$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/50550748066011EEA5F59657C4F9AE02.roa File: 50550748066011EEA5F59657C4F9AE02.roa (raw, json) Hash identifier: lTv1K6i1/5+D8bjoEZFgJKtEtbQMReGPUUpdBqUUWmI= Subject key identifier: E7:08:6D:25:BF:E4:7B:A2:D6:C3:14:5E:71:6F:0D:78:82:54:F4:66 Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Certificate serial: 1E2E Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/50550748066011EEA5F59657C4F9AE02.roa Signing time: Fri 20 Sep 2024 16:35:02 +0000 ROA not before: Fri 20 Sep 2024 16:35:02 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 58466 IP address blocks: 121.14.0.0/19 maxlen: 19 121.14.32.0/22 maxlen: 22 121.14.36.0/22 maxlen: 22 121.14.40.0/21 maxlen: 21 121.14.48.0/20 maxlen: 20 121.14.64.0/21 maxlen: 21 121.14.192.0/20 maxlen: 20 125.88.31.0/24 maxlen: 24 125.88.64.0/23 maxlen: 23 125.88.168.0/21 maxlen: 21 125.94.32.0/19 maxlen: 19 125.94.212.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:14:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7726 (0x1e2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Validity Not Before: Sep 20 16:35:02 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66eda436-bca5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:1d:af:be:f5:18:98:b2:d4:a5:b4:ba:c3:5a: 10:d7:16:39:44:3d:e8:0e:37:df:2a:25:09:ba:a0: 10:6c:aa:e1:5f:37:b0:dc:a1:14:99:0f:a8:75:3b: 6f:e2:27:99:be:a1:0b:be:b3:c6:8f:ac:30:5e:a5: 0e:64:a4:b5:0d:98:55:15:77:cb:99:c7:db:28:c8: 93:fa:b6:fd:df:62:fd:e0:5c:e9:80:79:0e:bd:53: 62:97:f7:65:ac:7b:9b:47:37:3f:d3:db:a4:cb:40: 38:80:80:74:58:2f:05:79:fb:be:be:42:09:1f:92: 76:c4:74:94:c5:6e:b3:cb:79:89:23:a4:25:14:a5: c9:0e:4e:d1:f4:2e:c7:09:e1:8e:c4:35:10:c7:29: cb:8b:19:1c:0e:5c:da:d0:ac:76:6a:e0:3b:e1:fe: 1f:de:8f:e5:e3:57:9d:f2:9d:af:3d:a8:68:d9:c7: 57:b0:09:eb:ce:17:c5:fb:42:94:f0:24:ac:b5:8a: ad:29:b4:47:a2:48:1a:66:26:14:e8:e5:cd:27:99: 31:22:5a:0c:49:c6:e1:2a:1c:03:42:f6:28:6f:f9: 8e:ae:82:58:d6:13:80:cf:46:81:da:61:fb:bf:70: f2:41:16:36:a0:ab:ff:6d:fa:3e:de:8a:55:03:85: 50:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:08:6D:25:BF:E4:7B:A2:D6:C3:14:5E:71:6F:0D:78:82:54:F4:66 X509v3 Authority Key Identifier: keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/50550748066011EEA5F59657C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 121.14.0.0-121.14.71.255 121.14.192.0/20 125.88.31.0/24 125.88.64.0/23 125.88.168.0/21 125.94.32.0/19 125.94.212.0/22 Signature Algorithm: sha256WithRSAEncryption 94:06:7a:ca:e8:f8:4d:ad:6c:22:fa:ac:84:ee:a8:3d:8f:1a: c5:ea:bf:e8:29:db:9b:b0:39:7a:6f:c2:56:62:54:b2:fe:9c: 01:e1:82:74:96:bd:f7:d3:c0:e7:0b:96:93:57:ed:59:d6:0d: b2:b0:8a:eb:e6:b4:cc:78:89:9f:1b:90:3a:89:d7:a2:32:e0: 4a:b0:e0:36:e9:35:f0:37:5b:78:5c:b7:73:9e:b9:63:18:41: ce:e3:44:ea:67:26:d4:94:07:d9:25:ec:a2:47:16:05:c8:84: 95:0d:6a:94:5f:53:5d:b2:45:86:02:d0:e9:b6:28:73:3b:4a: cb:5f:d4:fd:9d:12:c5:01:82:2f:72:3f:a2:e6:8e:07:41:4a: a4:a7:c5:72:e6:21:3a:76:08:51:fb:39:d1:d4:0d:bd:9d:54: 47:81:e0:c3:fe:18:87:52:1c:53:d5:b3:4c:55:11:0c:4b:5c: fb:64:27:fa:2e:0f:32:2d:6f:e6:22:cd:a2:9b:a7:e9:36:8b: f2:e8:6c:92:19:5c:48:61:e1:b4:0d:d6:71:8b:9c:2f:14:dc: 03:7a:6b:f3:49:f1:d3:d6:45:0d:3a:20:28:0c:43:53:81:51: 45:d0:83:6d:a3:8f:ad:eb:67:fe:23:3d:41:89:ee:f1:71:d1: 0e:d7:0d:2a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgICHi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1 NkU4QUM4QkEwHhcNMjQwOTIwMTYzNTAyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmVkYTQzNi1iY2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwB2vvvUYmLLUpbS6w1oQ1xY5RD3oDjffKiUJuqAQbKrhXzew3KEUmQ+odTtv 4ieZvqELvrPGj6wwXqUOZKS1DZhVFXfLmcfbKMiT+rb932L94FzpgHkOvVNil/dl rHubRzc/09uky0A4gIB0WC8Fefu+vkIJH5J2xHSUxW6zy3mJI6QlFKXJDk7R9C7H CeGOxDUQxynLixkcDlza0Kx2auA74f4f3o/l41ed8p2vPaho2cdXsAnrzhfF+0KU 8CSstYqtKbRHokgaZiYU6OXNJ5kxIloMScbhKhwDQvYob/mOroJY1hOAz0aB2mH7 v3DyQRY2oKv/bfo+3opVA4VQqQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFOcIbSW/ 5Hui1sMUXnFvDXiCVPRmMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1 NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5 TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNTA1NTA3NDgw NjYwMTFFRUE1RjU5NjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E OzA5MDcEAgABMDEwCwMDAXkOAwQDeQ5AAwQEeQ7AAwQAfVgfAwQBfVhAAwQDfVio AwQFfV4gAwQCfV7UMA0GCSqGSIb3DQEBCwUAA4IBAQCUBnrK6PhNrWwi+qyE7qg9 jxrF6r/oKdubsDl6b8JWYlSy/pwB4YJ0lr3308DnC5aTV+1Z1g2ysIrr5rTMeImf G5A6ideiMuBKsOA26TXwN1t4XLdznrljGEHO40TqZybUlAfZJeyiRxYFyISVDWqU X1NdskWGAtDptihzO0rLX9T9nRLFAYIvcj+i5o4HQUqkp8Vy5iE6dghR+znR1A29 nVRHgeDD/hiHUhxT1bNMVREMS1z7ZCf6Lg8yLW/mIs2im6fpNovy6GySGVxIYeG0 DdZxi5wvFNwDemvzSfHT1kUNOiAoDENTgVFF0INto4+t62f+Iz1Bie7xcdEO1w0q -----END CERTIFICATE-----Generated at Fri Nov 22 09:41:15 2024 by rpki-client on console-ams.rpki-client.org