$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/8B707C6C17DC11EE959DE671C4F9AE02.roa File: 8B707C6C17DC11EE959DE671C4F9AE02.roa (raw, json) Hash identifier: 4nbAXjdLVkGXp5+9r2PdUu2In94gHETZZU2MZybBnJU= Subject key identifier: 67:90:86:78:AE:AC:C0:78:F6:9E:21:C6:40:A5:6F:C2:83:4C:47:48 Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6 Certificate serial: 0AEF Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/8B707C6C17DC11EE959DE671C4F9AE02.roa Signing time: Mon 04 Dec 2023 20:08:12 +0000 ROA not before: Mon 04 Dec 2023 20:08:12 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 54994 IP address blocks: 2001:e68:20db:10::/64 maxlen: 64 2001:e68:20db:11::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 20:52:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2799 (0xaef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6 Validity Not Before: Dec 4 20:08:12 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=656e31ac-7f92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:09:aa:68:7a:a6:dc:cd:5c:c0:9b:06:74:47: 8f:e6:16:42:b9:da:8d:b1:81:d3:c5:53:87:aa:6b: 14:5d:75:f1:71:8d:57:a9:62:56:99:bf:29:7e:d0: d7:58:7f:2b:67:d5:42:f3:2e:1e:39:30:d1:05:d5: 30:09:19:d0:63:79:57:f4:22:06:bc:6b:a5:c1:20: 2d:c4:82:86:95:ee:ed:a4:6d:e3:c7:e9:1f:2e:ce: ef:97:90:f1:a0:ee:ba:56:c4:c1:64:34:4a:16:7b: da:08:ed:bf:c3:85:48:77:84:54:d8:a8:2d:3a:44: 84:a5:03:01:3e:76:f3:df:21:23:ac:32:13:e6:6f: e1:02:ec:a6:ef:3e:d7:bb:2d:e4:5e:42:a0:14:ae: 0f:38:d4:41:2c:3e:e2:54:32:6b:f6:77:c5:de:ab: 99:ca:4f:1c:2f:ee:88:ed:94:71:7a:13:f9:f5:6f: bf:c4:f2:04:19:3d:26:57:34:85:f3:6f:30:ac:31: 40:ad:df:15:2b:a3:1f:c0:bc:95:4d:19:a2:f6:d3: 6f:f8:e6:c8:17:a4:ae:2e:b3:2f:bd:49:12:27:42: 71:bf:18:6d:90:fa:9d:20:22:5a:42:9d:ab:c4:be: 68:90:38:55:2c:51:dc:02:3b:8b:13:59:e1:f5:91: aa:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:90:86:78:AE:AC:C0:78:F6:9E:21:C6:40:A5:6F:C2:83:4C:47:48 X509v3 Authority Key Identifier: keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/8B707C6C17DC11EE959DE671C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:e68:20db:10::/63 Signature Algorithm: sha256WithRSAEncryption 64:3b:60:9c:ae:9d:c7:e7:be:57:c8:ac:59:b5:c2:dd:41:a1: a8:58:00:c6:2b:c4:2a:4a:e9:63:bf:a4:42:19:25:6f:97:4f: d7:b7:f3:d0:34:8b:31:b7:d4:84:a1:ee:13:58:4b:08:e8:12: 5b:83:b3:0b:2f:c5:50:47:45:cf:b8:8e:94:8c:0e:02:8f:08: 3a:bc:9c:58:6e:af:4a:cd:38:4f:60:0a:f9:3c:bb:72:20:a2: d9:74:3c:e2:f6:c3:4a:58:82:eb:fa:72:6a:de:a0:4e:ea:cd: 07:f0:00:86:1e:42:ed:a3:63:7d:10:11:a8:dc:17:3e:37:27: 95:08:54:f9:d3:96:1a:6b:25:71:8e:52:19:f6:e8:46:cc:6c: b6:57:90:08:73:85:72:87:33:06:72:6a:b3:2a:e5:6b:54:ab: 0f:36:62:27:4c:e1:91:e1:50:76:e4:12:e5:af:c1:5a:e2:f4: 9c:d7:50:52:40:13:31:2a:e7:b7:7f:9b:6f:7b:06:a9:35:0b: 16:29:27:c3:d3:56:10:95:04:b3:fb:f6:39:ab:9a:aa:d1:28: e4:20:c9:9d:be:f1:d2:7c:5a:72:72:8c:3b:ca:fc:5c:f6:f1: 38:4d:db:21:11:57:45:80:16:e9:c1:03:9a:23:0d:c7:bd:e7: 41:5e:5f:b6 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgICCu8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF Q0QxRDczQjYwHhcNMjMxMjA0MjAwODEyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NTZlMzFhYy03ZjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3AmqaHqm3M1cwJsGdEeP5hZCudqNsYHTxVOHqmsUXXXxcY1XqWJWmb8pftDX WH8rZ9VC8y4eOTDRBdUwCRnQY3lX9CIGvGulwSAtxIKGle7tpG3jx+kfLs7vl5Dx oO66VsTBZDRKFnvaCO2/w4VId4RU2KgtOkSEpQMBPnbz3yEjrDIT5m/hAuym7z7X uy3kXkKgFK4PONRBLD7iVDJr9nfF3quZyk8cL+6I7ZRxehP59W+/xPIEGT0mVzSF 828wrDFArd8VK6MfwLyVTRmi9tNv+ObIF6SuLrMvvUkSJ0JxvxhtkPqdICJaQp2r xL5okDhVLFHcAjuLE1nh9ZGqyQIDAQABo4ICmjCCApYwHQYDVR0OBBYEFGeQhniu rMB49p4hxkClb8KDTEdIMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1 RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvOEI3MDdDNkMx N0RDMTFFRTk1OURFNjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E FTATMBEEAgACMAsDCQEgAQ5oINsAEDANBgkqhkiG9w0BAQsFAAOCAQEAZDtgnK6d x+e+V8isWbXC3UGhqFgAxivEKkrpY7+kQhklb5dP17fz0DSLMbfUhKHuE1hLCOgS W4OzCy/FUEdFz7iOlIwOAo8IOrycWG6vSs04T2AK+Ty7ciCi2XQ84vbDSliC6/py at6gTurNB/AAhh5C7aNjfRARqNwXPjcnlQhU+dOWGmslcY5SGfboRsxstleQCHOF coczBnJqsyrla1SrDzZiJ0zhkeFQduQS5a/BWuL0nNdQUkATMSrnt3+bb3sGqTUL Fiknw9NWEJUEs/v2OauaqtEo5CDJnb7x0nxacnKMO8r8XPbxOE3bIRFXRYAW6cED miMNx73nQV5ftg== -----END CERTIFICATE-----Generated at Sat Jun 1 00:13:09 2024 by rpki-client on console-ams.rpki-client.org