$ rpki-client -vvf rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/932FE94E6BB911ED97343873C4F9AE02.roa File: 932FE94E6BB911ED97343873C4F9AE02.roa (raw, json) Hash identifier: hUG9zbqpZfh8Oh0Hkb9QWVdKId5Yw0YN3vAbtZe8GC4= Subject key identifier: A3:EC:0D:58:42:F3:F0:8B:D6:63:02:84:37:4A:9B:34:9F:A3:6F:9D Certificate issuer: /CN=A9168494/serialNumber=B13EA4934F41FC4834CD2A6FF8218D40F7A97789 Certificate serial: 01D4 Authority key identifier: B1:3E:A4:93:4F:41:FC:48:34:CD:2A:6F:F8:21:8D:40:F7:A9:77:89 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sT6kk09B_Eg0zSpv-CGNQPepd4k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/932FE94E6BB911ED97343873C4F9AE02.roa Signing time: Wed 29 May 2024 05:10:38 +0000 ROA not before: Wed 29 May 2024 05:10:38 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 136961 IP address blocks: 165.220.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/sT6kk09B_Eg0zSpv-CGNQPepd4k.crl rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/sT6kk09B_Eg0zSpv-CGNQPepd4k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sT6kk09B_Eg0zSpv-CGNQPepd4k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 26 Feb 2025 03:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 468 (0x1d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9168494 Validity Not Before: May 29 05:10:38 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=6656b8ce-82c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:39:51:a0:66:4b:e4:f3:16:b4:c6:d9:ea:48: 1e:17:af:30:b8:f5:44:55:4f:2d:6b:a3:df:e0:ae: e9:7b:67:3b:85:67:78:a7:63:cf:72:03:79:57:c7: 84:02:f4:e1:fa:31:0d:8c:50:86:ae:cd:c3:97:e9: 38:fd:b3:7b:37:18:46:7d:79:4f:3e:80:9e:70:c0: 3c:8f:5c:cb:71:77:ba:ac:23:ff:61:a4:50:38:81: 32:96:fe:47:e4:e0:f7:56:b4:c0:b4:00:c7:2b:51: b2:14:68:38:8f:3b:27:8f:33:05:98:a1:c7:91:fa: 2b:63:65:3e:b9:b8:99:fe:e5:53:ed:bb:5b:1c:e9: c7:47:73:09:c4:c3:1e:f0:19:8c:33:71:e1:2b:2a: 14:7a:08:fa:87:32:35:71:b0:2c:df:7c:92:6f:7d: b5:f4:7f:92:e0:43:ff:ff:0e:3f:ac:9b:2a:7e:38: 46:97:e9:63:a0:83:cf:f5:9f:82:cb:dc:46:2b:a2: 09:82:ed:31:f2:c4:df:24:f7:30:22:5c:58:ee:4c: 2a:77:8b:01:2b:49:87:a2:e4:6b:35:75:88:6b:3d: 9d:3a:1b:4e:9e:18:34:5e:48:24:26:79:35:05:d7: a9:45:7b:b1:6c:fb:81:bc:e5:c9:c7:e4:7e:3f:26: 6b:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:EC:0D:58:42:F3:F0:8B:D6:63:02:84:37:4A:9B:34:9F:A3:6F:9D X509v3 Authority Key Identifier: keyid:B1:3E:A4:93:4F:41:FC:48:34:CD:2A:6F:F8:21:8D:40:F7:A9:77:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/sT6kk09B_Eg0zSpv-CGNQPepd4k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sT6kk09B_Eg0zSpv-CGNQPepd4k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/932FE94E6BB911ED97343873C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 165.220.8.0/21 Signature Algorithm: sha256WithRSAEncryption c2:f7:fb:c9:24:6d:73:22:7f:03:5f:76:72:b5:b9:76:de:23: c8:26:6a:66:64:46:04:01:89:23:be:a7:b7:11:53:83:78:5b: 50:41:13:26:30:1d:d3:01:69:2a:1f:a3:89:79:88:e6:db:7b: c8:32:ad:05:3f:b4:22:7c:6f:59:7f:14:c5:c4:22:fc:c4:2f: 77:db:7e:66:e4:6f:35:57:63:11:b2:68:d7:a6:55:1c:3c:3a: 0e:6c:13:99:78:3a:76:f1:62:86:d5:a2:d2:24:0b:e9:66:ad: 76:41:8a:9c:31:44:28:dd:f3:60:e5:71:db:cb:73:28:85:dc: e8:15:a4:7e:14:3b:ec:a9:c0:7a:13:66:8c:2d:60:68:55:99: 63:98:12:40:c9:e2:a4:87:ca:18:09:87:12:fb:e1:ad:ce:d4: 88:8f:5c:dd:7b:d5:c1:8d:cf:fe:35:aa:ac:3b:ae:a8:4c:81: 90:7a:05:dd:91:7a:ac:66:83:ae:bf:bd:99:ad:41:6a:f7:45: f0:bc:95:2f:da:ee:f0:69:b4:3d:7e:18:0e:37:4a:23:8d:48: 58:3f:dc:21:fa:41:1e:71:13:c4:95:d3:21:71:00:13:2c:c4: 3e:79:c8:c3:a6:1f:b4:99:03:0b:77:85:50:74:a3:3d:b8:2a: 66:fb:bc:0d -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njg0OTQxMTAvBgNVBAUTKEIxM0VBNDkzNEY0MUZDNDgzNENEMkE2RkY4MjE4RDQw RjdBOTc3ODkwHhcNMjQwNTI5MDUxMDM4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjU2YjhjZS04MmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuTlRoGZL5PMWtMbZ6kgeF68wuPVEVU8ta6Pf4K7pe2c7hWd4p2PPcgN5V8eE AvTh+jENjFCGrs3Dl+k4/bN7NxhGfXlPPoCecMA8j1zLcXe6rCP/YaRQOIEylv5H 5OD3VrTAtADHK1GyFGg4jzsnjzMFmKHHkforY2U+ubiZ/uVT7btbHOnHR3MJxMMe 8BmMM3HhKyoUegj6hzI1cbAs33ySb3219H+S4EP//w4/rJsqfjhGl+ljoIPP9Z+C y9xGK6IJgu0x8sTfJPcwIlxY7kwqd4sBK0mHouRrNXWIaz2dOhtOnhg0XkgkJnk1 BdepRXuxbPuBvOXJx+R+PyZrmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKPsDVhC 8/CL1mMChDdKmzSfo2+dMB8GA1UdIwQYMBaAFLE+pJNPQfxINM0qb/ghjUD3qXeJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODQ5NC8zMUI4MjYzQzA5 OTMxMUVEQjIxQzlCNEJDNEY5QUUwMi9zVDZrazA5Ql9FZzB6U3B2LUNHTlFQZXBk NGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3NUNmtrMDlCX0VnMHpTcHYtQ0dOUVBlcGQ0ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Njg0OTQvMzFCODI2M0MwOTkzMTFFREIyMUM5QjRCQzRGOUFFMDIvOTMyRkU5NEU2 QkI5MTFFRDk3MzQzODczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAOl3AgwDQYJKoZIhvcNAQELBQADggEBAML3+8kkbXMifwNf dnK1uXbeI8gmamZkRgQBiSO+p7cRU4N4W1BBEyYwHdMBaSofo4l5iObbe8gyrQU/ tCJ8b1l/FMXEIvzEL3fbfmbkbzVXYxGyaNemVRw8Og5sE5l4OnbxYobVotIkC+lm rXZBipwxRCjd82DlcdvLcyiF3OgVpH4UO+ypwHoTZowtYGhVmWOYEkDJ4qSHyhgJ hxL74a3O1IiPXN171cGNz/41qqw7rqhMgZB6Bd2Reqxmg66/vZmtQWr3RfC8lS/a 7vBptD1+GA43SiONSFg/3CH6QR5xE8SV0yFxABMsxD55yMOmH7SZAwt3hVB0oz24 Kmb7vA0= -----END CERTIFICATE-----Generated at Wed Feb 19 20:35:17 2025 by rpki-client