFt6PiFHW1 sxqRXy1Y2TbwAxbOUd1cKqPATxJvp5xNEJ56hw9ICqO/2Ehvlwk1sMyneeFDLkuI c2Te04DXY0+cN1/kqUHEsqwLJjqsy48TJRwFxbshh7InIaytSjyLHUrm7qFOHrss EQxx2wM= -----END CERTIFICATE-----Generated at Fri Nov 22 17:55:43 2024 by rpki-client on console-fra.rpki-client.org