$ rpki-client -vvf rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/BE4B3228691411EFB573C120C4F9AE02.roa File: BE4B3228691411EFB573C120C4F9AE02.roa (raw, json) Hash identifier: FluzuCEVsK4WA6irM+7AYglOFW70dV1BU5TUHFD621E= Subject key identifier: C0:EC:AE:3E:7B:4F:A9:92:5F:1D:56:B4:1C:4B:9A:E8:33:90:D8:69 Certificate issuer: /CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570 Certificate serial: 02E7 Authority key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/BE4B3228691411EFB573C120C4F9AE02.roa Signing time: Wed 27 Nov 2024 01:35:01 +0000 ROA not before: Wed 27 Nov 2024 01:35:01 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 150703 IP address blocks: 202.148.176.0/24 maxlen: 24 202.148.185.0/24 maxlen: 24 202.148.186.0/24 maxlen: 24 202.148.188.0/24 maxlen: 24 2400:cd00:1051::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:11:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 743 (0x2e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912442A, serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570 Validity Not Before: Nov 27 01:35:01 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=67467745-b1ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:e6:28:aa:d4:f0:53:2a:9d:f2:71:71:fd:b5: a4:d7:9e:6c:36:e1:1b:2f:b6:0c:72:e8:62:33:0c: 77:db:46:32:94:21:a4:52:04:c6:50:21:e8:08:1b: 26:cf:59:9c:64:fb:92:71:c9:14:c7:d5:ad:93:b0: 3c:6e:69:07:c4:21:49:6f:3c:08:99:83:d2:69:09: 01:d0:6d:7f:7c:ec:5a:24:94:25:09:89:eb:96:5f: 88:69:d9:a3:88:17:6a:a2:ce:c0:96:4d:fe:43:1f: dd:6e:d5:0f:de:25:dc:58:28:37:2a:28:f8:c6:86: 88:60:e6:18:8e:c7:c5:de:fe:74:e9:fa:05:06:ae: 0a:b3:96:0e:f6:f4:16:71:c4:84:c1:dd:f8:ec:3b: 29:28:fe:f9:ce:cc:91:f4:a1:1c:f3:ca:be:5f:bd: 49:f9:85:5b:d0:20:08:79:ad:cd:d2:10:d9:46:31: ea:d2:20:00:39:82:e5:b8:f4:ab:7b:ae:88:c9:0f: fc:a5:2e:78:fc:64:20:9d:86:ed:91:c0:fb:d4:fb: 2f:2d:4e:89:86:ef:09:e9:69:70:b6:76:8b:ac:f3: 4c:20:d7:90:ab:5e:a2:a7:8a:e7:fe:a8:e6:25:f0: 01:49:1f:54:97:7d:e4:db:9f:b5:17:41:fc:01:58: 3a:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:EC:AE:3E:7B:4F:A9:92:5F:1D:56:B4:1C:4B:9A:E8:33:90:D8:69 X509v3 Authority Key Identifier: keyid:84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/BE4B3228691411EFB573C120C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.148.176.0/24 202.148.185.0-202.148.186.255 202.148.188.0/24 IPv6: 2400:cd00:1051::/48 Signature Algorithm: sha256WithRSAEncryption 39:21:fc:f0:8c:bc:1d:8c:db:bb:8b:5c:a7:53:16:20:17:27: 8d:2d:22:97:11:fe:d0:c6:78:80:7c:7f:3b:73:a2:15:fb:06: c1:d1:2a:8e:5d:54:b4:30:0d:bf:3a:69:a9:2b:ec:5f:61:8d: 04:6a:27:73:8d:ed:0b:60:23:6f:fa:4e:a0:4d:1a:c2:65:b8: 56:de:e7:42:07:f7:6f:1f:70:78:1e:7c:1c:49:59:a2:20:a7: 03:61:81:f9:60:97:f1:3e:6c:0e:4f:d7:91:9b:ff:44:25:84: e3:03:14:7d:0a:09:b8:ed:f8:7d:cd:11:da:48:24:a8:4b:9e: e7:bd:74:8e:70:ba:05:b0:4d:08:7c:93:09:8d:70:f2:e2:05: b1:db:f4:88:b6:d1:c7:17:99:7a:f3:7b:cb:68:05:a9:9c:28: b9:a1:55:67:a5:2d:3d:85:4e:63:c4:d2:57:5a:e2:5b:96:17: f2:33:f6:2d:65:5e:7d:02:ee:17:05:c3:8f:38:43:f5:49:13: fb:c5:8f:72:94:0d:21:08:f8:2e:47:84:17:2e:ed:58:50:b9: 9b:f8:d5:09:d3:2f:35:4a:91:e7:84:8c:43:8d:ac:bd:c2:f6: ac:b6:c7:1e:26:3a:a3:0c:60:90:d8:3e:26:5f:0a:36:42:86: 2a:0e:4a:09 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICAucwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5QjJDMkE4MTFG NUMyMDE1NzAwHhcNMjQxMTI3MDEzNTAxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzQ2Nzc0NS1iMWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArOYoqtTwUyqd8nFx/bWk155sNuEbL7YMcuhiMwx320YylCGkUgTGUCHoCBsm z1mcZPuScckUx9Wtk7A8bmkHxCFJbzwImYPSaQkB0G1/fOxaJJQlCYnrll+Iadmj iBdqos7Alk3+Qx/dbtUP3iXcWCg3Kij4xoaIYOYYjsfF3v506foFBq4Ks5YO9vQW ccSEwd347DspKP75zsyR9KEc88q+X71J+YVb0CAIea3N0hDZRjHq0iAAOYLluPSr e66IyQ/8pS54/GQgnYbtkcD71PsvLU6Jhu8J6WlwtnaLrPNMINeQq16ip4rn/qjm JfABSR9Ul33k25+1F0H8AVg6TQIDAQABo4ICujCCArYwHQYDVR0OBBYEFMDsrj57 T6mSXx1WtBxLmugzkNhpMB8GA1UdIwQYMBaAFISFo57WtiEo7fT5mywqgR9cIBVw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDQyQS8yMEYyQ0IwMEVC OUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRhMklTanQ5UG1iTENxQkgxd2dG WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hJV2pudGEySVNqdDlQbWJMQ3FCSDF3Z0ZYQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjQ0MkEvMjBGMkNCMDBFQjlDMTFFQ0E2ODIxMjBDQzRGOUFFMDIvQkU0QjMyMjg2 OTE0MTFFRkI1NzNDMTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMCAEAgABMBoDBADKlLAwDAMEAMqUuQMEAMqUugMEAMqUvDAPBAIAAjAJAwcA JADNABBRMA0GCSqGSIb3DQEBCwUAA4IBAQA5IfzwjLwdjNu7i1ynUxYgFyeNLSKX Ef7QxniAfH87c6IV+wbB0SqOXVS0MA2/OmmpK+xfYY0Eaidzje0LYCNv+k6gTRrC ZbhW3udCB/dvH3B4HnwcSVmiIKcDYYH5YJfxPmwOT9eRm/9EJYTjAxR9Cgm47fh9 zRHaSCSoS57nvXSOcLoFsE0IfJMJjXDy4gWx2/SIttHHF5l683vLaAWpnCi5oVVn pS09hU5jxNJXWuJblhfyM/YtZV59Au4XBcOPOEP1SRP7xY9ylA0hCPguR4QXLu1Y ULmb+NUJ0y81SpHnhIxDjay9wvastsceJjqjDGCQ2D4mXwo2QoYqDkoJ -----END CERTIFICATE-----Generated at Sat Apr 26 09:32:05 2025 by rpki-client