$ rpki-client -vvf rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/423FF06C4A4511EF81E2217FC4F9AE02.roa File: 423FF06C4A4511EF81E2217FC4F9AE02.roa (raw, json) Hash identifier: p64lN/EUHHqmbgUUqW2L703RRR1IDPfGY6k2MR7AakQ= Subject key identifier: B9:52:51:19:2C:AC:B5:17:CE:3F:9D:D3:99:EF:20:DF:4E:AB:DD:95 Certificate issuer: /CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43 Certificate serial: 023F Authority key identifier: BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/423FF06C4A4511EF81E2217FC4F9AE02.roa Signing time: Thu 25 Jul 2024 05:18:00 +0000 ROA not before: Thu 25 Jul 2024 05:18:00 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 58925 IP address blocks: 2406:db00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/vBN8J3flHee9Gs6A2Gj9k6HsekM.crl rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/vBN8J3flHee9Gs6A2Gj9k6HsekM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 23:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 575 (0x23f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9126DA8/serialNumber=BC137C2777E51DE7BD1ACE80D868FD93A1EC7A43 Validity Not Before: Jul 25 05:18:00 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=66a1e007-35a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:9c:04:ff:52:f5:08:42:c0:cf:76:cb:a9:fe: 6e:2c:cf:f4:97:31:ea:9b:d7:da:83:38:d0:63:dc: 14:1f:56:de:c8:1e:27:30:d1:7a:1e:39:1f:0d:b7: 3d:f5:2a:43:36:39:de:ea:cb:29:56:ae:7e:86:1f: a0:a6:11:3d:f4:61:fa:65:c9:d3:32:fd:99:03:5c: 38:c8:37:c6:d6:39:8c:03:06:82:60:24:08:38:3d: bc:7a:ec:95:3a:c7:bc:9f:81:58:65:f8:de:93:b1: 34:89:c8:1d:c1:80:a4:9d:69:17:e6:f4:c4:ec:69: 11:e4:fd:ae:ee:3f:c1:18:44:bf:db:08:ee:5b:06: 20:ca:47:a5:c9:10:bf:ef:5c:fc:17:69:55:cf:e9: 53:28:e0:ed:17:4c:14:e2:96:67:eb:80:59:70:65: 49:3b:bb:00:3e:ce:ed:37:19:49:46:a6:16:07:43: 23:aa:ae:ec:cd:01:cb:fb:fd:88:04:93:4b:ff:8d: 77:89:cc:41:bc:10:36:cf:10:13:be:bd:4d:55:77: 38:18:1a:67:39:33:7c:fd:71:59:c9:f0:b9:20:39: 98:08:a6:16:62:f1:c5:42:d3:dc:1e:45:06:bf:5b: 06:ee:eb:ee:12:66:59:74:28:fd:67:bf:9a:cd:c3: a8:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:52:51:19:2C:AC:B5:17:CE:3F:9D:D3:99:EF:20:DF:4E:AB:DD:95 X509v3 Authority Key Identifier: keyid:BC:13:7C:27:77:E5:1D:E7:BD:1A:CE:80:D8:68:FD:93:A1:EC:7A:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/vBN8J3flHee9Gs6A2Gj9k6HsekM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vBN8J3flHee9Gs6A2Gj9k6HsekM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126DA8/76ED44EE01EB11ED99A31A1FC4F9AE02/423FF06C4A4511EF81E2217FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:db00::/32 Signature Algorithm: sha256WithRSAEncryption 47:bd:8c:d6:90:f7:19:90:25:20:e2:48:d6:a7:8e:1c:67:48: 65:ba:3d:47:5f:38:da:2b:22:0f:2e:de:fd:04:7b:96:ed:ec: 14:96:b5:b3:ad:f8:74:c7:7f:cd:c5:d0:3a:77:ae:70:f2:74: 40:4c:e3:cc:4c:c3:46:e8:c2:18:e8:5f:cc:19:ac:bf:eb:b2: cc:dc:26:8f:99:a5:ab:b3:bd:32:ef:cf:dd:52:56:5f:9c:b9: 8c:e1:28:d3:db:fa:f1:52:04:27:a5:5a:bc:d7:92:99:8a:97: 56:6c:91:75:85:24:92:fd:c0:8a:2e:2a:e2:49:c5:e9:a2:cf: ed:cd:38:6a:2d:22:63:3c:50:ef:45:4b:07:72:0a:27:7d:60: 92:bf:dd:34:18:0d:1e:ac:2a:04:6f:11:9b:ba:b8:84:aa:f9: c4:91:d7:4e:ee:1d:94:80:d6:78:d1:c9:d9:5c:90:03:5c:e2: 41:21:20:70:22:cd:95:57:bb:2f:5a:42:d6:a9:cd:9a:0d:c4: 91:f3:9b:c3:19:9c:99:11:26:61:57:76:ef:69:a9:60:8d:b7: 70:e5:9f:0e:e0:17:29:d4:89:90:10:16:ae:dc:47:5e:e9:e9: a1:f1:f2:02:22:32:7a:ed:01:77:3e:88:aa:bf:0c:dc:a0:46: 69:41:e0:e1 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICAj8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjZEQTgxMTAvBgNVBAUTKEJDMTM3QzI3NzdFNTFERTdCRDFBQ0U4MEQ4NjhGRDkz QTFFQzdBNDMwHhcNMjQwNzI1MDUxODAwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmExZTAwNy0zNWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9JwE/1L1CELAz3bLqf5uLM/0lzHqm9fagzjQY9wUH1beyB4nMNF6HjkfDbc9 9SpDNjne6sspVq5+hh+gphE99GH6ZcnTMv2ZA1w4yDfG1jmMAwaCYCQIOD28euyV Ose8n4FYZfjek7E0icgdwYCknWkX5vTE7GkR5P2u7j/BGES/2wjuWwYgykelyRC/ 71z8F2lVz+lTKODtF0wU4pZn64BZcGVJO7sAPs7tNxlJRqYWB0Mjqq7szQHL+/2I BJNL/413icxBvBA2zxATvr1NVXc4GBpnOTN8/XFZyfC5IDmYCKYWYvHFQtPcHkUG v1sG7uvuEmZZdCj9Z7+azcOoIwIDAQABo4ICljCCApIwHQYDVR0OBBYEFLlSURks rLUXzj+d05nvIN9Oq92VMB8GA1UdIwQYMBaAFLwTfCd35R3nvRrOgNho/ZOh7HpD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNkRBOC83NkVENDRFRTAx RUIxMUVEOTlBMzFBMUZDNEY5QUUwMi92Qk44SjNmbEhlZTlHczZBMkdqOWs2SHNl a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZCTjhKM2ZsSGVlOUdzNkEyR2o5azZIc2VrTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjZEQTgvNzZFRDQ0RUUwMUVCMTFFRDk5QTMxQTFGQzRGOUFFMDIvNDIzRkYwNkM0 QTQ1MTFFRjgxRTIyMTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkBtsAMA0GCSqGSIb3DQEBCwUAA4IBAQBHvYzWkPcZkCUg 4kjWp44cZ0hluj1HXzjaKyIPLt79BHuW7ewUlrWzrfh0x3/NxdA6d65w8nRATOPM TMNG6MIY6F/MGay/67LM3CaPmaWrs70y78/dUlZfnLmM4SjT2/rxUgQnpVq815KZ ipdWbJF1hSSS/cCKLiriScXpos/tzThqLSJjPFDvRUsHcgonfWCSv900GA0erCoE bxGburiEqvnEkddO7h2UgNZ40cnZXJADXOJBISBwIs2VV7svWkLWqc2aDcSR85vD GZyZESZhV3bvaalgjbdw5Z8O4Bcp1ImQEBau3Ede6emh8fICIjJ67QF3Poiqvwzc oEZpQeDh -----END CERTIFICATE-----Generated at Mon Nov 25 03:00:18 2024 by rpki-client on console-fra.rpki-client.org