$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/021F5D1E005F11EE9D6E2530C4F9AE02.roa File: 021F5D1E005F11EE9D6E2530C4F9AE02.roa (raw, json) Hash identifier: 7JBpmwEWdLsAHDeSZKzUDXaj0QWtY2+VyPqJO87U2zU= Subject key identifier: 8B:E1:B9:E1:0B:7A:73:1E:ED:C1:CF:47:AE:C1:88:A9:6B:64:61:04 Certificate issuer: /CN=A911B5B0/serialNumber=87B2C0E829541D2EF5266385EB3946B8D5290608 Certificate serial: 06C3 Authority key identifier: 87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/021F5D1E005F11EE9D6E2530C4F9AE02.roa Signing time: Wed 28 Jun 2023 21:42:14 +0000 ROA not before: Wed 28 Jun 2023 21:42:14 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 132442 IP address blocks: 2406:59c0:8000::/36 maxlen: 36 2406:59c0:9000::/36 maxlen: 36 2406:59c0:a000::/36 maxlen: 36 2406:59c0:b000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/h7LA6ClUHS71JmOF6zlGuNUpBgg.crl rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/h7LA6ClUHS71JmOF6zlGuNUpBgg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 May 2024 20:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1731 (0x6c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5B0/serialNumber=87B2C0E829541D2EF5266385EB3946B8D5290608 Validity Not Before: Jun 28 21:42:14 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=649ca936-d6ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:7c:7a:5c:db:4b:9d:a6:c6:71:44:d7:6c:e5: 1a:20:71:57:c7:eb:6f:a7:92:ea:5e:9f:3f:fd:80: c5:00:5c:5b:44:95:82:09:a6:b4:54:b7:1d:00:3c: ba:1c:be:3d:34:86:ba:cd:ed:2b:f4:2f:d4:e3:cf: b5:8e:97:d9:08:3c:e1:ec:fc:4a:6d:09:81:ac:7a: e6:0b:f1:9c:78:75:60:88:b0:c1:2f:dc:cd:77:2d: 4b:8f:6a:78:cd:05:6f:e7:5c:7a:29:2f:8a:41:91: 7e:ce:bf:e0:80:d4:0c:bf:c3:1c:ee:8a:47:5b:39: 98:56:bd:39:ef:2a:05:38:4e:1b:47:d5:93:bf:2d: 11:bf:91:da:ca:13:5c:ed:fe:cd:84:26:23:0f:6d: 95:a0:12:ef:0c:25:82:81:3f:50:d0:8d:dd:2b:ce: 36:87:65:77:af:61:c3:cb:34:fc:e5:ab:69:a5:b3: 92:92:5e:cc:54:28:ee:a4:a6:cd:1e:d0:5a:27:6c: 1c:42:98:fd:52:4e:8a:91:11:c6:a3:2e:ec:e6:0a: fa:66:18:76:d2:0d:26:bd:06:38:64:50:e7:e2:cc: de:08:08:aa:77:3d:68:1b:8c:cd:ba:12:e3:e3:22: 76:71:59:68:f8:82:51:5d:d2:d4:e7:e1:cf:4e:39: 23:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:E1:B9:E1:0B:7A:73:1E:ED:C1:CF:47:AE:C1:88:A9:6B:64:61:04 X509v3 Authority Key Identifier: keyid:87:B2:C0:E8:29:54:1D:2E:F5:26:63:85:EB:39:46:B8:D5:29:06:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/h7LA6ClUHS71JmOF6zlGuNUpBgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7LA6ClUHS71JmOF6zlGuNUpBgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5B0/A2DF4CECDD4D11EABB76967BC4F9AE02/021F5D1E005F11EE9D6E2530C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:59c0:8000::/34 Signature Algorithm: sha256WithRSAEncryption 9f:6e:a6:4b:9d:b5:26:1e:a1:42:96:58:2a:a0:a4:8c:95:fe: 59:a7:6c:32:94:69:75:8b:e4:e3:97:8e:13:0b:8b:4c:8b:b0: 2b:f5:e6:35:34:70:8d:bc:7a:1c:1d:0d:e2:38:bd:30:f6:44: 27:9d:88:7e:8a:93:a4:31:11:b8:1b:52:8b:1f:73:58:e8:c0: d5:13:3c:1d:94:c8:e8:80:d1:09:fa:48:de:07:1a:15:60:87: 6c:15:b5:c0:51:2a:b9:b1:38:5b:e1:37:b1:68:b2:f7:a7:0b: 35:31:ea:65:b0:5b:3b:f9:4f:3a:17:5e:b3:d4:dc:6f:17:d9: e5:bb:d0:ba:1a:85:4d:71:db:a0:6d:9f:f4:75:29:c9:82:53: 43:28:e9:9c:0d:2b:b7:d5:d6:90:aa:33:22:0f:9e:0a:69:18: 79:2e:06:6f:b1:f4:e8:e8:37:2d:dd:6c:e8:81:e6:4b:2b:77: e4:c4:24:cd:c6:17:12:92:f1:6a:d6:f6:11:82:a4:2a:24:e6: 2a:79:d0:74:1b:b6:cf:4c:40:73:d1:c4:8b:9a:38:40:f5:99: ef:52:3c:76:7c:3c:ab:a1:4e:c0:00:7f:6a:a2:53:fd:8f:9d: c5:c6:26:a8:0a:bc:eb:af:6a:9e:f0:74:2d:4c:bc:05:e1:6a: c2:29:8d:e5 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgICBsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QjAxMTAvBgNVBAUTKDg3QjJDMEU4Mjk1NDFEMkVGNTI2NjM4NUVCMzk0NkI4 RDUyOTA2MDgwHhcNMjMwNjI4MjE0MjE0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NDljYTkzNi1kNmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqnx6XNtLnabGcUTXbOUaIHFXx+tvp5LqXp8//YDFAFxbRJWCCaa0VLcdADy6 HL49NIa6ze0r9C/U48+1jpfZCDzh7PxKbQmBrHrmC/GceHVgiLDBL9zNdy1Lj2p4 zQVv51x6KS+KQZF+zr/ggNQMv8Mc7opHWzmYVr057yoFOE4bR9WTvy0Rv5HayhNc 7f7NhCYjD22VoBLvDCWCgT9Q0I3dK842h2V3r2HDyzT85atppbOSkl7MVCjupKbN HtBaJ2wcQpj9Uk6KkRHGoy7s5gr6Zhh20g0mvQY4ZFDn4szeCAiqdz1oG4zNuhLj 4yJ2cVlo+IJRXdLU5+HPTjkjywIDAQABo4IClzCCApMwHQYDVR0OBBYEFIvhueEL enMe7cHPR67BiKlrZGEEMB8GA1UdIwQYMBaAFIeywOgpVB0u9SZjhes5RrjVKQYI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCMC9BMkRGNENFQ0RE NEQxMUVBQkI3Njk2N0JDNEY5QUUwMi9oN0xBNkNsVUhTNzFKbU9GNnpsR3VOVXBC Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2g3TEE2Q2xVSFM3MUptT0Y2emxHdU5VcEJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUI1QjAvQTJERjRDRUNERDREMTFFQUJCNzY5NjdCQzRGOUFFMDIvMDIxRjVEMUUw MDVGMTFFRTlENkUyNTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E EjAQMA4EAgACMAgDBgYkBlnAgDANBgkqhkiG9w0BAQsFAAOCAQEAn26mS521Jh6h QpZYKqCkjJX+WadsMpRpdYvk45eOEwuLTIuwK/XmNTRwjbx6HB0N4ji9MPZEJ52I foqTpDERuBtSix9zWOjA1RM8HZTI6IDRCfpI3gcaFWCHbBW1wFEqubE4W+E3sWiy 96cLNTHqZbBbO/lPOhdes9TcbxfZ5bvQuhqFTXHboG2f9HUpyYJTQyjpnA0rt9XW kKozIg+eCmkYeS4Gb7H06Og3Ld1s6IHmSyt35MQkzcYXEpLxatb2EYKkKiTmKnnQ dBu2z0xAc9HEi5o4QPWZ71I8dnw8q6FOwAB/aqJT/Y+dxcYmqAq8669qnvB0LUy8 BeFqwimN5Q== -----END CERTIFICATE-----Generated at Thu May 16 23:39:13 2024 by rpki-client on console-ams.rpki-client.org