$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE92F/1B290B5E740B11EF9E9C0336C4F9AE02/2EC0897A740C11EFB881CE37C4F9AE02.roa File: 2EC0897A740C11EFB881CE37C4F9AE02.roa (raw, json) Hash identifier: jK7WeiMtYEjncK+3WbHQbUVCOX5jz02RAdo98TCxxKk= Subject key identifier: CA:39:3C:D1:CB:6C:58:1B:7E:30:43:D6:1F:73:A4:7E:62:F3:9A:4F Certificate issuer: /CN=A91EE92F/serialNumber=E1D7837EBCC7A9A4D17516578604763A2BD04272 Certificate serial: 39 Authority key identifier: E1:D7:83:7E:BC:C7:A9:A4:D1:75:16:57:86:04:76:3A:2B:D0:42:72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4deDfrzHqaTRdRZXhgR2OivQQnI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE92F/1B290B5E740B11EF9E9C0336C4F9AE02/2EC0897A740C11EFB881CE37C4F9AE02.roa Signing time: Mon 30 Dec 2024 15:42:45 +0000 ROA not before: Mon 30 Dec 2024 15:42:45 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 153329 IP address blocks: 2401:c460::/32 maxlen: 32 2401:c460::/36 maxlen: 36 2401:c460:1000::/36 maxlen: 36 2401:c460:2000::/36 maxlen: 36 2401:c460:3000::/36 maxlen: 36 2401:c460:4000::/36 maxlen: 36 2401:c460:5000::/36 maxlen: 36 2401:c460:6000::/36 maxlen: 36 2401:c460:7000::/36 maxlen: 36 2401:c460:8000::/36 maxlen: 36 2401:c460:9000::/36 maxlen: 36 2401:c460:a000::/36 maxlen: 36 2401:c460:b000::/36 maxlen: 36 2401:c460:c000::/36 maxlen: 36 2401:c460:d000::/36 maxlen: 36 2401:c460:e000::/36 maxlen: 36 2401:c460:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE92F/1B290B5E740B11EF9E9C0336C4F9AE02/4deDfrzHqaTRdRZXhgR2OivQQnI.crl rsync://rpki.apnic.net/member_repository/A91EE92F/1B290B5E740B11EF9E9C0336C4F9AE02/4deDfrzHqaTRdRZXhgR2OivQQnI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4deDfrzHqaTRdRZXhgR2OivQQnI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 06:12:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57 (0x39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE92F Validity Not Before: Dec 30 15:42:45 2024 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=6772bf75-5553 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:1f:e7:a1:3f:5c:90:ba:11:cb:a1:d6:f5:2a: 52:95:3b:f2:65:84:2d:4d:f9:59:52:1c:68:bf:19: fa:4a:7c:b1:c7:da:d0:52:e9:89:2c:a4:f8:d9:b4: 33:38:cc:5b:ac:7b:9b:04:c4:c0:30:0d:1a:40:a6: 71:63:44:74:11:d8:4d:ef:3f:06:f1:63:96:a6:cc: 2b:2d:31:86:49:b1:37:09:e7:a3:1f:cb:aa:5a:9e: e5:08:7f:61:c7:b4:98:65:c1:26:0f:fa:97:2f:0b: 0f:ad:e5:20:f1:95:ce:36:84:53:46:67:91:8a:07: d0:16:fc:f7:bc:c2:bc:c4:74:df:a1:8e:ab:3e:09: 12:ea:31:6a:89:85:80:65:f9:89:0b:1f:f9:e2:db: 17:82:24:f4:50:d9:20:92:9a:00:ce:1c:6c:ca:8e: ad:cd:78:2d:c7:36:00:bd:ba:ea:35:b7:53:d3:5a: c1:61:8b:31:35:e9:3c:eb:54:b5:3f:39:aa:72:51: 6c:aa:2d:7a:98:33:ca:e9:73:57:db:c9:ff:97:4f: 42:41:f0:61:ad:cb:b0:74:02:d4:8f:43:9e:5f:2c: d1:74:28:08:a6:d6:71:49:c7:e4:5c:64:78:08:7b: 0f:da:21:02:78:f1:e8:c8:f8:54:f4:09:f6:0a:88: 94:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:39:3C:D1:CB:6C:58:1B:7E:30:43:D6:1F:73:A4:7E:62:F3:9A:4F X509v3 Authority Key Identifier: keyid:E1:D7:83:7E:BC:C7:A9:A4:D1:75:16:57:86:04:76:3A:2B:D0:42:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE92F/1B290B5E740B11EF9E9C0336C4F9AE02/4deDfrzHqaTRdRZXhgR2OivQQnI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4deDfrzHqaTRdRZXhgR2OivQQnI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE92F/1B290B5E740B11EF9E9C0336C4F9AE02/2EC0897A740C11EFB881CE37C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:c460::/32 Signature Algorithm: sha256WithRSAEncryption 60:4a:ae:21:b2:c1:39:db:51:25:0b:81:5e:a1:3f:78:c3:21: 48:46:3f:db:7b:24:5b:51:6a:07:0e:9e:31:85:fd:97:54:49: 73:a0:b4:4a:3c:88:9a:2e:0d:40:4d:a9:3c:ac:36:e4:33:9b: 11:c5:13:df:95:de:41:8f:4c:eb:1e:0c:77:cf:35:4c:86:2b: 5a:53:ef:08:0f:95:a4:76:c6:2e:55:50:ca:7b:3d:1e:a0:f7: ae:3d:d6:15:4f:64:6c:a5:44:08:1c:d3:74:93:58:f5:e2:73: 61:5b:35:2a:1b:0f:70:7b:76:b3:71:5e:2f:4f:ac:94:46:9e: d4:20:66:19:47:54:38:81:f8:e1:c1:08:49:0c:fc:69:cc:c3: 35:18:2e:b0:e3:b1:68:ec:13:04:2b:dc:51:32:7b:1e:8d:cf: 6d:9a:d7:88:65:72:70:ad:25:a0:e8:24:68:e3:38:05:1a:93: dd:b4:d3:c9:96:fa:63:b4:d4:38:75:16:81:1e:9e:b8:7d:15: 2c:f1:78:72:ac:f2:df:50:3d:88:09:0a:62:47:22:5d:f6:05: bb:e2:3e:58:d2:4c:85:a9:52:9f:18:7c:2c:d4:94:a5:ea:10: bc:3d:e1:b5:ab:25:48:fc:75:f0:63:fb:fe:23:a2:a2:d3:5a: ab:7e:e7:27 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF RTkyRjExMC8GA1UEBRMoRTFENzgzN0VCQ0M3QTlBNEQxNzUxNjU3ODYwNDc2M0Ey QkQwNDI3MjAeFw0yNDEyMzAxNTQyNDVaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3NzJiZjc1LTU1NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6H+ehP1yQuhHLodb1KlKVO/JlhC1N+VlSHGi/GfpKfLHH2tBS6YkspPjZtDM4 zFuse5sExMAwDRpApnFjRHQR2E3vPwbxY5amzCstMYZJsTcJ56Mfy6panuUIf2HH tJhlwSYP+pcvCw+t5SDxlc42hFNGZ5GKB9AW/Pe8wrzEdN+hjqs+CRLqMWqJhYBl +YkLH/ni2xeCJPRQ2SCSmgDOHGzKjq3NeC3HNgC9uuo1t1PTWsFhizE16TzrVLU/ OapyUWyqLXqYM8rpc1fbyf+XT0JB8GGty7B0AtSPQ55fLNF0KAim1nFJx+RcZHgI ew/aIQJ48ejI+FT0CfYKiJT1AgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUyjk80cts WBt+MEPWH3OkfmLzmk8wHwYDVR0jBBgwFoAU4deDfrzHqaTRdRZXhgR2OivQQnIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFOTJGLzFCMjkwQjVFNzQw QjExRUY5RTlDMDMzNkM0RjlBRTAyLzRkZURmcnpIcWFUUmRSWlhoZ1IyT2l2UVFu SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNGRlRGZyekhxYVRSZFJaWGhnUjJPaXZRUW5JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RTkyRi8xQjI5MEI1RTc0MEIxMUVGOUU5QzAzMzZDNEY5QUUwMi8yRUMwODk3QTc0 MEMxMUVGQjg4MUNFMzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR MA8wDQQCAAIwBwMFACQBxGAwDQYJKoZIhvcNAQELBQADggEBAGBKriGywTnbUSUL gV6hP3jDIUhGP9t7JFtRagcOnjGF/ZdUSXOgtEo8iJouDUBNqTysNuQzmxHFE9+V 3kGPTOseDHfPNUyGK1pT7wgPlaR2xi5VUMp7PR6g96491hVPZGylRAgc03STWPXi c2FbNSobD3B7drNxXi9PrJRGntQgZhlHVDiB+OHBCEkM/GnMwzUYLrDjsWjsEwQr 3FEyex6Nz22a14hlcnCtJaDoJGjjOAUak92008mW+mO01Dh1FoEenrh9FSzxeHKs 8t9QPYgJCmJHIl32BbviPljSTIWpUp8YfCzUlKXqELw94bWrJUj8dfBj+/4joqLT Wqt+5yc= -----END CERTIFICATE-----Generated at Sat Apr 5 12:41:46 2025 by rpki-client