$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/2EB26372A26A11EF8F13D81CC4F9AE02.roa File: 2EB26372A26A11EF8F13D81CC4F9AE02.roa (raw, json) Hash identifier: hAzJmwqJDXHzUeUcs8YRpX6FxDP2dY18aL7bVzr6aKI= Subject key identifier: B9:29:B2:EA:E8:59:4F:CB:75:F3:93:C1:4A:63:C5:EC:FD:B5:30:E1 Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264 Certificate serial: 0B70 Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/2EB26372A26A11EF8F13D81CC4F9AE02.roa Signing time: Thu 14 Nov 2024 09:24:01 +0000 ROA not before: Thu 14 Nov 2024 09:24:01 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 43260 IP address blocks: 14.192.130.0/24 maxlen: 24 14.192.132.0/24 maxlen: 24 14.192.151.0/24 maxlen: 24 14.192.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 05:18:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2928 (0xb70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264 Validity Not Before: Nov 14 09:24:01 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=6735c1b0-3a4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a7:d0:ae:38:99:c5:ee:4d:b0:e8:4c:af:b1: 57:04:19:4e:55:bc:d7:d9:d1:0d:06:d3:b0:e1:9a: a9:4e:b4:7e:fa:78:54:d8:12:85:5f:b6:40:4e:7f: 8f:c6:ea:d1:05:63:8b:bf:b4:23:1f:c0:26:c3:77: dd:48:10:07:ba:2a:81:60:cc:22:12:6a:dc:6c:81: 05:e9:c6:2b:dc:c4:b1:f3:cc:25:cb:b0:63:c0:e9: 44:58:2b:92:3e:05:ad:0b:63:89:ff:c6:98:b5:1f: 8b:44:a1:9e:17:70:5b:c9:3a:41:c7:ea:56:80:5c: 09:e8:93:c4:df:3d:c1:fa:3a:b4:eb:21:36:3d:05: 26:0e:4a:52:6c:e4:71:d5:2e:75:b9:79:79:09:60: ca:3f:6c:4a:ed:16:97:ca:96:a9:d0:ba:21:72:3d: 28:3f:1e:6a:5e:83:26:af:ed:4f:77:67:44:7b:f1: a8:b3:74:6d:67:b6:34:50:02:4c:83:e2:f6:e5:40: b5:38:89:92:e3:81:0a:38:7b:71:be:d8:c2:e5:4b: 36:da:87:6d:39:8f:46:88:6d:55:8c:ca:33:16:82: 35:b7:04:e2:66:a9:4a:bd:09:80:0e:47:9f:2b:88: 23:3a:ce:77:58:8b:dc:d7:fb:67:b2:1a:4d:42:0e: 9a:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:29:B2:EA:E8:59:4F:CB:75:F3:93:C1:4A:63:C5:EC:FD:B5:30:E1 X509v3 Authority Key Identifier: keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/2EB26372A26A11EF8F13D81CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 14.192.130.0/24 14.192.132.0/24 14.192.151.0-14.192.152.255 Signature Algorithm: sha256WithRSAEncryption 70:a6:13:88:f4:28:be:ae:c1:58:fb:75:f6:37:28:94:21:61: e2:c6:bb:90:52:af:7f:60:44:9c:55:e1:47:2f:b4:9d:3f:77: ff:4e:45:64:26:66:9a:f0:04:95:63:7f:51:87:18:68:0a:b8: 50:8e:a1:65:bc:bb:30:25:6a:df:55:85:b1:35:22:6b:07:fc: 26:c3:79:24:f3:63:7f:8b:80:30:a6:92:dd:76:ce:19:46:f1: 07:90:75:2b:de:d7:75:6e:9d:d8:9a:d1:26:85:14:6b:12:a9: 1d:a2:d7:2c:aa:a6:12:6d:87:83:b1:1b:36:62:7f:58:f1:6e: 6d:5b:0c:bc:6d:5a:0b:1d:ef:3c:87:42:42:91:32:37:6b:91: 8f:5c:39:b3:5f:72:22:78:b5:7a:de:52:93:f5:f5:f2:62:1a: 7b:93:6e:25:48:7a:d4:54:f1:6c:4d:c9:d4:dd:02:54:b3:c2: 46:3e:34:dc:ad:24:60:db:aa:c9:fd:02:be:e2:06:79:38:b8: 0d:2c:2b:28:63:c0:6f:7f:4a:c7:2a:c3:29:56:46:80:6c:0c: a6:ec:ab:3f:4a:55:0a:42:81:d7:0d:1f:e2:c6:47:bc:13:5f: 2f:3c:b0:c3:25:fc:ac:15:81:2f:85:4a:1a:df:fa:0e:53:36: bd:5b:98:17 -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICC3AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND NjczMkUyNjQwHhcNMjQxMTE0MDkyNDAxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzM1YzFiMC0zYTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuafQrjiZxe5NsOhMr7FXBBlOVbzX2dENBtOw4ZqpTrR++nhU2BKFX7ZATn+P xurRBWOLv7QjH8Amw3fdSBAHuiqBYMwiEmrcbIEF6cYr3MSx88wly7BjwOlEWCuS PgWtC2OJ/8aYtR+LRKGeF3BbyTpBx+pWgFwJ6JPE3z3B+jq06yE2PQUmDkpSbORx 1S51uXl5CWDKP2xK7RaXypap0Lohcj0oPx5qXoMmr+1Pd2dEe/Gos3RtZ7Y0UAJM g+L25UC1OImS44EKOHtxvtjC5Us22odtOY9GiG1VjMozFoI1twTiZqlKvQmADkef K4gjOs53WIvc1/tnshpNQg6aZQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFLkpsuro WU/LdfOTwUpjxez9tTDhMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5 RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0 bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMkVCMjYzNzJB MjZBMTFFRjhGMTNEODFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgABMBoDBAAOwIIDBAAOwIQwDAMEAA7AlwMEAA7AmDANBgkqhkiG9w0B AQsFAAOCAQEAcKYTiPQovq7BWPt19jcolCFh4sa7kFKvf2BEnFXhRy+0nT93/05F ZCZmmvAElWN/UYcYaAq4UI6hZby7MCVq31WFsTUiawf8JsN5JPNjf4uAMKaS3XbO GUbxB5B1K97XdW6d2JrRJoUUaxKpHaLXLKqmEm2Hg7EbNmJ/WPFubVsMvG1aCx3v PIdCQpEyN2uRj1w5s19yIni1et5Sk/X18mIae5NuJUh61FTxbE3J1N0CVLPCRj40 3K0kYNuqyf0CvuIGeTi4DSwrKGPAb39KxyrDKVZGgGwMpuyrP0pVCkKB1w0f4sZH vBNfLzywwyX8rBWBL4VKGt/6DlM2vVuYFw== -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:05 2024 by rpki-client on console-ams.rpki-client.org