$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/60B3CD6EAF2E11EEBF12DF45C4F9AE02.roa File: 60B3CD6EAF2E11EEBF12DF45C4F9AE02.roa (raw, json) Hash identifier: 1e5MpWXXLnucpXgA7+/6NcCslKn9LXNV+RznqlHIuF0= Subject key identifier: 1E:EA:A7:D8:7B:9D:B1:34:66:60:E3:76:0D:DF:2D:6E:E4:4C:C8:12 Certificate issuer: /CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Certificate serial: 0DC1 Authority key identifier: 9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/60B3CD6EAF2E11EEBF12DF45C4F9AE02.roa Signing time: Fri 06 Sep 2024 18:37:03 +0000 ROA not before: Fri 06 Sep 2024 18:37:03 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 23077 IP address blocks: 2405:84c0:3000::/36 maxlen: 40 2405:84c0:5e00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 17:13:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3521 (0xdc1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Validity Not Before: Sep 6 18:37:03 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66db4bce-f190 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:8c:84:6a:0b:ce:f4:fd:4f:b9:fe:dc:bc:f6: 66:d5:2a:6b:a7:49:3a:ad:e6:09:0d:65:51:a3:7d: 35:2c:ba:f7:4f:1e:89:ef:ae:ad:e0:a1:b6:7e:ec: f6:41:9e:10:81:fe:82:c6:42:92:67:ae:c3:c5:07: 80:96:2b:95:51:ee:1c:fd:8c:f5:2a:bb:b4:53:08: d6:1d:ab:15:22:b9:75:9b:93:19:ac:23:80:a3:e7: 35:a1:b7:a4:c9:22:48:55:ad:61:b7:4d:1d:df:df: 03:90:bb:6a:a2:2d:f7:e3:05:65:1e:c2:89:3b:5e: e8:49:cc:30:8f:17:07:39:65:26:46:20:dc:09:2a: 28:6a:a8:45:b6:86:58:de:27:c3:73:ea:d0:dc:7c: 23:66:72:6d:3d:c8:58:54:1c:8c:6c:6f:b3:55:63: b8:4f:d8:98:61:0f:69:6e:a6:87:91:b0:db:58:65: 59:24:47:cc:b8:38:49:58:7b:81:54:7f:88:74:6e: 63:e6:d5:f8:1b:97:b5:dd:d9:4b:76:ed:f5:a0:ba: 89:23:e1:f9:cf:a4:6d:0d:c2:ee:7b:a8:32:08:99: 81:7c:a3:38:33:d2:a0:9b:63:9c:b9:b5:53:6e:9b: 9b:36:cd:c5:e0:4e:cb:16:38:d0:95:51:fe:0d:b4: e9:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:EA:A7:D8:7B:9D:B1:34:66:60:E3:76:0D:DF:2D:6E:E4:4C:C8:12 X509v3 Authority Key Identifier: keyid:9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/60B3CD6EAF2E11EEBF12DF45C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2405:84c0:3000::/36 2405:84c0:5e00::/40 Signature Algorithm: sha256WithRSAEncryption be:61:c2:d4:c6:c2:e7:b4:3f:45:5f:0f:87:9a:b5:c5:9d:af: d8:01:99:5a:61:9a:25:00:1a:dd:97:3e:9f:3f:3f:97:0a:71: 13:03:61:b1:a5:1f:a1:16:5e:39:67:7d:56:41:53:83:b7:d0: 73:c5:1e:a3:14:f2:3e:c8:90:7e:89:58:63:e1:e2:51:07:0d: 2c:79:49:62:17:53:69:92:fe:90:05:f9:c0:5e:01:6c:e4:79: 94:b7:6b:19:c2:ba:53:b9:38:98:cb:a6:2e:66:dd:5a:0c:a0: ae:0f:0f:58:ee:a5:37:85:6c:4a:97:56:8d:c3:0b:67:c5:dd: 87:c5:82:c1:1c:c3:88:0a:7c:de:c1:0a:64:a5:2a:a8:ac:6a: c5:6b:ee:61:0f:93:86:d5:8a:79:27:a0:bd:52:bd:96:0e:94: 64:96:74:bf:f0:d1:92:ab:ef:d9:5d:9f:cb:d3:36:3f:ae:a6: 75:bd:e2:93:91:2a:79:9f:2f:64:e1:36:c3:ee:25:29:4f:22: f0:2c:8c:0f:91:21:2c:14:17:b4:a7:22:2d:a6:a3:62:de:ed: 3e:ca:2e:85:ce:95:dd:19:6d:2d:99:f8:3c:b8:7c:10:36:de: b4:57:9f:66:92:e2:21:f0:13:44:a8:4c:96:cc:a1:c4:42:a8: 09:35:71:0d -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgICDcEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRDNjAxMTAvBgNVBAUTKDlFRjlFNDM3NkUzNjY1MzI3NUM3OTYzNTk4RDZCNDVC NzBBRjgwOTkwHhcNMjQwOTA2MTgzNzAzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmRiNGJjZS1mMTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4YyEagvO9P1Puf7cvPZm1Sprp0k6reYJDWVRo301LLr3Tx6J766t4KG2fuz2 QZ4Qgf6CxkKSZ67DxQeAliuVUe4c/Yz1Kru0UwjWHasVIrl1m5MZrCOAo+c1obek ySJIVa1ht00d398DkLtqoi334wVlHsKJO17oScwwjxcHOWUmRiDcCSooaqhFtoZY 3ifDc+rQ3HwjZnJtPchYVByMbG+zVWO4T9iYYQ9pbqaHkbDbWGVZJEfMuDhJWHuB VH+IdG5j5tX4G5e13dlLdu31oLqJI+H5z6RtDcLue6gyCJmBfKM4M9Kgm2OcubVT bpubNs3F4E7LFjjQlVH+DbTpWwIDAQABo4ICnzCCApswHQYDVR0OBBYEFB7qp9h7 nbE0ZmDjdg3fLW7kTMgSMB8GA1UdIwQYMBaAFJ755DduNmUydceWNZjWtFtwr4CZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEM2MC9CNTI2RkY3NEQ4 NDExMUU5QTQ1MjE0MTNDNEY5QUUwMi9udm5rTjI0MlpUSjF4NVkxbU5hMFczQ3Zn SmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252bmtOMjQyWlRKMXg1WTFtTmEwVzNDdmdKay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRDNjAvQjUyNkZGNzREODQxMTFFOUE0NTIxNDEzQzRGOUFFMDIvNjBCM0NENkVB RjJFMTFFRUJGMTJERjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQcBAf8E GjAYMBYEAgACMBADBgQkBYTAMAMGACQFhMBeMA0GCSqGSIb3DQEBCwUAA4IBAQC+ YcLUxsLntD9FXw+HmrXFna/YAZlaYZolABrdlz6fPz+XCnETA2GxpR+hFl45Z31W QVODt9BzxR6jFPI+yJB+iVhj4eJRBw0seUliF1Npkv6QBfnAXgFs5HmUt2sZwrpT uTiYy6YuZt1aDKCuDw9Y7qU3hWxKl1aNwwtnxd2HxYLBHMOICnzewQpkpSqorGrF a+5hD5OG1Yp5J6C9Ur2WDpRklnS/8NGSq+/ZXZ/L0zY/rqZ1veKTkSp5ny9k4TbD 7iUpTyLwLIwPkSEsFBe0pyItpqNi3u0+yi6FzpXdGW0tmfg8uHwQNt60V59mkuIh 8BNEqEyWzKHEQqgJNXEN -----END CERTIFICATE-----Generated at Wed Nov 20 19:06:04 2024 by rpki-client on console-ams.rpki-client.org