$ rpki-client -vvf rpki.apnic.net/member_repository/A9148B19/11030AF4855611EC9AB82E21C4F9AE02/920D7BD0549211EFB6D69465C4F9AE02.roa File: 920D7BD0549211EFB6D69465C4F9AE02.roa (raw, json) Hash identifier: aK64LFa4M0NMRqfKHBnnSKArLKJYhxOJFHjuf4xjW94= Subject key identifier: 69:2A:F2:76:3F:EF:0E:CC:93:8F:86:5B:C6:32:7C:6E:DC:41:5D:E8 Certificate issuer: /CN=A9148B19/serialNumber=70D2D06919957C6AA6771CF55DB96FC7EFE789A0 Certificate serial: 0365 Authority key identifier: 70:D2:D0:69:19:95:7C:6A:A6:77:1C:F5:5D:B9:6F:C7:EF:E7:89:A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNLQaRmVfGqmdxz1Xblvx-_niaA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148B19/11030AF4855611EC9AB82E21C4F9AE02/920D7BD0549211EFB6D69465C4F9AE02.roa Signing time: Fri 11 Oct 2024 01:04:46 +0000 ROA not before: Fri 11 Oct 2024 01:04:46 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 10022 IP address blocks: 202.14.20.0/22 maxlen: 22 202.14.24.0/21 maxlen: 21 202.36.8.0/22 maxlen: 22 202.36.8.0/24 maxlen: 24 202.36.9.0/24 maxlen: 24 202.36.10.0/24 maxlen: 24 202.36.11.0/24 maxlen: 24 202.36.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148B19/11030AF4855611EC9AB82E21C4F9AE02/cNLQaRmVfGqmdxz1Xblvx-_niaA.crl rsync://rpki.apnic.net/member_repository/A9148B19/11030AF4855611EC9AB82E21C4F9AE02/cNLQaRmVfGqmdxz1Xblvx-_niaA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNLQaRmVfGqmdxz1Xblvx-_niaA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 869 (0x365) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148B19/serialNumber=70D2D06919957C6AA6771CF55DB96FC7EFE789A0 Validity Not Before: Oct 11 01:04:46 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=670879ad-2d1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:15:2f:fe:f7:07:b3:26:2d:d2:2b:e9:46:72: f9:ac:fb:00:2a:3a:ae:1e:32:10:8a:c0:b2:fa:76: aa:9c:8f:13:b2:b0:79:22:f7:fd:38:2a:4f:0e:8e: 4b:e0:6f:22:61:12:c0:47:7d:1d:cb:83:91:5d:7f: 24:27:75:34:16:3f:ae:d4:b1:19:09:cc:28:be:03: 04:24:03:8e:75:15:47:ba:c9:53:65:e6:c3:ff:b9: 8a:37:48:5c:ac:92:77:72:2d:9b:d6:19:f1:6e:62: 1b:e2:77:e7:8f:90:d1:e5:a9:5e:3a:61:33:e1:a0: e5:29:94:4e:41:f8:af:98:1e:58:e2:f3:42:f0:21: 38:52:b9:bd:dd:b3:43:36:e1:8f:56:09:e5:38:42: c5:af:35:c2:c1:4f:5b:62:c5:eb:22:7a:16:3a:e2: 9a:9f:73:8a:cc:a7:d8:56:49:41:39:cf:db:a0:0a: 9f:43:ca:26:a5:e0:17:a2:f9:81:56:c3:9e:2b:e4: 68:22:35:04:4b:b1:ca:0d:b7:76:73:5a:a8:93:bc: 10:ee:34:ef:c2:a9:e7:c4:7f:15:db:d5:e3:e1:2e: e5:15:4f:35:8a:cb:f8:0b:66:31:2b:24:73:ff:a6: 6a:3b:6c:2b:20:f2:80:f0:63:e2:3e:ed:be:a2:e6: 76:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:2A:F2:76:3F:EF:0E:CC:93:8F:86:5B:C6:32:7C:6E:DC:41:5D:E8 X509v3 Authority Key Identifier: keyid:70:D2:D0:69:19:95:7C:6A:A6:77:1C:F5:5D:B9:6F:C7:EF:E7:89:A0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148B19/11030AF4855611EC9AB82E21C4F9AE02/cNLQaRmVfGqmdxz1Xblvx-_niaA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNLQaRmVfGqmdxz1Xblvx-_niaA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148B19/11030AF4855611EC9AB82E21C4F9AE02/920D7BD0549211EFB6D69465C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.14.20.0-202.14.31.255 202.36.8.0-202.36.12.255 Signature Algorithm: sha256WithRSAEncryption a8:0a:90:27:f0:00:c1:9b:9b:c2:5f:37:1a:96:54:db:d3:6a: ed:15:7f:2f:d3:17:13:e0:8e:b8:d3:52:07:87:e1:d3:2d:34: ff:44:69:5e:22:d3:28:97:66:22:1c:08:c7:05:f4:33:2a:dc: 4a:b1:85:06:5a:63:a3:f4:d7:e8:bb:fc:2a:1e:53:fc:07:33: ea:ae:59:34:12:ae:09:e2:d5:93:13:27:87:1e:b9:23:76:51: 89:48:74:5a:70:ff:4d:2d:e1:45:ce:45:d7:2b:37:24:26:7e: 99:09:e4:a3:34:38:8e:1d:80:4b:df:c8:36:4b:02:87:ca:44: c0:0d:05:54:35:0d:86:14:e9:74:fe:27:f9:5a:88:4a:3d:f1: 38:64:3b:15:19:4e:70:47:91:22:72:00:8f:2e:ea:9d:a9:dd: 51:59:e4:53:18:b6:0c:b9:bd:bc:61:62:90:61:e4:16:9e:df: 42:79:9e:fa:95:2a:8a:df:c6:5b:d8:af:7a:18:f1:71:ca:0a: e0:55:ad:6b:d4:17:1d:24:c1:f3:33:b8:12:b4:e8:e3:41:08: b7:94:d4:dd:35:c6:4e:c2:ac:94:03:3c:39:23:61:20:69:67: 22:62:54:f7:73:fa:ca:30:b1:58:4d:d7:52:ac:76:b4:f1:c3: 84:9f:d0:ba -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICA2UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhCMTkxMTAvBgNVBAUTKDcwRDJEMDY5MTk5NTdDNkFBNjc3MUNGNTVEQjk2RkM3 RUZFNzg5QTAwHhcNMjQxMDExMDEwNDQ2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzA4NzlhZC0yZDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvxUv/vcHsyYt0ivpRnL5rPsAKjquHjIQisCy+naqnI8TsrB5Ivf9OCpPDo5L 4G8iYRLAR30dy4ORXX8kJ3U0Fj+u1LEZCcwovgMEJAOOdRVHuslTZebD/7mKN0hc rJJ3ci2b1hnxbmIb4nfnj5DR5aleOmEz4aDlKZROQfivmB5Y4vNC8CE4Urm93bND NuGPVgnlOELFrzXCwU9bYsXrInoWOuKan3OKzKfYVklBOc/boAqfQ8ompeAXovmB VsOeK+RoIjUES7HKDbd2c1qok7wQ7jTvwqnnxH8V29Xj4S7lFU81isv4C2YxKyRz /6ZqO2wrIPKA8GPiPu2+ouZ2owIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGkq8nY/ 7w7Mk4+GW8YyfG7cQV3oMB8GA1UdIwQYMBaAFHDS0GkZlXxqpncc9V25b8fv54mg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEIxOS8xMTAzMEFGNDg1 NTYxMUVDOUFCODJFMjFDNEY5QUUwMi9jTkxRYVJtVmZHcW1keHoxWGJsdngtX25p YUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NOTFFhUm1WZkdxbWR4ejFYYmx2eC1fbmlhQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDhCMTkvMTEwMzBBRjQ4NTU2MTFFQzlBQjgyRTIxQzRGOUFFMDIvOTIwRDdCRDA1 NDkyMTFFRkI2RDY5NDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMCIEAgABMBwwDAMEAsoOFAMEBcoOADAMAwQDyiQIAwQAyiQMMA0GCSqGSIb3 DQEBCwUAA4IBAQCoCpAn8ADBm5vCXzcallTb02rtFX8v0xcT4I6401IHh+HTLTT/ RGleItMol2YiHAjHBfQzKtxKsYUGWmOj9Nfou/wqHlP8BzPqrlk0Eq4J4tWTEyeH HrkjdlGJSHRacP9NLeFFzkXXKzckJn6ZCeSjNDiOHYBL38g2SwKHykTADQVUNQ2G FOl0/if5WohKPfE4ZDsVGU5wR5EicgCPLuqdqd1RWeRTGLYMub28YWKQYeQWnt9C eZ76lSqK38Zb2K96GPFxygrgVa1r1BcdJMHzM7gStOjjQQi3lNTdNcZOwqyUAzw5 I2EgaWciYlT3c/rKMLFYTddSrHa08cOEn9C6 -----END CERTIFICATE-----Generated at Sat Nov 23 01:27:21 2024 by rpki-client on console-ams.rpki-client.org