$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/DFBA3AD2555611E7A82D327CC4F9AE02.roa File: DFBA3AD2555611E7A82D327CC4F9AE02.roa (raw, json) Hash identifier: AITRCg2vjnVWNYtFs2RtxbI+uUU9ZjuERKnWghkFVBY= Subject key identifier: 87:03:0B:01:EB:5F:21:84:32:C5:0C:4F:60:C0:7C:29:26:47:E3:3A Certificate issuer: /CN=A9146207/serialNumber=9E668E6E67BAD0ACF940A228C4BC093B8B24002B Certificate serial: 2402 Authority key identifier: 9E:66:8E:6E:67:BA:D0:AC:F9:40:A2:28:C4:BC:09:3B:8B:24:00:2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/DFBA3AD2555611E7A82D327CC4F9AE02.roa Signing time: Fri 26 Jul 2024 16:33:36 +0000 ROA not before: Fri 26 Jul 2024 16:33:36 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 23689 IP address blocks: 120.28.28.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.crl rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 15:52:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9218 (0x2402) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9146207/serialNumber=9E668E6E67BAD0ACF940A228C4BC093B8B24002B Validity Not Before: Jul 26 16:33:36 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66a3cfe0-f69e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:5a:07:b4:71:57:90:ae:f1:fd:0b:d8:a4:b3: dc:d9:1d:cd:04:d7:73:eb:11:9d:3c:e1:77:ea:62: 0e:14:5a:da:d7:cf:bf:c5:bb:16:14:f5:a8:db:e7: 81:a5:4b:fa:c3:6e:e3:59:37:5e:fa:e8:24:4a:3a: cb:4f:dc:2f:77:ef:94:8d:da:7e:62:04:22:e0:0a: 16:15:0b:2d:40:a9:6e:33:f2:9e:ff:d9:68:b8:78: 52:37:60:32:13:c5:1b:66:cd:43:be:fd:20:f3:06: 26:6e:62:e5:31:b4:4f:33:88:19:ba:57:1a:07:88: 83:39:84:41:50:d6:c8:05:80:27:38:75:69:fa:67: fa:f7:4b:19:96:a7:a0:1f:ec:cb:7e:a6:f6:3b:7b: 79:1c:ab:b1:1f:fb:5d:a0:5e:2b:c8:a8:4d:da:16: 6c:70:7d:b8:5c:74:e1:e5:e4:fd:0f:12:4b:5b:19: ec:93:86:e7:19:6b:83:ee:3d:00:64:4c:2d:42:aa: c2:f7:04:f9:ac:cb:ff:73:db:5c:9e:f7:3e:34:94: c2:93:2e:f4:f8:72:b4:d4:32:09:d6:cd:92:68:01: 41:42:2f:f8:a4:15:94:f2:76:bd:fa:6f:c3:c3:a5: a8:e1:e6:d5:1b:23:78:4d:d4:dc:2c:d2:fe:f2:7d: c3:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:03:0B:01:EB:5F:21:84:32:C5:0C:4F:60:C0:7C:29:26:47:E3:3A X509v3 Authority Key Identifier: keyid:9E:66:8E:6E:67:BA:D0:AC:F9:40:A2:28:C4:BC:09:3B:8B:24:00:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/DFBA3AD2555611E7A82D327CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.28.28.0/23 Signature Algorithm: sha256WithRSAEncryption bd:71:74:ee:66:a7:35:00:11:a6:d5:77:45:12:98:b4:eb:55: db:e7:73:af:e0:f4:17:7d:48:fd:c0:c7:a5:7c:55:ca:75:a1: df:ca:8e:bb:fd:99:62:f1:f9:bd:29:f1:25:91:12:07:e7:1f: dd:3e:75:76:89:e5:14:c2:d8:c2:9e:19:c8:1a:20:d4:2d:ba: 27:04:71:5d:47:b8:bf:46:7d:6c:86:8a:f1:54:9f:9c:95:83: 58:08:92:4f:2f:41:bd:11:c0:7b:7c:32:46:89:7c:76:b4:56: 68:fb:23:0d:b9:8a:03:9d:2c:b9:e1:b9:84:15:07:5d:69:da: 23:8f:49:82:fb:5f:48:97:b3:8a:db:22:2f:25:9d:a3:50:5f: 58:66:b4:d4:6b:36:93:01:85:de:b1:6f:e9:1e:c3:36:62:ed: b2:d7:e2:06:cc:91:9e:44:73:70:ef:ba:17:92:06:5c:36:7e: 1b:8c:2f:42:6e:cf:38:59:84:7a:b4:be:2a:d0:2d:d0:f8:64: a7:86:d4:70:e1:45:ed:8d:ec:d3:e1:49:76:35:01:4a:fa:3a: 65:59:03:9a:c2:01:b5:6a:9e:aa:8f:6e:6d:b7:71:83:ef:5f: cb:45:1d:e6:ea:24:a5:59:90:25:68:67:f5:4e:b7:06:66:73: d1:0f:6e:a4 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICJAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDYyMDcxMTAvBgNVBAUTKDlFNjY4RTZFNjdCQUQwQUNGOTQwQTIyOEM0QkMwOTNC OEIyNDAwMkIwHhcNMjQwNzI2MTYzMzM2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmEzY2ZlMC1mNjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArFoHtHFXkK7x/QvYpLPc2R3NBNdz6xGdPOF36mIOFFra18+/xbsWFPWo2+eB pUv6w27jWTde+ugkSjrLT9wvd++Ujdp+YgQi4AoWFQstQKluM/Ke/9louHhSN2Ay E8UbZs1Dvv0g8wYmbmLlMbRPM4gZulcaB4iDOYRBUNbIBYAnOHVp+mf690sZlqeg H+zLfqb2O3t5HKuxH/tdoF4ryKhN2hZscH24XHTh5eT9DxJLWxnsk4bnGWuD7j0A ZEwtQqrC9wT5rMv/c9tcnvc+NJTCky70+HK01DIJ1s2SaAFBQi/4pBWU8na9+m/D w6Wo4ebVGyN4TdTcLNL+8n3DKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIcDCwHr XyGEMsUMT2DAfCkmR+M6MB8GA1UdIwQYMBaAFJ5mjm5nutCs+UCiKMS8CTuLJAAr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy9GRTc1NjM0MDAy Q0IxMUU2ODY1QjhGM0JDNEY5QUUwMi9ubWFPYm1lNjBLejVRS0lveEx3Sk80c2tB Q3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25tYU9ibWU2MEt6NVFLSW94THdKTzRza0FDcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDYyMDcvRkU3NTYzNDAwMkNCMTFFNjg2NUI4RjNCQzRGOUFFMDIvREZCQTNBRDI1 NTU2MTFFN0E4MkQzMjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAF4HBwwDQYJKoZIhvcNAQELBQADggEBAL1xdO5mpzUAEabV d0USmLTrVdvnc6/g9Bd9SP3Ax6V8Vcp1od/Kjrv9mWLx+b0p8SWREgfnH90+dXaJ 5RTC2MKeGcgaINQtuicEcV1HuL9GfWyGivFUn5yVg1gIkk8vQb0RwHt8MkaJfHa0 Vmj7Iw25igOdLLnhuYQVB11p2iOPSYL7X0iXs4rbIi8lnaNQX1hmtNRrNpMBhd6x b+kewzZi7bLX4gbMkZ5Ec3DvuheSBlw2fhuML0JuzzhZhHq0virQLdD4ZKeG1HDh Re2N7NPhSXY1AUr6OmVZA5rCAbVqnqqPbm23cYPvX8tFHebqJKVZkCVoZ/VOtwZm c9EPbqQ= -----END CERTIFICATE-----Generated at Sun Nov 24 18:24:09 2024 by rpki-client on console-ams.rpki-client.org