$ rpki-client -vvf rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/BFF3C17CD23A11EB8E7BA35DC4F9AE02.roa File: BFF3C17CD23A11EB8E7BA35DC4F9AE02.roa (raw, json) Hash identifier: NdBHmG+jT3mlpfAnpJWEoNWyBuLoxpMWZ5qP5JUGkiw= Subject key identifier: 9E:09:22:61:C5:25:DD:41:C6:73:80:10:2A:CD:A0:67:5E:5B:F0:33 Certificate issuer: /CN=A918036A/serialNumber=57840FB441D2B34C8EE699D264712B4A5E0FED8D Certificate serial: 0EFB Authority key identifier: 57:84:0F:B4:41:D2:B3:4C:8E:E6:99:D2:64:71:2B:4A:5E:0F:ED:8D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/BFF3C17CD23A11EB8E7BA35DC4F9AE02.roa Signing time: Thu 28 Sep 2023 18:15:21 +0000 ROA not before: Thu 28 Sep 2023 18:15:21 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 134707 IP address blocks: 2406:a240::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/V4QPtEHSs0yO5pnSZHErSl4P7Y0.crl rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/V4QPtEHSs0yO5pnSZHErSl4P7Y0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 18:35:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3835 (0xefb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918036A/serialNumber=57840FB441D2B34C8EE699D264712B4A5E0FED8D Validity Not Before: Sep 28 18:15:21 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=6515c2b9-6a9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b6:90:17:7f:1a:d4:96:4c:86:6a:86:5b:e6: b0:87:c4:c2:9d:54:ed:9a:9e:fc:cc:45:b1:67:67: 31:b2:1b:b7:62:bf:ec:48:bc:78:51:64:50:85:1e: 93:01:c1:a4:31:96:6a:df:94:11:d4:1f:ed:4c:d3: 05:c9:69:27:d8:ff:f8:6a:58:8b:c5:e5:70:cb:e3: 33:0c:ca:51:70:72:3d:f1:7a:22:b8:9a:48:a6:d7: dd:39:f8:5a:93:9a:22:5b:39:c1:c3:d3:ce:e3:46: 70:3f:36:49:16:0c:a5:34:6c:4f:20:37:82:85:35: b1:bb:f1:09:e2:09:5e:93:81:6a:bc:55:a2:51:11: d6:02:20:5a:85:b7:88:ff:9b:55:04:03:e4:d6:72: 05:a1:7f:e3:d8:85:e0:81:0d:b2:82:88:4f:bc:d2: 22:c9:56:9c:6e:b6:69:39:1d:24:b8:26:09:54:71: 34:09:92:02:d1:a4:fb:3b:96:bb:52:72:c7:6c:9f: 14:a8:55:eb:b1:fe:09:74:ad:95:5c:e0:2f:52:b1: 73:4b:ce:85:10:52:c4:53:a4:d8:2a:66:7f:5d:5d: 05:56:a5:7a:82:54:21:7f:51:25:73:29:90:c9:c0: 5a:09:7a:8d:32:ba:3d:2e:be:57:8a:ab:f6:01:0c: 54:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:09:22:61:C5:25:DD:41:C6:73:80:10:2A:CD:A0:67:5E:5B:F0:33 X509v3 Authority Key Identifier: keyid:57:84:0F:B4:41:D2:B3:4C:8E:E6:99:D2:64:71:2B:4A:5E:0F:ED:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/V4QPtEHSs0yO5pnSZHErSl4P7Y0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/BFF3C17CD23A11EB8E7BA35DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:a240::/32 Signature Algorithm: sha256WithRSAEncryption a8:16:b5:63:d1:57:40:b1:69:7f:39:25:39:74:08:1a:24:1a: 18:a8:eb:63:81:46:6b:cb:49:f4:1c:cb:52:11:24:1b:5c:ee: ed:30:f2:4e:21:81:7e:28:a6:0d:5e:8f:3a:57:b7:2c:4e:9c: 23:e0:44:56:fa:bd:bc:0d:e3:76:6f:81:39:f7:46:de:18:1a: d3:1c:cb:35:38:fd:75:b8:5e:94:17:fe:47:d2:15:0a:d9:7a: 64:43:c2:9a:1b:a2:4c:25:ea:38:8c:0a:96:28:0a:9d:f4:19: 6a:b9:d4:46:11:09:d5:23:94:9f:dd:b1:be:42:f2:03:db:17: f3:f7:ba:83:9e:45:b8:1c:a2:38:ae:08:b2:49:be:24:9a:c1: bf:45:f3:fe:a6:e0:6c:b1:13:c4:fd:a8:5a:58:b2:d4:0e:2c: 63:aa:1b:f3:92:19:03:1c:72:bf:57:37:2d:77:1d:b4:0c:df: 51:84:e4:f2:47:e7:2a:4a:cd:93:c4:1a:42:4a:70:c1:ca:42: 7a:d4:58:33:b8:36:d8:0f:7e:ca:77:85:79:c6:e5:b5:87:bd: e0:97:9a:1d:24:90:24:41:ce:56:b0:b4:37:bb:8b:f9:46:96: 9b:43:c2:2b:e8:04:e0:b7:7a:c8:7e:55:af:9a:5f:f8:30:c5: be:85:a9:05 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICDvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODAzNkExMTAvBgNVBAUTKDU3ODQwRkI0NDFEMkIzNEM4RUU2OTlEMjY0NzEyQjRB NUUwRkVEOEQwHhcNMjMwOTI4MTgxNTIxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTE1YzJiOS02YTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr7aQF38a1JZMhmqGW+awh8TCnVTtmp78zEWxZ2cxshu3Yr/sSLx4UWRQhR6T AcGkMZZq35QR1B/tTNMFyWkn2P/4aliLxeVwy+MzDMpRcHI98XoiuJpIptfdOfha k5oiWznBw9PO40ZwPzZJFgylNGxPIDeChTWxu/EJ4glek4FqvFWiURHWAiBahbeI /5tVBAPk1nIFoX/j2IXggQ2ygohPvNIiyVacbrZpOR0kuCYJVHE0CZIC0aT7O5a7 UnLHbJ8UqFXrsf4JdK2VXOAvUrFzS86FEFLEU6TYKmZ/XV0FVqV6glQhf1ElcymQ ycBaCXqNMro9Lr5Xiqv2AQxUIQIDAQABo4ICljCCApIwHQYDVR0OBBYEFJ4JImHF Jd1BxnOAECrNoGdeW/AzMB8GA1UdIwQYMBaAFFeED7RB0rNMjuaZ0mRxK0peD+2N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDM2QS80MzNBRjc4QzQ2 QzcxMUU5QURFOUQ0MjRDNEY5QUUwMi9WNFFQdEVIU3MweU81cG5TWkhFclNsNFA3 WTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Y0UVB0RUhTczB5TzVwblNaSEVyU2w0UDdZMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODAzNkEvNDMzQUY3OEM0NkM3MTFFOUFERTlENDI0QzRGOUFFMDIvQkZGM0MxN0NE MjNBMTFFQjhFN0JBMzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkBqJAMA0GCSqGSIb3DQEBCwUAA4IBAQCoFrVj0VdAsWl/ OSU5dAgaJBoYqOtjgUZry0n0HMtSESQbXO7tMPJOIYF+KKYNXo86V7csTpwj4ERW +r28DeN2b4E590beGBrTHMs1OP11uF6UF/5H0hUK2XpkQ8KaG6JMJeo4jAqWKAqd 9BlqudRGEQnVI5Sf3bG+QvID2xfz97qDnkW4HKI4rgiySb4kmsG/RfP+puBssRPE /ahaWLLUDixjqhvzkhkDHHK/Vzctdx20DN9RhOTyR+cqSs2TxBpCSnDBykJ61Fgz uDbYD37Kd4V5xuW1h73gl5odJJAkQc5WsLQ3u4v5RpabQ8Ir6ATgt3rIflWvml/4 MMW+hakF -----END CERTIFICATE-----Generated at Fri May 31 20:34:07 2024 by rpki-client on console-ams.rpki-client.org