$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/1101B5C01CEC11EFA7CDC085C4F9AE02.roa File: 1101B5C01CEC11EFA7CDC085C4F9AE02.roa (raw, json) Hash identifier: jbkM/r/watiK5IRPpyDh7RHx4Sadi2EA9iYD/7NrFLw= Subject key identifier: EF:5E:FC:9D:D8:D7:16:D8:6D:02:3E:A8:95:A3:0D:AC:5C:14:89:F0 Certificate issuer: /CN=A91FC5BD/serialNumber=E977A9226220E8C78A1D1B3BE04D60CDCC8A2188 Certificate serial: 02 Authority key identifier: E9:77:A9:22:62:20:E8:C7:8A:1D:1B:3B:E0:4D:60:CD:CC:8A:21:88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6XepImIg6MeKHRs74E1gzcyKIYg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/1101B5C01CEC11EFA7CDC085C4F9AE02.roa Signing time: Tue 28 May 2024 12:16:10 +0000 ROA not before: Tue 28 May 2024 12:16:10 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 140403 IP address blocks: 2401:3d20:26::/48 maxlen: 48 2401:3d20:27::/48 maxlen: 48 2401:3d20:28::/48 maxlen: 48 2401:3d20:32::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/6XepImIg6MeKHRs74E1gzcyKIYg.crl rsync://rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/6XepImIg6MeKHRs74E1gzcyKIYg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6XepImIg6MeKHRs74E1gzcyKIYg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 02 Jul 2024 07:46:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FC5BD/serialNumber=E977A9226220E8C78A1D1B3BE04D60CDCC8A2188 Validity Not Before: May 28 12:16:10 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=6655cb09-91bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4b:c5:e4:de:1e:fd:2b:5a:1c:90:66:57:13: 8f:8e:ca:a7:80:d1:55:9c:a0:29:dc:67:67:1e:8b: a0:e6:02:9c:d8:5d:b4:bb:8b:4c:e4:1c:19:13:3a: 87:0d:c3:09:65:14:31:c6:61:83:69:59:94:2e:61: 7f:1b:6d:b6:f8:3e:e7:2b:e5:2f:e7:c6:27:59:c7: 11:4b:51:13:98:1d:f3:2d:0f:6a:2b:87:3c:1f:4a: 98:cf:fb:ca:1a:18:2a:6c:98:e0:83:b4:a1:3e:e4: 9b:2d:76:24:67:c1:2f:85:68:9e:c4:df:43:f6:2f: 83:64:91:f7:0d:2c:27:f4:69:de:b3:21:e2:6f:45: cc:67:79:16:fe:f9:08:8c:ad:1d:66:32:7f:95:50: 28:e7:aa:25:4e:64:cf:40:b2:93:88:06:f1:6a:67: 36:54:5e:68:cb:fd:49:66:8c:d0:2b:ce:30:72:f7: 26:bd:50:00:0d:a1:d1:a3:f1:3d:c6:f8:c5:f8:83: 8a:42:52:cc:1f:12:90:3c:40:9b:f1:2e:03:a4:1c: da:7e:df:f9:f9:55:25:20:b0:15:03:88:4c:b8:94: 85:99:52:b1:44:05:d6:1e:71:0d:20:84:65:5e:a4: 1b:4a:90:40:7e:49:34:42:49:5f:7e:0a:5d:4b:03: 2d:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:5E:FC:9D:D8:D7:16:D8:6D:02:3E:A8:95:A3:0D:AC:5C:14:89:F0 X509v3 Authority Key Identifier: keyid:E9:77:A9:22:62:20:E8:C7:8A:1D:1B:3B:E0:4D:60:CD:CC:8A:21:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/6XepImIg6MeKHRs74E1gzcyKIYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6XepImIg6MeKHRs74E1gzcyKIYg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC5BD/76C2C72E1CEB11EF85DFD776C4F9AE02/1101B5C01CEC11EFA7CDC085C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:3d20:26::-2401:3d20:28:ffff:ffff:ffff:ffff:ffff 2401:3d20:32::/48 Signature Algorithm: sha256WithRSAEncryption 4c:48:d5:f4:e0:a4:5f:a4:bf:4a:ab:b7:ba:5a:15:d2:33:7d: 69:27:69:1c:5b:d1:af:92:ad:71:47:19:45:bd:a2:e7:ec:a3: 74:43:56:ab:c6:81:18:29:8d:4d:fe:14:3f:f0:cd:91:ac:b6: f1:a4:a3:2e:40:2e:ff:dd:fb:2f:01:b5:c9:90:43:35:80:6f: 3b:4e:0f:e8:29:d0:94:f4:df:58:ac:6f:8a:b3:c8:70:ff:8b: 7c:02:dc:c7:1d:f2:72:a2:60:be:af:f4:09:ab:8c:d1:bc:60: 5a:59:d4:74:91:50:a3:29:6a:c2:92:ce:d5:cc:1c:ca:05:82: b5:11:20:c6:03:17:d6:3b:75:b8:2f:a1:88:e0:52:e6:93:3f: 05:b3:4e:ca:c0:65:71:ac:fd:ca:00:1a:a9:cf:58:09:bf:ef: b5:92:a3:cf:c8:c7:66:76:d1:e3:99:84:12:6d:64:22:cc:de: ec:26:23:0a:c9:11:c5:89:f0:b1:27:7a:99:bb:b7:1e:0b:6a: 84:84:4b:7f:ad:57:4f:77:0d:be:cf:70:77:76:2e:9f:12:8a: 45:c4:3e:0a:a2:05:c2:d7:37:11:8c:8b:fe:51:87:6c:11:67: 32:6e:48:97:cc:96:99:f7:a1:fb:fc:35:0d:85:4f:50:c4:14: 21:5c:22:51 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QzVCRDExMC8GA1UEBRMoRTk3N0E5MjI2MjIwRThDNzhBMUQxQjNCRTA0RDYwQ0RD QzhBMjE4ODAeFw0yNDA1MjgxMjE2MTBaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2NTVjYjA5LTkxYmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDVS8Xk3h79K1ockGZXE4+OyqeA0VWcoCncZ2cei6DmApzYXbS7i0zkHBkTOocN wwllFDHGYYNpWZQuYX8bbbb4Pucr5S/nxidZxxFLUROYHfMtD2orhzwfSpjP+8oa GCpsmOCDtKE+5JstdiRnwS+FaJ7E30P2L4NkkfcNLCf0ad6zIeJvRcxneRb++QiM rR1mMn+VUCjnqiVOZM9AspOIBvFqZzZUXmjL/UlmjNArzjBy9ya9UAANodGj8T3G +MX4g4pCUswfEpA8QJvxLgOkHNp+3/n5VSUgsBUDiEy4lIWZUrFEBdYecQ0ghGVe pBtKkEB+STRCSV9+Cl1LAy3lAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQU7178ndjX FthtAj6olaMNrFwUifAwHwYDVR0jBBgwFoAU6XepImIg6MeKHRs74E1gzcyKIYgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZDNUJELzc2QzJDNzJFMUNF QjExRUY4NURGRDc3NkM0RjlBRTAyLzZYZXBJbUlnNk1lS0hSczc0RTFnemN5S0lZ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNlhlcEltSWc2TWVLSFJzNzRFMWd6Y3lLSVlnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QzVCRC83NkMyQzcyRTFDRUIxMUVGODVERkQ3NzZDNEY5QUUwMi8xMTAxQjVDMDFD RUMxMUVGQTdDREMwODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn MCUwIwQCAAIwHTASAwcBJAE9IAAmAwcAJAE9IAAoAwcAJAE9IAAyMA0GCSqGSIb3 DQEBCwUAA4IBAQBMSNX04KRfpL9Kq7e6WhXSM31pJ2kcW9Gvkq1xRxlFvaLn7KN0 Q1arxoEYKY1N/hQ/8M2RrLbxpKMuQC7/3fsvAbXJkEM1gG87Tg/oKdCU9N9YrG+K s8hw/4t8AtzHHfJyomC+r/QJq4zRvGBaWdR0kVCjKWrCks7VzBzKBYK1ESDGAxfW O3W4L6GI4FLmkz8Fs07KwGVxrP3KABqpz1gJv++1kqPPyMdmdtHjmYQSbWQizN7s JiMKyRHFifCxJ3qZu7ceC2qEhEt/rVdPdw2+z3B3di6fEopFxD4KogXC1zcRjIv+ UYdsEWcybkiXzJaZ96H7/DUNhU9QxBQhXCJR -----END CERTIFICATE-----Generated at Tue Jun 25 10:01:31 2024 by rpki-client on console-fra.rpki-client.org