$ rpki-client -vvf rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/EA5A9A32BDAA11ED92995562C4F9AE02.roa File: EA5A9A32BDAA11ED92995562C4F9AE02.roa (raw, json) Hash identifier: Vj6OmRDf4YcPyEGBdudGhjii1+8xM3JzwF/SfTYS4LE= Subject key identifier: D5:A7:EA:BD:70:CD:14:0F:A8:6B:47:49:B7:87:A1:7B:2B:64:F1:F3 Certificate issuer: /CN=A9158650/serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Certificate serial: 7D Authority key identifier: 28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/EA5A9A32BDAA11ED92995562C4F9AE02.roa Signing time: Fri 27 Oct 2023 04:56:07 +0000 ROA not before: Fri 27 Oct 2023 04:56:07 +0000 ROA not after: Mon 30 Dec 2024 00:00:00 +0000 asID: 45748 IP address blocks: 202.14.70.0/23 maxlen: 24 202.43.118.0/24 maxlen: 24 202.43.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 05:33:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 125 (0x7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158650/serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Validity Not Before: Oct 27 04:56:07 2023 GMT Not After : Dec 30 00:00:00 2024 GMT Subject: CN=653b42e6-595b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:da:b1:7a:76:e0:81:ae:dd:87:05:96:6a:ed: b4:d5:e5:32:f6:75:93:05:9c:3e:c7:76:2e:da:e2: 8a:f6:09:fa:ce:92:53:e2:f0:cb:cf:15:32:88:ca: 1f:47:0e:04:54:79:c3:42:e1:a5:80:d6:a6:2e:0a: 37:56:fa:00:ed:da:15:9f:2e:c1:92:73:68:9f:9a: bc:b9:75:65:35:ab:d3:fe:18:54:17:90:96:03:22: 53:9c:e3:65:4d:48:2a:a6:76:03:a1:21:88:72:0a: 72:11:22:2c:3e:68:d3:29:fd:b0:ed:5b:19:dd:74: 30:7c:26:46:26:87:67:2b:a1:54:95:6e:a2:88:e0: 6e:6c:58:6e:87:65:ac:ac:d0:55:25:54:f3:c3:1c: 68:3e:f9:0c:e1:5d:67:f2:25:61:fc:19:e6:19:46: 16:8b:0e:3b:5b:69:8d:01:30:5f:0b:fd:30:7a:04: 3f:e8:19:8e:e1:b2:38:a6:73:1d:cc:d6:0e:73:34: cf:c4:f8:5c:f0:b9:ef:78:99:5e:92:b5:29:40:23: 29:7c:3b:77:3b:2c:5d:7b:24:4c:bf:e7:1d:85:3c: cf:95:d2:71:07:34:1e:aa:13:5a:71:3e:89:bc:95: 2e:58:3e:26:6b:c7:f2:db:b3:cc:85:59:26:f0:fd: 8a:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:A7:EA:BD:70:CD:14:0F:A8:6B:47:49:B7:87:A1:7B:2B:64:F1:F3 X509v3 Authority Key Identifier: keyid:28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/EA5A9A32BDAA11ED92995562C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.14.70.0/23 202.43.118.0/23 Signature Algorithm: sha256WithRSAEncryption 12:5d:11:36:5a:a0:62:86:8c:d4:f7:90:fa:d7:27:bf:3a:48: 34:1e:d4:5b:28:c2:32:bd:96:a6:f3:d3:6a:0d:3f:68:a4:1a: e4:17:ae:39:c3:5b:67:17:f1:59:ed:19:de:ec:3c:4b:41:07: f0:ce:c8:76:3b:00:f1:ca:48:20:69:0b:27:21:b0:1e:db:09: 63:98:fe:d9:d6:d8:dc:32:4e:6e:55:a6:b6:48:c0:d3:1c:f4: e8:12:b1:40:22:cb:82:4c:d6:c0:06:72:f6:be:32:f3:57:c8: b3:5a:8b:c4:cb:ae:6b:47:a3:42:05:62:27:d9:48:3e:93:78: dd:f4:c4:97:76:46:94:1f:48:aa:e3:3c:ea:07:8f:36:62:0f: 3e:ab:03:c4:0a:7e:99:b8:94:87:7b:8c:c2:53:e7:f6:5e:17: d5:af:63:8f:1e:ca:23:97:de:28:cb:ec:c2:3b:78:cc:cc:b6: 09:0d:2e:94:5b:78:4f:2d:f7:87:89:75:33:5e:4a:30:02:d4: d7:5c:d9:7c:b3:72:b8:74:25:64:14:c3:02:65:d6:a5:e4:25: b0:eb:30:86:a8:a6:cb:89:f7:12:52:5b:81:38:d4:a5:ab:8e: 12:10:f5:3e:fc:70:fd:82:5c:9b:9b:40:49:5e:9f:ce:27:c7: 99:54:58:1a -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgIBfTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 ODY1MDExMC8GA1UEBRMoMjgxN0Q0QTg2NDRBRUM0MTlBRENDRUUzMEM0RTg3QTI0 RDJGRjU3QjAeFw0yMzEwMjcwNDU2MDdaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY1M2I0MmU2LTU5NWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCw2rF6duCBrt2HBZZq7bTV5TL2dZMFnD7Hdi7a4or2CfrOklPi8MvPFTKIyh9H DgRUecNC4aWA1qYuCjdW+gDt2hWfLsGSc2ifmry5dWU1q9P+GFQXkJYDIlOc42VN SCqmdgOhIYhyCnIRIiw+aNMp/bDtWxnddDB8JkYmh2croVSVbqKI4G5sWG6HZays 0FUlVPPDHGg++QzhXWfyJWH8GeYZRhaLDjtbaY0BMF8L/TB6BD/oGY7hsjimcx3M 1g5zNM/E+Fzwue94mV6StSlAIyl8O3c7LF17JEy/5x2FPM+V0nEHNB6qE1pxPom8 lS5YPiZrx/Lbs8yFWSbw/YrtAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU1afqvXDN FA+oa0dJt4eheytk8fMwHwYDVR0jBBgwFoAUKBfUqGRK7EGa3M7jDE6Hok0v9Xsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4NjUwLzc3NThEMkMyQkRB NzExRURBRUNENEE1REM0RjlBRTAyL0tCZlVxR1JLN0VHYTNNN2pERTZIb2swdjlY cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS0JmVXFHUks3RUdhM003akRFNkhvazB2OVhzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODY1MC83NzU4RDJDMkJEQTcxMUVEQUVDRDRBNURDNEY5QUUwMi9FQTVBOUEzMkJE QUExMUVEOTI5OTU1NjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW MBQwEgQCAAEwDAMEAcoORgMEAcordjANBgkqhkiG9w0BAQsFAAOCAQEAEl0RNlqg YoaM1PeQ+tcnvzpINB7UWyjCMr2WpvPTag0/aKQa5BeuOcNbZxfxWe0Z3uw8S0EH 8M7IdjsA8cpIIGkLJyGwHtsJY5j+2dbY3DJOblWmtkjA0xz06BKxQCLLgkzWwAZy 9r4y81fIs1qLxMuua0ejQgViJ9lIPpN43fTEl3ZGlB9IquM86gePNmIPPqsDxAp+ mbiUh3uMwlPn9l4X1a9jjx7KI5feKMvswjt4zMy2CQ0ulFt4Ty33h4l1M15KMALU 11zZfLNyuHQlZBTDAmXWpeQlsOswhqimy4n3ElJbgTjUpauOEhD1Pvxw/YJcm5tA SV6fzifHmVRYGg== -----END CERTIFICATE-----Generated at Tue May 21 07:16:48 2024 by rpki-client on console-ams.rpki-client.org