$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6D8B/B2F235B2672011EEA146C22DC4F9AE02/D633730A5AD711EF8665FF81C4F9AE02.roa File: D633730A5AD711EF8665FF81C4F9AE02.roa (raw, json) Hash identifier: qDjDjx/58q+LWkw/PFVn1wwvsxzD4HwajEOfZNh5ZU0= Subject key identifier: DC:E1:E1:67:CF:78:0E:AA:F2:4F:5B:E5:8B:C2:4A:3D:B8:A2:D2:2D Certificate issuer: /CN=A91A6D8B/serialNumber=9AB686E3C299AA7E4455493495B46BA5A744099D Certificate serial: AC Authority key identifier: 9A:B6:86:E3:C2:99:AA:7E:44:55:49:34:95:B4:6B:A5:A7:44:09:9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mraG48KZqn5EVUk0lbRrpadECZ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A6D8B/B2F235B2672011EEA146C22DC4F9AE02/D633730A5AD711EF8665FF81C4F9AE02.roa Signing time: Tue 27 Aug 2024 05:49:36 +0000 ROA not before: Tue 27 Aug 2024 05:49:36 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 137527 IP address blocks: 2407:b140:ae5::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A6D8B/B2F235B2672011EEA146C22DC4F9AE02/mraG48KZqn5EVUk0lbRrpadECZ0.crl rsync://rpki.apnic.net/member_repository/A91A6D8B/B2F235B2672011EEA146C22DC4F9AE02/mraG48KZqn5EVUk0lbRrpadECZ0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mraG48KZqn5EVUk0lbRrpadECZ0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 04:10:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 172 (0xac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A6D8B Validity Not Before: Aug 27 05:49:36 2024 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=66cd68ef-e1af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:a2:7d:48:5f:7e:12:a5:67:e3:81:95:56:a2: 1e:d0:8c:79:96:33:07:c3:de:16:8e:a1:ce:09:cf: 53:54:f2:fc:eb:1e:b8:e8:d5:32:25:63:fe:55:48: 9b:73:8d:f0:6e:91:1d:fa:9a:ca:74:62:1f:91:92: 04:54:ba:82:7e:1c:d9:e4:72:cf:85:2a:0c:43:91: d8:00:bc:2d:eb:99:c0:a0:83:42:8e:ba:19:0f:36: 9e:a9:04:dd:68:cd:83:22:14:6d:fa:e7:e8:ad:43: 49:b7:3c:a4:b0:29:ce:43:54:5a:bc:23:48:d0:ea: ae:d8:c6:bd:b5:b9:c9:ad:28:6b:85:6e:da:b0:a9: 8d:b3:f1:08:77:ef:d2:d6:ca:fc:67:e1:5e:ca:6e: 7b:d4:43:79:dc:3d:cc:ae:0a:5c:1a:79:41:2c:67: 9d:8f:e7:eb:a9:91:2e:59:31:fb:e6:e4:d9:7b:81: 7d:6c:79:de:e0:e5:44:38:67:41:bf:ef:55:e3:32: 48:b2:f7:b1:2c:c6:c3:7d:40:05:f5:c0:8d:17:33: 07:3b:c8:ab:06:86:46:ad:76:af:98:5e:43:2d:ea: 69:a5:1e:d2:9e:b7:ba:8e:cc:a7:33:0b:87:2d:9a: a6:95:8c:28:35:ac:b4:9c:4a:8e:0c:4d:7e:03:05: e8:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:E1:E1:67:CF:78:0E:AA:F2:4F:5B:E5:8B:C2:4A:3D:B8:A2:D2:2D X509v3 Authority Key Identifier: keyid:9A:B6:86:E3:C2:99:AA:7E:44:55:49:34:95:B4:6B:A5:A7:44:09:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A6D8B/B2F235B2672011EEA146C22DC4F9AE02/mraG48KZqn5EVUk0lbRrpadECZ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mraG48KZqn5EVUk0lbRrpadECZ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6D8B/B2F235B2672011EEA146C22DC4F9AE02/D633730A5AD711EF8665FF81C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2407:b140:ae5::/64 Signature Algorithm: sha256WithRSAEncryption 32:b9:5c:e6:8a:b3:a4:0d:64:bd:d7:fa:f9:6a:0c:f4:3d:6e: 84:a6:44:64:86:0c:84:81:88:f8:31:86:dd:81:25:67:e1:35: 06:83:c9:ed:31:b6:2d:cc:56:cf:c3:b9:62:88:b3:82:07:b2: 03:80:43:1a:52:99:4f:b7:ef:2d:de:fc:41:52:49:42:df:25: 07:70:ce:ac:0c:48:80:be:4b:a0:b6:4f:da:ba:a4:aa:03:0d: 93:0e:7d:df:14:7f:17:d9:37:13:f5:32:f8:f6:d0:2d:38:30: 3e:bf:57:74:2f:8d:4d:f5:d0:d1:cb:a5:4d:70:4f:a1:b3:44: ba:52:dd:36:69:30:c9:cd:3d:51:91:7b:6b:dd:45:fb:8c:7f: 08:54:01:86:3b:35:aa:bd:29:c3:62:a6:b1:a9:87:fb:fe:55: 83:2a:c8:b9:a9:9c:ef:13:05:0a:6f:e0:46:97:36:ba:89:a9: a3:11:38:27:00:59:0c:40:3a:18:16:45:49:fb:ab:3f:5e:68: 9b:64:a7:ba:00:95:b3:3c:7c:e5:2d:ba:36:f8:f1:08:34:c1: 18:22:58:0c:27:05:56:11:d3:09:2a:ab:29:24:56:5b:9f:10: bf:5f:d4:58:88:6a:f5:59:a4:17:28:88:44:e6:91:c8:f6:a7: 3b:94:38:ca -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgICAKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTZEOEIxMTAvBgNVBAUTKDlBQjY4NkUzQzI5OUFBN0U0NDU1NDkzNDk1QjQ2QkE1 QTc0NDA5OUQwHhcNMjQwODI3MDU0OTM2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NmNkNjhlZi1lMWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArKJ9SF9+EqVn44GVVqIe0Ix5ljMHw94WjqHOCc9TVPL86x646NUyJWP+VUib c43wbpEd+prKdGIfkZIEVLqCfhzZ5HLPhSoMQ5HYALwt65nAoINCjroZDzaeqQTd aM2DIhRt+uforUNJtzyksCnOQ1RavCNI0Oqu2Ma9tbnJrShrhW7asKmNs/EId+/S 1sr8Z+Feym571EN53D3MrgpcGnlBLGedj+frqZEuWTH75uTZe4F9bHne4OVEOGdB v+9V4zJIsvexLMbDfUAF9cCNFzMHO8irBoZGrXavmF5DLepppR7Snre6jsynMwuH LZqmlYwoNay0nEqODE1+AwXovwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFNzh4WfP eA6q8k9b5YvCSj24otItMB8GA1UdIwQYMBaAFJq2huPCmap+RFVJNJW0a6WnRAmd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNkQ4Qi9CMkYyMzVCMjY3 MjAxMUVFQTE0NkMyMkRDNEY5QUUwMi9tcmFHNDhLWnFuNUVWVWswbGJScnBhZEVD WjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21yYUc0OEtacW41RVZVazBsYlJycGFkRUNaMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTZEOEIvQjJGMjM1QjI2NzIwMTFFRUExNDZDMjJEQzRGOUFFMDIvRDYzMzczMEE1 QUQ3MTFFRjg2NjVGRjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E FTATMBEEAgACMAsDCQAkB7FACuUAADANBgkqhkiG9w0BAQsFAAOCAQEAMrlc5oqz pA1kvdf6+WoM9D1uhKZEZIYMhIGI+DGG3YElZ+E1BoPJ7TG2LcxWz8O5Yoizggey A4BDGlKZT7fvLd78QVJJQt8lB3DOrAxIgL5LoLZP2rqkqgMNkw593xR/F9k3E/Uy +PbQLTgwPr9XdC+NTfXQ0culTXBPobNEulLdNmkwyc09UZF7a91F+4x/CFQBhjs1 qr0pw2KmsamH+/5VgyrIuamc7xMFCm/gRpc2uompoxE4JwBZDEA6GBZFSfurP15o m2SnugCVszx85S26NvjxCDTBGCJYDCcFVhHTCSqrKSRWW58Qv1/UWIhq9VmkFyiI ROaRyPanO5Q4yg== -----END CERTIFICATE-----Generated at Sun Apr 6 15:23:01 2025 by rpki-client