$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2FAF13C2DC3D11EEB88CD024C4F9AE02.roa File: 2FAF13C2DC3D11EEB88CD024C4F9AE02.roa (raw, json) Hash identifier: nxxlo3JuGWcZ1OqI2pXk+qxrmE5ryVVIcsUckHHsy/Q= Subject key identifier: 3A:42:16:63:79:A7:09:9C:66:EA:3F:CA:36:6A:89:E1:55:B2:6E:EB Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: 9083 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2FAF13C2DC3D11EEB88CD024C4F9AE02.roa Signing time: Thu 30 May 2024 16:28:16 +0000 ROA not before: Thu 30 May 2024 16:28:16 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 152490 IP address blocks: 2001:df3:85c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36995 (0x9083) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2 Validity Not Before: May 30 16:28:16 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=6658a91f-dfe0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:1f:6e:65:b9:75:46:f1:fc:dc:86:38:59:72: ec:20:dc:dd:30:23:c0:23:44:69:3d:3d:5a:cb:05: da:96:55:92:e0:f6:f0:c2:ba:4e:0f:8e:01:aa:93: 80:dd:69:e1:ad:8e:67:16:8a:4f:09:8d:ea:65:3e: a8:a1:63:72:9e:8e:f5:8a:b5:fa:b0:f4:a7:57:44: 64:94:9f:d0:3c:35:af:b8:11:f8:33:ea:a6:dc:4e: de:8f:d7:68:e9:36:0d:c9:07:50:54:53:59:61:6a: 16:1d:41:dc:a8:44:c5:6b:89:29:62:b1:75:d2:dc: 80:e8:88:b1:9b:c8:87:81:24:0a:ed:23:c4:84:9e: b7:9e:30:63:98:b8:40:c6:1d:e8:c3:7a:d2:bd:1f: 63:c9:a9:61:95:dc:d9:9b:0e:11:73:ec:cc:fd:50: 62:3f:cb:ad:33:59:e2:53:f4:a8:ab:7e:1d:51:e1: 01:ef:b2:51:b5:64:dd:77:97:76:03:81:fa:82:ab: c8:6f:dc:56:df:39:64:a6:7c:5a:9d:a9:a2:9b:84: 45:da:0b:c8:6e:fe:03:79:a6:67:72:e8:9f:8f:78: 08:da:21:2b:49:b1:fa:84:91:ce:91:38:69:9e:8c: 05:73:d6:12:86:c4:22:85:26:5f:c4:f5:f0:a7:c3: 3c:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:42:16:63:79:A7:09:9C:66:EA:3F:CA:36:6A:89:E1:55:B2:6E:EB X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2FAF13C2DC3D11EEB88CD024C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df3:85c0::/48 Signature Algorithm: sha256WithRSAEncryption 26:ff:e5:fb:c6:3e:f1:d1:db:5b:40:51:0e:f9:f6:5a:8a:c4: f2:db:f9:df:5f:75:b1:d9:6c:5f:fb:33:af:72:73:34:3d:87: aa:60:67:28:a4:49:59:3f:36:53:06:e2:ab:ee:8f:8f:00:11: 25:87:40:cb:37:6b:22:ad:3f:4d:ff:6c:a2:8c:7d:98:8d:32: 8a:86:31:c7:84:41:7f:23:4a:95:15:57:cb:6c:fb:a1:b3:d7: ba:57:0e:db:85:c4:30:ce:a7:de:4d:42:09:05:50:31:77:0e: d9:26:27:f4:7d:f6:26:8d:32:b9:98:2a:a4:c2:83:36:e3:d0: 68:c8:08:fa:91:fc:65:da:19:c5:da:22:17:f3:20:50:58:7b: 1a:ff:4e:97:9c:3a:bf:7d:0e:90:c0:c6:e2:d5:96:6d:5c:af: c6:5e:f2:3f:56:08:99:47:28:19:01:a8:82:f8:a4:bf:1f:8a: a5:78:4a:38:b8:e4:22:50:0b:0c:6f:ba:56:d4:b8:1c:a1:7e: 6f:ba:48:70:4f:a9:e8:61:76:30:ce:b9:39:55:e1:1d:56:59: d2:94:b0:de:b2:91:a1:cc:fa:f6:b3:25:aa:7c:b3:f1:ab:8e: 24:3b:c2:37:06:98:08:27:71:62:36:b6:fc:1a:f6:fb:61:e6: 5a:14:01:11 -----BEGIN CERTIFICATE----- MIIFdTCCBF2gAwIBAgIDAJCDMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI0MDUzMDE2MjgxNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjY1OGE5MWYtZGZlMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQfbmW5dUbx/NyGOFly7CDc3TAjwCNEaT09WssF2pZVkuD28MK6Tg+OAaqT gN1p4a2OZxaKTwmN6mU+qKFjcp6O9Yq1+rD0p1dEZJSf0Dw1r7gR+DPqptxO3o/X aOk2DckHUFRTWWFqFh1B3KhExWuJKWKxddLcgOiIsZvIh4EkCu0jxISet54wY5i4 QMYd6MN60r0fY8mpYZXc2ZsOEXPszP1QYj/LrTNZ4lP0qKt+HVHhAe+yUbVk3XeX dgOB+oKryG/cVt85ZKZ8Wp2popuERdoLyG7+A3mmZ3Lon494CNohK0mx+oSRzpE4 aZ6MBXPWEobEIoUmX8T18KfDPKMCAwEAAaOCApgwggKUMB0GA1UdDgQWBBQ6QhZj eacJnGbqP8o2aonhVbJu6zAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJGQUYxM0My REMzRDExRUVCODhDRDAyNEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCIGCCsGAQUFBwEHAQH/ BBMwETAPBAIAAjAJAwcAIAEN84XAMA0GCSqGSIb3DQEBCwUAA4IBAQAm/+X7xj7x 0dtbQFEO+fZaisTy2/nfX3Wx2Wxf+zOvcnM0PYeqYGcopElZPzZTBuKr7o+PABEl h0DLN2sirT9N/2yijH2YjTKKhjHHhEF/I0qVFVfLbPuhs9e6Vw7bhcQwzqfeTUIJ BVAxdw7ZJif0ffYmjTK5mCqkwoM249BoyAj6kfxl2hnF2iIX8yBQWHsa/06XnDq/ fQ6QwMbi1ZZtXK/GXvI/VgiZRygZAaiC+KS/H4qleEo4uOQiUAsMb7pW1LgcoX5v ukhwT6noYXYwzrk5VeEdVlnSlLDespGhzPr2syWqfLPxq44kO8I3BpgIJ3FiNrb8 Gvb7YeZaFAER -----END CERTIFICATE-----Generated at Sun Feb 16 20:11:47 2025 by rpki-client