$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/8610B9DCF33F11EEB412F210C4F9AE02.roa File: 8610B9DCF33F11EEB412F210C4F9AE02.roa (raw, json) Hash identifier: yQzG0IUj4LmNAo/vCmn3XwCt/EXYkvI8wWgOGhVL8zY= Subject key identifier: C0:20:0F:9A:3C:1A:1A:64:93:1B:AC:BA:C7:20:E3:F4:AC:04:DB:14 Certificate issuer: /CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586 Certificate serial: 0A98 Authority key identifier: A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/8610B9DCF33F11EEB412F210C4F9AE02.roa Signing time: Fri 05 Apr 2024 11:27:45 +0000 ROA not before: Fri 05 Apr 2024 11:27:45 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 138585 IP address blocks: 2404:53c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/qSFjXHST8hzSYJPVkDUQgC9ONYY.crl rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/qSFjXHST8hzSYJPVkDUQgC9ONYY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 20:53:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2712 (0xa98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586 Validity Not Before: Apr 5 11:27:45 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=660fe031-ccd8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:3e:88:08:04:80:bd:57:a1:c0:ff:ce:2d:c5: 16:ab:1d:26:d4:a5:92:02:3b:05:d0:58:e5:a7:35: 2e:65:29:fa:ef:eb:a7:f6:74:b5:65:36:e1:bb:ba: a6:8f:46:f9:07:56:1e:e2:9f:ce:44:19:60:42:95: ca:c4:e1:62:ab:63:c1:47:e6:3e:a9:eb:97:67:e6: 06:16:7b:6e:15:6e:0d:b3:16:c7:a3:cc:bb:dc:8c: 71:1e:eb:6d:a3:be:48:77:b6:32:e9:ca:25:37:b8: b3:d0:e9:2c:6e:1b:92:e4:75:48:83:4a:f1:e6:21: 09:fb:02:64:ef:2c:9f:aa:43:7b:38:06:91:d7:e7: f3:b7:dc:e2:74:be:51:45:ab:da:b9:f8:3a:e6:fe: f3:0c:2c:83:90:72:51:a1:9f:17:9e:e9:cd:96:13: 64:52:13:89:50:64:fa:93:f4:74:49:2d:7e:88:34: 90:9b:2e:20:66:43:74:9e:ed:6a:c6:61:4e:bf:54: 53:44:6b:79:f6:c0:c3:d6:ca:e3:3a:44:1e:00:7f: 28:a2:3e:9c:6e:c2:0c:35:a7:8a:39:76:24:42:12: 80:43:2e:6b:af:19:85:1c:2c:3e:dc:35:b6:e6:ad: b3:03:73:6a:f9:86:04:2b:92:ff:91:fc:93:5c:76: 15:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:20:0F:9A:3C:1A:1A:64:93:1B:AC:BA:C7:20:E3:F4:AC:04:DB:14 X509v3 Authority Key Identifier: keyid:A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/qSFjXHST8hzSYJPVkDUQgC9ONYY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/8610B9DCF33F11EEB412F210C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2404:53c0::/32 Signature Algorithm: sha256WithRSAEncryption 50:d5:3f:f6:95:8a:15:83:18:06:71:c6:23:5d:95:6b:3b:c8: 93:c6:5f:e5:bf:a4:b0:e5:6c:b9:31:a0:33:b8:e6:57:e0:5f: 70:5c:1f:a2:68:5b:f2:af:32:2f:7c:62:a3:59:35:2a:13:5f: 39:15:66:4e:7b:46:93:f2:0f:1d:36:58:d9:89:64:e1:e0:f2: ea:e3:35:b3:49:38:75:81:7f:3b:d2:8b:4b:2a:ac:5f:55:a1: 48:bc:55:d0:ec:9c:b9:77:4c:f0:12:1e:df:8a:b0:a8:02:e7: af:42:bd:dd:2e:a1:a7:7b:47:c0:f9:36:b1:69:28:83:7b:4e: f4:bd:05:72:0e:5d:8a:c1:ac:eb:47:bf:5d:2f:45:c1:71:de: 91:ca:50:2c:1e:dc:ab:77:65:aa:8d:b7:64:58:81:54:6c:7b: fd:2c:48:7d:e1:c2:4c:50:9e:99:42:6e:14:49:f2:d1:da:39: 71:6c:3d:db:fc:03:b4:7a:13:2d:67:26:9c:74:8d:d2:41:5b: fa:ff:1e:cd:38:3e:33:41:64:f3:04:3e:1c:f1:e0:6d:8d:f0: d4:46:75:c1:01:bb:3c:6e:78:d4:58:1b:c1:9d:f1:e2:0b:0e: e5:29:22:52:78:89:b1:e7:89:95:34:64:2e:3f:e4:d6:74:a3: d8:cb:b0:40 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICCpgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFBNEUxMTAvBgNVBAUTKEE5MjE2MzVDNzQ5M0YyMUNEMjYwOTNENTkwMzUxMDgw MkY0RTM1ODYwHhcNMjQwNDA1MTEyNzQ1WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NjBmZTAzMS1jY2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9j6ICASAvVehwP/OLcUWqx0m1KWSAjsF0FjlpzUuZSn67+un9nS1ZTbhu7qm j0b5B1Ye4p/ORBlgQpXKxOFiq2PBR+Y+qeuXZ+YGFntuFW4NsxbHo8y73IxxHutt o75Id7Yy6colN7iz0OksbhuS5HVIg0rx5iEJ+wJk7yyfqkN7OAaR1+fzt9zidL5R Ravaufg65v7zDCyDkHJRoZ8XnunNlhNkUhOJUGT6k/R0SS1+iDSQmy4gZkN0nu1q xmFOv1RTRGt59sDD1srjOkQeAH8ooj6cbsIMNaeKOXYkQhKAQy5rrxmFHCw+3DW2 5q2zA3Nq+YYEK5L/kfyTXHYVeQIDAQABo4ICljCCApIwHQYDVR0OBBYEFMAgD5o8 Ghpkkxususcg4/SsBNsUMB8GA1UdIwQYMBaAFKkhY1x0k/Ic0mCT1ZA1EIAvTjWG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUE0RS9BNDlCNEQ3NDM3 QzYxMUVBOUQ5NkFFNTFDNEY5QUUwMi9xU0ZqWEhTVDhoelNZSlBWa0RVUWdDOU9O WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FTRmpYSFNUOGh6U1lKUFZrRFVRZ0M5T05ZWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzFBNEUvQTQ5QjRENzQzN0M2MTFFQTlEOTZBRTUxQzRGOUFFMDIvODYxMEI5RENG MzNGMTFFRUI0MTJGMjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkBFPAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ1T/2lYoVgxgG ccYjXZVrO8iTxl/lv6Sw5Wy5MaAzuOZX4F9wXB+iaFvyrzIvfGKjWTUqE185FWZO e0aT8g8dNljZiWTh4PLq4zWzSTh1gX870otLKqxfVaFIvFXQ7Jy5d0zwEh7firCo AuevQr3dLqGne0fA+TaxaSiDe070vQVyDl2KwazrR79dL0XBcd6RylAsHtyrd2Wq jbdkWIFUbHv9LEh94cJMUJ6ZQm4USfLR2jlxbD3b/AO0ehMtZyacdI3SQVv6/x7N OD4zQWTzBD4c8eBtjfDURnXBAbs8bnjUWBvBnfHiCw7lKSJSeImx54mVNGQuP+TW dKPYy7BA -----END CERTIFICATE-----Generated at Fri May 31 22:13:10 2024 by rpki-client on console-fra.rpki-client.org