$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/E7D3D36A406911EC83A0470DC4F9AE02.roa File: E7D3D36A406911EC83A0470DC4F9AE02.roa (raw, json) Hash identifier: QuRY0ECb/GscIKQG3TIAOw51gGl4J73Kmkxl36DZ8mE= Subject key identifier: 51:DB:DE:F5:9A:7D:0B:84:9E:56:80:04:42:2D:F2:70:DA:30:D1:6A Certificate issuer: /CN=A9125475/serialNumber=DE9D64016291EA2A16F3B7956A0F4035B709E547 Certificate serial: 2519 Authority key identifier: DE:9D:64:01:62:91:EA:2A:16:F3:B7:95:6A:0F:40:35:B7:09:E5:47 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3p1kAWKR6ioW87eVag9ANbcJ5Uc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/E7D3D36A406911EC83A0470DC4F9AE02.roa Signing time: Mon 02 Dec 2024 14:30:17 +0000 ROA not before: Mon 02 Dec 2024 14:30:17 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 135566 IP address blocks: 209.15.96.0/24 maxlen: 24 209.15.97.0/24 maxlen: 24 209.15.98.0/24 maxlen: 24 209.15.99.0/24 maxlen: 24 209.15.100.0/24 maxlen: 24 209.15.101.0/24 maxlen: 24 209.15.102.0/24 maxlen: 24 209.15.103.0/24 maxlen: 24 209.15.104.0/24 maxlen: 24 209.15.105.0/24 maxlen: 24 209.15.108.0/24 maxlen: 24 209.15.109.0/24 maxlen: 24 209.15.110.0/24 maxlen: 24 209.15.111.0/24 maxlen: 24 209.15.112.0/24 maxlen: 24 209.15.113.0/24 maxlen: 24 209.15.114.0/24 maxlen: 24 209.15.115.0/24 maxlen: 24 209.15.116.0/24 maxlen: 24 209.15.117.0/24 maxlen: 24 209.15.118.0/24 maxlen: 24 209.15.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3p1kAWKR6ioW87eVag9ANbcJ5Uc.crl rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3p1kAWKR6ioW87eVag9ANbcJ5Uc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3p1kAWKR6ioW87eVag9ANbcJ5Uc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 14:20:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9497 (0x2519) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125475, serialNumber=DE9D64016291EA2A16F3B7956A0F4035B709E547 Validity Not Before: Dec 2 14:30:17 2024 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=674dc479-434f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:0d:3c:b1:3e:83:c3:bc:75:eb:9c:15:a1:0d: cc:90:2a:e3:18:8c:91:53:0c:31:08:8b:95:87:7a: 1b:fc:45:c8:77:1b:09:9e:e3:e2:35:c0:53:50:f8: 21:d7:be:09:d3:f0:d4:0f:de:d6:8d:e6:9e:00:29: 7e:c5:69:55:a2:cc:30:ba:55:d7:64:6e:c8:89:d6: bb:07:88:20:20:6a:a3:7b:b5:f8:6a:e0:ce:e4:ca: 6f:7d:a4:28:06:1b:af:95:36:11:f8:21:b4:7c:63: a1:4f:1a:bb:c7:73:5f:aa:d0:01:d4:29:16:b7:3f: 99:34:83:18:2a:b1:15:86:d1:2c:16:97:aa:5e:bc: 61:c4:df:8d:2d:0a:71:10:71:52:77:e9:8f:76:93: fb:f8:fe:02:60:ee:da:b3:de:16:43:5d:b4:1e:7e: b6:7f:c2:c7:5a:ea:c6:fc:e5:06:8b:1a:37:93:29: 41:14:e1:c6:e1:1c:19:d1:39:e5:84:08:35:94:9a: 4f:5c:75:44:0b:c9:74:34:42:d6:fb:33:3f:59:17: 2d:94:80:00:99:cf:3d:18:2d:b5:1c:ec:c5:65:1d: 7c:a6:67:1f:d7:17:4f:af:78:71:96:62:d3:cc:92: 35:48:f9:95:81:4a:64:f7:9d:40:12:3c:d5:23:3f: 21:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:DB:DE:F5:9A:7D:0B:84:9E:56:80:04:42:2D:F2:70:DA:30:D1:6A X509v3 Authority Key Identifier: keyid:DE:9D:64:01:62:91:EA:2A:16:F3:B7:95:6A:0F:40:35:B7:09:E5:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/3p1kAWKR6ioW87eVag9ANbcJ5Uc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3p1kAWKR6ioW87eVag9ANbcJ5Uc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/8D9471F6290611E593BFC626C4F9AE02/E7D3D36A406911EC83A0470DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 209.15.96.0-209.15.105.255 209.15.108.0-209.15.119.255 Signature Algorithm: sha256WithRSAEncryption 83:27:f3:c1:45:6b:6a:9d:c0:79:c6:87:8a:ee:2e:59:d2:4b: ad:12:0e:d8:fb:ef:5c:51:88:98:d2:22:d9:ab:65:4a:09:df: ce:ef:7e:0c:f8:a7:0e:50:08:29:bc:8a:ca:d8:33:b0:06:69: 50:ff:8f:88:43:a3:13:36:3e:0e:5f:8d:d6:6a:60:b1:0c:67: ea:f2:51:f9:6f:4b:e7:c8:55:30:17:ee:7a:2b:3c:4a:35:11: 63:e3:13:6a:5c:e3:8e:7f:9c:94:ac:77:da:71:f4:c3:14:f7: ec:45:8b:e9:97:87:10:fd:6d:df:4d:8e:b8:de:cc:06:b8:4b: 4d:22:65:5a:77:af:61:55:51:a4:a6:c1:94:bd:5e:f9:53:2e: 86:3e:e7:94:01:ce:e4:b3:90:71:77:77:a6:c1:4c:94:d5:7c: 23:7a:80:25:84:43:70:94:d8:7b:d3:13:1a:6d:5b:b6:7b:1e: 01:29:c7:b6:62:06:68:e7:65:44:39:82:5a:70:50:06:8f:3d: c8:28:0e:b5:23:fc:65:d8:73:ff:a8:b3:6a:6a:b8:b6:1e:26: 70:14:01:a8:06:8f:e1:65:33:81:03:10:32:6a:db:de:91:34: 84:21:cc:8e:25:10:91:91:c5:bd:fe:bc:4b:8f:0e:16:02:d5: 23:dd:f7:a9 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgICJRkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjU0NzUxMTAvBgNVBAUTKERFOUQ2NDAxNjI5MUVBMkExNkYzQjc5NTZBMEY0MDM1 QjcwOUU1NDcwHhcNMjQxMjAyMTQzMDE3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzRkYzQ3OS00MzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1g08sT6Dw7x165wVoQ3MkCrjGIyRUwwxCIuVh3ob/EXIdxsJnuPiNcBTUPgh 174J0/DUD97WjeaeACl+xWlVoswwulXXZG7Iida7B4ggIGqje7X4auDO5MpvfaQo BhuvlTYR+CG0fGOhTxq7x3NfqtAB1CkWtz+ZNIMYKrEVhtEsFpeqXrxhxN+NLQpx EHFSd+mPdpP7+P4CYO7as94WQ120Hn62f8LHWurG/OUGixo3kylBFOHG4RwZ0Tnl hAg1lJpPXHVEC8l0NELW+zM/WRctlIAAmc89GC21HOzFZR18pmcf1xdPr3hxlmLT zJI1SPmVgUpk951AEjzVIz8hKQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFHb3vWa fQuEnlaABEIt8nDaMNFqMB8GA1UdIwQYMBaAFN6dZAFikeoqFvO3lWoPQDW3CeVH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS84RDk0NzFGNjI5 MDYxMUU1OTNCRkM2MjZDNEY5QUUwMi8zcDFrQVdLUjZpb1c4N2VWYWc5QU5iY0o1 VWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNwMWtBV0tSNmlvVzg3ZVZhZzlBTmJjSjVVYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjU0NzUvOEQ5NDcxRjYyOTA2MTFFNTkzQkZDNjI2QzRGOUFFMDIvRTdEM0QzNkE0 MDY5MTFFQzgzQTA0NzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E JjAkMCIEAgABMBwwDAMEBdEPYAMEAdEPaDAMAwQC0Q9sAwQD0Q9wMA0GCSqGSIb3 DQEBCwUAA4IBAQCDJ/PBRWtqncB5xoeK7i5Z0kutEg7Y++9cUYiY0iLZq2VKCd/O 734M+KcOUAgpvIrK2DOwBmlQ/4+IQ6MTNj4OX43WamCxDGfq8lH5b0vnyFUwF+56 KzxKNRFj4xNqXOOOf5yUrHfacfTDFPfsRYvpl4cQ/W3fTY643swGuEtNImVad69h VVGkpsGUvV75Uy6GPueUAc7ks5Bxd3emwUyU1XwjeoAlhENwlNh70xMabVu2ex4B Kce2YgZo52VEOYJacFAGjz3IKA61I/xl2HP/qLNqari2HiZwFAGoBo/hZTOBAxAy atvekTSEIcyOJRCRkcW9/rxLjw4WAtUj3fep -----END CERTIFICATE-----Generated at Sat Apr 26 17:03:06 2025 by rpki-client