$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa File: 9F8B79C2C78E11EBB4983F5BC4F9AE02.roa (raw, json) Hash identifier: n/ZkcBxXbOU1wyzDS48DMJkcfdrM8k6k+BibFqk5ai8= Subject key identifier: 18:00:D7:9D:84:F9:38:DC:B3:30:57:3C:BC:FF:06:F8:A9:8D:44:BF Certificate issuer: /CN=A911B5B4/serialNumber=9DF94C33D3F647AE3D91361E1F172C20686F5989 Certificate serial: 0D60 Authority key identifier: 9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa Signing time: Fri 16 Aug 2024 18:46:20 +0000 ROA not before: Fri 16 Aug 2024 18:46:20 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 23855 IP address blocks: 203.30.38.0/23 maxlen: 24 2001:df0:21a::/48 maxlen: 48 2401:c7c0:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.crl rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3424 (0xd60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5B4/serialNumber=9DF94C33D3F647AE3D91361E1F172C20686F5989 Validity Not Before: Aug 16 18:46:20 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66bf9e7b-1fa8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:e1:0d:f9:39:b8:35:5a:af:ca:33:0d:e5:a2: 66:ac:3a:37:12:fd:db:d4:84:bd:69:90:f9:b3:b6: 0b:65:5a:fc:9a:4c:d6:60:59:60:d2:b7:34:46:83: 23:aa:b7:1a:dc:81:71:53:4e:9e:b0:73:81:46:eb: d9:eb:13:99:d9:e8:33:5c:08:a0:2f:3d:7b:9d:ca: 63:aa:ff:0b:51:f7:49:1c:d1:3c:6e:05:2a:ee:7c: 0f:ea:e8:52:cd:60:31:4b:54:3c:29:6c:fa:c5:2a: 64:60:a9:33:1c:18:14:1d:a4:4b:58:1c:c4:85:e8: d1:1c:d3:cb:6e:d0:5c:e5:5a:7f:d2:ac:c0:1c:29: 9e:1b:ce:f1:2f:32:50:2f:6e:e2:e6:f9:5f:22:93: 61:3b:09:ca:d7:6c:aa:0c:b1:53:e4:07:e0:65:84: af:01:b4:a5:10:f3:07:ea:c9:c3:84:af:1c:b6:68: e2:7b:23:68:02:ef:f1:37:1d:1a:8a:2e:cf:ba:3e: ad:52:36:fc:89:9f:f9:99:2d:f5:9a:d5:48:fa:5a: a1:c7:e7:db:c4:9e:78:78:29:9a:86:85:28:3b:b9: 43:fd:86:9d:b1:cd:e1:6e:d3:78:11:b9:27:ec:0a: 61:0e:6f:68:b9:32:4f:64:18:4a:36:ee:2d:c0:dd: 81:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:00:D7:9D:84:F9:38:DC:B3:30:57:3C:BC:FF:06:F8:A9:8D:44:BF X509v3 Authority Key Identifier: keyid:9D:F9:4C:33:D3:F6:47:AE:3D:91:36:1E:1F:17:2C:20:68:6F:59:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/nflMM9P2R649kTYeHxcsIGhvWYk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nflMM9P2R649kTYeHxcsIGhvWYk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5B4/709F7A26B82911E993738A09C4F9AE02/9F8B79C2C78E11EBB4983F5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.30.38.0/23 IPv6: 2001:df0:21a::/48 2401:c7c0:3::/48 Signature Algorithm: sha256WithRSAEncryption 6d:95:d7:2d:2a:d9:7f:58:ee:74:df:e5:21:e9:9c:c1:0d:85: 0b:17:84:a7:52:50:14:4c:d0:6f:8e:68:05:7c:4e:13:34:85: dd:0f:69:66:b4:35:28:05:33:76:a6:96:5f:3c:48:c3:54:7b: 90:07:f7:8a:4a:e5:d0:57:35:e7:34:eb:f0:06:cf:ac:ee:27: ab:23:ab:84:7e:de:07:cb:c0:20:bc:b7:f8:4a:ca:74:7f:05: 1c:fd:ed:d2:4a:c8:aa:55:f9:99:37:5d:bd:b5:a9:b3:0d:ec: a2:82:d1:b4:3a:8c:99:05:54:91:4a:75:42:4e:69:49:1c:6e: 22:91:a2:e9:1a:b6:a3:c2:0e:0c:8f:42:2f:70:3c:ed:f3:f7: d6:c3:9d:60:5b:a2:f5:d7:0e:16:e3:97:26:8f:ca:8b:6a:61: 46:5e:b1:2f:45:f3:fb:4a:45:73:54:c1:5b:b5:22:6c:56:eb: 85:91:79:ed:e7:f3:cb:55:96:69:2c:64:91:78:b5:79:23:58: be:56:83:67:d0:85:c4:03:74:6e:74:37:79:06:67:22:91:c1: 13:1a:da:53:fb:e1:7e:d4:3b:fb:60:71:e9:de:e1:05:a6:70: a9:41:d9:6f:3f:0d:ad:d8:85:d0:df:60:95:03:31:44:8f:fb: 5e:67:98:13 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICDWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QjQxMTAvBgNVBAUTKDlERjk0QzMzRDNGNjQ3QUUzRDkxMzYxRTFGMTcyQzIw Njg2RjU5ODkwHhcNMjQwODE2MTg0NjIwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmJmOWU3Yi0xZmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1+EN+Tm4NVqvyjMN5aJmrDo3Ev3b1IS9aZD5s7YLZVr8mkzWYFlg0rc0RoMj qrca3IFxU06esHOBRuvZ6xOZ2egzXAigLz17ncpjqv8LUfdJHNE8bgUq7nwP6uhS zWAxS1Q8KWz6xSpkYKkzHBgUHaRLWBzEhejRHNPLbtBc5Vp/0qzAHCmeG87xLzJQ L27i5vlfIpNhOwnK12yqDLFT5AfgZYSvAbSlEPMH6snDhK8ctmjieyNoAu/xNx0a ii7Puj6tUjb8iZ/5mS31mtVI+lqhx+fbxJ54eCmahoUoO7lD/Yadsc3hbtN4Ebkn 7AphDm9ouTJPZBhKNu4twN2BhQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFBgA152E +TjcszBXPLz/BvipjUS/MB8GA1UdIwQYMBaAFJ35TDPT9keuPZE2Hh8XLCBob1mJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCNC83MDlGN0EyNkI4 MjkxMUU5OTM3MzhBMDlDNEY5QUUwMi9uZmxNTTlQMlI2NDlrVFllSHhjc0lHaHZX WWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25mbE1NOVAyUjY0OWtUWWVIeGNzSUdodldZay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI1QjQvNzA5RjdBMjZCODI5MTFFOTkzNzM4QTA5QzRGOUFFMDIvOUY4Qjc5QzJD NzhFMTFFQkI0OTgzRjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E KjAoMAwEAgABMAYDBAHLHiYwGAQCAAIwEgMHACABDfACGgMHACQBx8AAAzANBgkq hkiG9w0BAQsFAAOCAQEAbZXXLSrZf1judN/lIemcwQ2FCxeEp1JQFEzQb45oBXxO EzSF3Q9pZrQ1KAUzdqaWXzxIw1R7kAf3ikrl0Fc15zTr8AbPrO4nqyOrhH7eB8vA ILy3+ErKdH8FHP3t0krIqlX5mTddvbWpsw3sooLRtDqMmQVUkUp1Qk5pSRxuIpGi 6Rq2o8IODI9CL3A87fP31sOdYFui9dcOFuOXJo/Ki2phRl6xL0Xz+0pFc1TBW7Ui bFbrhZF57efzy1WWaSxkkXi1eSNYvlaDZ9CFxAN0bnQ3eQZnIpHBExraU/vhftQ7 +2Bx6d7hBaZwqUHZbz8NrdiF0N9glQMxRI/7XmeYEw== -----END CERTIFICATE-----Generated at Fri Nov 22 19:44:56 2024 by rpki-client on console-fra.rpki-client.org