$ rpki-client -vvf rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/23F9E186AE5811EFAFE7FF84C4F9AE02.roa File: 23F9E186AE5811EFAFE7FF84C4F9AE02.roa (raw, json) Hash identifier: 1/AZpd9pLcHU8N9tmsYLkTIAugSfqWDpWEBhQfVHYVc= Subject key identifier: 3E:49:C7:D9:84:A3:26:A1:FD:DD:5C:1A:30:42:8F:18:A2:CB:CA:72 Certificate issuer: /CN=A912B12A/serialNumber=ECFF32440C4EE1D27943CDB72A7D491063402DF1 Certificate serial: 04 Authority key identifier: EC:FF:32:44:0C:4E:E1:D2:79:43:CD:B7:2A:7D:49:10:63:40:2D:F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7P8yRAxO4dJ5Q823Kn1JEGNALfE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/23F9E186AE5811EFAFE7FF84C4F9AE02.roa Signing time: Fri 29 Nov 2024 13:45:05 +0000 ROA not before: Fri 29 Nov 2024 13:45:05 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 153460 IP address blocks: 2401:db60::/34 maxlen: 34 2401:db60:4000::/34 maxlen: 34 2401:db60:8000::/34 maxlen: 34 2401:db60:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/7P8yRAxO4dJ5Q823Kn1JEGNALfE.crl rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/7P8yRAxO4dJ5Q823Kn1JEGNALfE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7P8yRAxO4dJ5Q823Kn1JEGNALfE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 Jan 2025 05:57:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912B12A/serialNumber=ECFF32440C4EE1D27943CDB72A7D491063402DF1 Validity Not Before: Nov 29 13:45:05 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=6749c561-be36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:cc:f6:9a:bf:da:36:b6:2b:66:26:ec:ea:13: d0:1b:0a:7e:ea:65:82:fa:17:74:3e:fc:10:07:63: 3a:41:17:3c:17:66:c1:ef:57:09:b3:9f:8e:f3:46: da:d0:04:2f:9d:ff:4e:52:cd:57:96:4d:9d:74:2b: b2:8e:b5:88:13:22:5c:a0:10:a8:3c:65:86:9f:22: 56:cb:1e:15:50:f6:25:f0:e9:38:97:cc:0e:2d:32: 7d:71:e7:48:1e:24:68:a7:ca:e4:74:06:40:05:8f: 0c:ce:36:a8:19:32:6e:8e:8f:31:6c:bf:24:2e:80: 62:19:d6:a6:fc:bc:6d:ca:e0:cf:8b:fb:0e:e0:29: 30:bb:c1:ea:6d:a6:c3:2b:a2:9b:65:4c:ce:ad:d5: 54:c3:3a:32:bf:61:d0:d8:9a:1d:39:8b:cb:bb:a3: 9f:e2:eb:8d:bf:e6:8d:eb:32:f5:c7:3e:a2:a2:fb: c7:5f:bc:4c:28:7f:2c:4b:62:b0:4e:b8:0f:d8:af: d4:96:2b:7c:ef:c5:67:ec:df:df:37:8f:26:c2:2e: c1:a6:52:93:45:00:ec:bc:79:de:d5:54:e7:8a:51: a6:7b:79:92:50:0f:2b:d3:f8:b1:fc:2c:eb:b0:59: 61:d7:1a:69:44:05:25:b7:a5:c4:f5:ca:75:a4:e3: 39:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:49:C7:D9:84:A3:26:A1:FD:DD:5C:1A:30:42:8F:18:A2:CB:CA:72 X509v3 Authority Key Identifier: keyid:EC:FF:32:44:0C:4E:E1:D2:79:43:CD:B7:2A:7D:49:10:63:40:2D:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/7P8yRAxO4dJ5Q823Kn1JEGNALfE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7P8yRAxO4dJ5Q823Kn1JEGNALfE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/23F9E186AE5811EFAFE7FF84C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:db60::/32 Signature Algorithm: sha256WithRSAEncryption 5c:f6:cb:37:4b:02:b9:85:79:9c:6d:f7:36:ab:ea:a0:ab:66: 2c:77:9b:ad:b7:63:d0:9f:e8:88:41:64:c1:9a:30:b3:c2:58: e7:f9:1d:e0:17:1c:d0:e9:73:f0:d0:a4:96:03:80:da:39:50: cb:03:0f:e9:61:ff:6d:2d:74:28:c6:e3:db:88:f4:99:3b:91: 37:a8:d5:4e:06:16:ef:bb:e8:01:ba:bf:c1:bb:1a:03:30:ee: cb:81:29:47:a8:b1:16:69:77:be:40:05:3d:6e:51:4a:56:11: c2:41:cf:0c:13:9a:1c:89:0f:18:e5:e1:26:55:ec:38:d5:0a: 5c:01:d4:72:64:e4:a4:86:80:57:85:97:32:46:9c:17:e5:d8: 37:d1:ac:ce:39:cc:cb:29:44:0e:83:b1:bf:5c:d2:a4:8f:1e: 08:6f:d4:a6:82:0b:24:4d:ef:cb:7f:d4:c1:b7:37:0d:26:11: c1:7e:c5:c2:6c:10:2d:93:14:ff:db:25:72:d2:f9:22:15:65: 2c:a0:41:e9:96:ec:cc:84:0b:dd:ad:c8:a5:36:76:bb:3f:af: 55:db:fd:9b:de:a9:23:b3:fa:25:3a:98:4c:4d:3c:ae:ac:fd: 83:f8:c6:be:98:fc:1f:e1:a4:1b:68:94:e2:2c:c5:5c:f2:31: ad:dc:de:48 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy QjEyQTExMC8GA1UEBRMoRUNGRjMyNDQwQzRFRTFEMjc5NDNDREI3MkE3RDQ5MTA2 MzQwMkRGMTAeFw0yNDExMjkxMzQ1MDVaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3NDljNTYxLWJlMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCgzPaav9o2titmJuzqE9AbCn7qZYL6F3Q+/BAHYzpBFzwXZsHvVwmzn47zRtrQ BC+d/05SzVeWTZ10K7KOtYgTIlygEKg8ZYafIlbLHhVQ9iXw6TiXzA4tMn1x50ge JGinyuR0BkAFjwzONqgZMm6OjzFsvyQugGIZ1qb8vG3K4M+L+w7gKTC7weptpsMr optlTM6t1VTDOjK/YdDYmh05i8u7o5/i642/5o3rMvXHPqKi+8dfvEwofyxLYrBO uA/Yr9SWK3zvxWfs3983jybCLsGmUpNFAOy8ed7VVOeKUaZ7eZJQDyvT+LH8LOuw WWHXGmlEBSW3pcT1ynWk4zmrAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUPknH2YSj JqH93VwaMEKPGKLLynIwHwYDVR0jBBgwFoAU7P8yRAxO4dJ5Q823Kn1JEGNALfEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJCMTJBL0I5RDRDRjQyQUUz RDExRUY5NkI3NkM2QUM0RjlBRTAyLzdQOHlSQXhPNGRKNVE4MjNLbjFKRUdOQUxm RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvN1A4eVJBeE80ZEo1UTgyM0tuMUpFR05BTGZFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QjEyQS9COUQ0Q0Y0MkFFM0QxMUVGOTZCNzZDNkFDNEY5QUUwMi8yM0Y5RTE4NkFF NTgxMUVGQUZFN0ZGODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR MA8wDQQCAAIwBwMFACQB22AwDQYJKoZIhvcNAQELBQADggEBAFz2yzdLArmFeZxt 9zar6qCrZix3m623Y9Cf6IhBZMGaMLPCWOf5HeAXHNDpc/DQpJYDgNo5UMsDD+lh /20tdCjG49uI9Jk7kTeo1U4GFu+76AG6v8G7GgMw7suBKUeosRZpd75ABT1uUUpW EcJBzwwTmhyJDxjl4SZV7DjVClwB1HJk5KSGgFeFlzJGnBfl2DfRrM45zMspRA6D sb9c0qSPHghv1KaCCyRN78t/1MG3Nw0mEcF+xcJsEC2TFP/bJXLS+SIVZSygQemW 7MyEC92tyKU2drs/r1Xb/ZveqSOz+iU6mExNPK6s/YP4xr6Y/B/hpBtolOIsxVzy Ma3c3kg= -----END CERTIFICATE-----Generated at Fri Dec 27 08:43:08 2024 by rpki-client on console-fra.rpki-client.org