$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/3EF6E4A4291D11EFBE3C7971C4F9AE02.roa File: 3EF6E4A4291D11EFBE3C7971C4F9AE02.roa (raw, json) Hash identifier: SpBt7sDt3PRONHBV0bfhwVMq6dMRxKdSE97eOEgTO/c= Subject key identifier: 2A:50:9C:B1:99:35:8E:E8:9A:C0:CA:86:1E:EE:73:6C:E4:D3:FA:1A Certificate issuer: /CN=A91A6943/serialNumber=0AB99F52C9AD9BE0B9C04470CFB1B6C2360FD0F5 Certificate serial: 0976 Authority key identifier: 0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/3EF6E4A4291D11EFBE3C7971C4F9AE02.roa Signing time: Fri 22 Nov 2024 20:10:19 +0000 ROA not before: Fri 22 Nov 2024 20:10:19 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 133141 IP address blocks: 2407:1ec0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/CrmfUsmtm-C5wERwz7G2wjYP0PU.crl rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/CrmfUsmtm-C5wERwz7G2wjYP0PU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 19:56:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2422 (0x976) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A6943/serialNumber=0AB99F52C9AD9BE0B9C04470CFB1B6C2360FD0F5 Validity Not Before: Nov 22 20:10:19 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6740e52b-fe35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:dd:2b:b9:90:60:ad:09:90:cf:ea:2e:b4:94: ab:43:0a:b7:06:6e:21:46:d5:62:e7:be:56:77:33: 62:73:c5:8f:fb:dd:97:f5:77:f7:a5:19:28:e0:72: c4:29:03:fe:0f:76:a0:6d:fe:ea:a6:c2:12:81:67: a2:3d:9f:38:94:17:d2:ff:c6:c0:22:ff:8c:87:eb: 98:fd:78:cc:4a:f3:3c:4b:c4:bb:b8:71:2f:eb:e8: 75:71:b1:28:4f:ce:d9:30:06:3c:90:3b:13:3e:87: 75:45:10:f9:05:f3:d7:cd:0d:b5:ad:fa:03:17:a8: 2d:b1:b8:0e:0c:51:3e:14:82:60:a8:58:8c:7e:c0: 81:41:0e:58:e9:f5:d9:2e:f5:38:6c:b0:48:7c:47: 5e:51:a7:6d:3c:4f:34:89:51:d6:37:dc:99:e2:82: 3d:d6:65:c8:bf:d5:2e:69:f5:33:1d:85:7c:24:2b: 2e:cd:84:47:a1:79:7d:7a:c8:15:a9:87:5b:ba:0c: a8:ea:55:34:e4:a5:54:2a:b0:d5:83:02:c1:14:51: f6:29:70:21:39:6d:18:29:dc:89:20:ab:1a:85:01: 22:b5:25:90:81:0a:86:c5:fd:fc:99:be:62:4e:ae: f7:03:08:c0:be:2b:4a:da:29:8a:17:05:c9:6e:ca: be:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:50:9C:B1:99:35:8E:E8:9A:C0:CA:86:1E:EE:73:6C:E4:D3:FA:1A X509v3 Authority Key Identifier: keyid:0A:B9:9F:52:C9:AD:9B:E0:B9:C0:44:70:CF:B1:B6:C2:36:0F:D0:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/CrmfUsmtm-C5wERwz7G2wjYP0PU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrmfUsmtm-C5wERwz7G2wjYP0PU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6943/B71811688D5111EAB8B26384C4F9AE02/3EF6E4A4291D11EFBE3C7971C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2407:1ec0::/32 Signature Algorithm: sha256WithRSAEncryption 23:5a:10:0d:02:68:88:b3:fa:91:f2:49:72:21:dc:87:c0:8c: c0:af:cc:d7:c0:25:0b:2c:0f:b8:48:e7:f1:98:23:b1:bb:45: 9d:80:2e:06:68:a6:c5:d4:0f:c6:3e:3a:6f:be:d5:c1:fa:e5: 2a:46:a5:0d:5e:cc:0a:61:e9:36:a3:7c:fd:c7:16:c2:f4:d2: 47:1d:74:ca:4e:21:02:8b:13:74:aa:0d:ed:5d:e5:4c:f3:79: 54:de:fc:80:56:d7:97:75:9a:85:d2:46:52:1c:d1:cf:9f:fe: 1c:4e:97:d9:ea:31:57:9a:fb:25:73:22:cb:d7:17:39:25:c4: 84:c6:98:7e:f3:2a:70:d2:fb:10:13:b6:3e:24:46:44:5d:59: 60:04:5f:da:04:0e:69:37:fb:f1:b8:9f:f3:c3:c3:e6:69:6f: 09:39:5b:af:76:67:7c:3a:39:47:f3:f9:c4:68:4b:e6:83:14: eb:95:cb:70:8c:fe:a6:b7:ed:5c:20:e0:33:24:4f:62:bd:6c: 22:6d:d0:e4:3c:8b:86:49:e8:e5:0c:9e:ab:ff:a0:78:3e:92: 51:da:c1:cc:09:1b:d6:15:28:b5:5d:d8:91:f3:5c:31:25:ee: ff:dc:df:00:f6:7d:11:95:be:54:71:49:98:45:2c:cb:6e:57: b9:fe:90:b2 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICCXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTY5NDMxMTAvBgNVBAUTKDBBQjk5RjUyQzlBRDlCRTBCOUMwNDQ3MENGQjFCNkMy MzYwRkQwRjUwHhcNMjQxMTIyMjAxMDE5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NzQwZTUyYi1mZTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1N0ruZBgrQmQz+outJSrQwq3Bm4hRtVi575WdzNic8WP+92X9Xf3pRko4HLE KQP+D3agbf7qpsISgWeiPZ84lBfS/8bAIv+Mh+uY/XjMSvM8S8S7uHEv6+h1cbEo T87ZMAY8kDsTPod1RRD5BfPXzQ21rfoDF6gtsbgODFE+FIJgqFiMfsCBQQ5Y6fXZ LvU4bLBIfEdeUadtPE80iVHWN9yZ4oI91mXIv9UuafUzHYV8JCsuzYRHoXl9esgV qYdbugyo6lU05KVUKrDVgwLBFFH2KXAhOW0YKdyJIKsahQEitSWQgQqGxf38mb5i Tq73AwjAvitK2imKFwXJbsq+ZQIDAQABo4ICljCCApIwHQYDVR0OBBYEFCpQnLGZ NY7omsDKhh7uc2zk0/oaMB8GA1UdIwQYMBaAFAq5n1LJrZvgucBEcM+xtsI2D9D1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjk0My9CNzE4MTE2ODhE NTExMUVBQjhCMjYzODRDNEY5QUUwMi9Dcm1mVXNtdG0tQzV3RVJ3ejdHMndqWVAw UFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NybWZVc210bS1DNXdFUnd6N0cyd2pZUDBQVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTY5NDMvQjcxODExNjg4RDUxMTFFQUI4QjI2Mzg0QzRGOUFFMDIvM0VGNkU0QTQy OTFEMTFFRkJFM0M3OTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkBx7AMA0GCSqGSIb3DQEBCwUAA4IBAQAjWhANAmiIs/qR 8klyIdyHwIzAr8zXwCULLA+4SOfxmCOxu0WdgC4GaKbF1A/GPjpvvtXB+uUqRqUN XswKYek2o3z9xxbC9NJHHXTKTiECixN0qg3tXeVM83lU3vyAVteXdZqF0kZSHNHP n/4cTpfZ6jFXmvslcyLL1xc5JcSExph+8ypw0vsQE7Y+JEZEXVlgBF/aBA5pN/vx uJ/zw8PmaW8JOVuvdmd8OjlH8/nEaEvmgxTrlctwjP6mt+1cIOAzJE9ivWwibdDk PIuGSejlDJ6r/6B4PpJR2sHMCRvWFSi1XdiR81wxJe7/3N8A9n0Rlb5UcUmYRSzL ble5/pCy -----END CERTIFICATE-----Generated at Fri Nov 22 21:05:31 2024 by rpki-client on console-fra.rpki-client.org