$ rpki-client -vvf rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/D84424F80BF411ECB17CCF3AC4F9AE02.roa File: D84424F80BF411ECB17CCF3AC4F9AE02.roa (raw, json) Hash identifier: 8ZBWrB4Cmgw4+khhlLKVt4TaGBSu9E8OvSyvF5SrN3g= Subject key identifier: 16:B1:20:6E:D7:38:99:D4:91:09:BA:76:92:B3:9A:EC:0B:95:B2:76 Certificate issuer: /CN=A912C72C/serialNumber=58B4DF8E4757CAFDE5462F4A1AF870FE2144DC5B Certificate serial: 04BD Authority key identifier: 58:B4:DF:8E:47:57:CA:FD:E5:46:2F:4A:1A:F8:70:FE:21:44:DC:5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/D84424F80BF411ECB17CCF3AC4F9AE02.roa Signing time: Wed 29 Nov 2023 01:13:22 +0000 ROA not before: Wed 29 Nov 2023 01:13:22 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 136899 IP address blocks: 2401:bc40:6300::/40 maxlen: 40 2401:bc40:a300::/40 maxlen: 40 2401:bc40:e303::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.crl rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Dec 2024 17:11:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1213 (0x4bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C72C/serialNumber=58B4DF8E4757CAFDE5462F4A1AF870FE2144DC5B Validity Not Before: Nov 29 01:13:22 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=65669032-ec31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8b:ce:a8:50:21:82:cc:83:a5:e2:8b:46:4b: 92:b2:82:df:d2:5c:c2:4f:ea:be:ae:c6:43:32:96: f9:42:fe:e9:73:98:3b:4b:e3:0a:48:cf:1f:18:43: ba:f2:8c:57:78:ad:ce:49:76:ba:79:78:d7:f8:43: 05:d5:01:7b:fe:f6:d8:eb:1e:36:2a:60:33:82:ca: 5b:8c:11:d5:3d:f5:b2:ab:a4:14:f7:de:3c:e4:1d: 3f:b2:f5:04:32:33:f7:b1:72:e4:d9:7a:24:ed:c8: 1e:e4:34:5c:77:dc:08:06:d8:6b:f0:d3:b5:b9:46: de:6f:eb:fb:24:f7:d0:3c:fb:cc:40:f5:3a:8a:6d: 99:0e:0d:19:8c:cb:5f:ba:a3:cd:b5:bd:1b:25:5c: b2:2a:2a:13:e6:c4:94:e6:be:bc:06:0a:6d:bf:2b: 6b:07:64:64:90:f2:4c:f2:90:54:2b:88:27:66:56: cc:59:da:bb:8c:f9:6c:c2:06:3b:b6:d6:de:40:d2: 96:52:ac:b3:07:9b:5a:63:52:ef:dd:5f:59:3e:3f: ee:94:3c:50:e9:5b:77:e2:55:20:dd:7d:19:b2:8a: d8:31:eb:73:ea:0d:47:c3:25:b6:c6:b7:66:15:aa: b1:88:28:f7:bb:50:0b:db:94:f7:8c:60:a6:25:42: 32:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:B1:20:6E:D7:38:99:D4:91:09:BA:76:92:B3:9A:EC:0B:95:B2:76 X509v3 Authority Key Identifier: keyid:58:B4:DF:8E:47:57:CA:FD:E5:46:2F:4A:1A:F8:70:FE:21:44:DC:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/D84424F80BF411ECB17CCF3AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:bc40:6300::/40 2401:bc40:a300::/40 2401:bc40:e303::/48 Signature Algorithm: sha256WithRSAEncryption 7c:81:24:bc:12:70:81:fe:8c:2d:c7:a1:a9:62:52:c4:38:c5: 01:47:a6:62:8c:d3:ae:3c:84:d1:5f:10:24:c9:90:43:96:88: 32:c3:3e:81:63:ff:2b:c5:ac:83:1a:61:0d:4b:9e:bf:c2:74: 74:72:01:c5:08:60:ba:af:ea:05:d5:08:8c:ad:11:83:a5:db: aa:da:38:4f:87:55:91:92:fd:62:79:f9:00:72:b8:82:51:1c: ea:ed:eb:b5:f1:16:61:84:59:17:dd:9d:6e:03:24:c6:78:37: 09:d9:9a:2b:6c:66:cf:32:3a:4d:9d:0a:98:3c:48:b1:43:48: 2e:9d:59:71:19:08:15:be:5a:6f:3e:a1:9e:f0:30:78:61:29: d3:83:f9:7e:b7:d9:82:a5:a4:fa:81:75:b9:55:7b:1e:a1:c1: 38:10:d3:3f:01:c3:43:11:26:fe:66:20:20:0c:a3:d9:9b:04: 92:7d:71:45:4c:ab:af:35:45:ba:49:93:35:a1:68:b6:c0:b4: 52:7b:5f:d4:36:31:2d:f8:50:67:7c:16:26:2b:15:a5:7c:7b: 9b:21:b8:e6:87:13:16:e6:e8:18:2b:c9:9d:da:c5:4f:9a:38: bf:48:a1:d0:2b:76:2a:9c:7b:6e:99:39:ef:a6:3f:dc:e0:c2: f1:e0:cc:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM3MkMxMTAvBgNVBAUTKDU4QjRERjhFNDc1N0NBRkRFNTQ2MkY0QTFBRjg3MEZF MjE0NERDNUIwHhcNMjMxMTI5MDExMzIyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTY2OTAzMi1lYzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu4vOqFAhgsyDpeKLRkuSsoLf0lzCT+q+rsZDMpb5Qv7pc5g7S+MKSM8fGEO6 8oxXeK3OSXa6eXjX+EMF1QF7/vbY6x42KmAzgspbjBHVPfWyq6QU99485B0/svUE MjP3sXLk2Xok7cge5DRcd9wIBthr8NO1uUbeb+v7JPfQPPvMQPU6im2ZDg0ZjMtf uqPNtb0bJVyyKioT5sSU5r68BgptvytrB2RkkPJM8pBUK4gnZlbMWdq7jPlswgY7 ttbeQNKWUqyzB5taY1Lv3V9ZPj/ulDxQ6Vt34lUg3X0ZsorYMetz6g1HwyW2xrdm FaqxiCj3u1AL25T3jGCmJUIy8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBaxIG7X OJnUkQm6dpKzmuwLlbJ2MB8GA1UdIwQYMBaAFFi0345HV8r95UYvShr4cP4hRNxb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzcyQy84RUM2MTQwRUMz QUExMUVCODcwRUE5MUNDNEY5QUUwMi9XTFRmamtkWHl2M2xSaTlLR3Zod19pRkUz RnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dMVGZqa2RYeXYzbFJpOUtHdmh3X2lGRTNGcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkM3MkMvOEVDNjE0MEVDM0FBMTFFQjg3MEVBOTFDQzRGOUFFMDIvRDg0NDI0Rjgw QkY0MTFFQ0IxN0NDRjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMgYIKwYBBQUHAQcBAf8E IzAhMB8EAgACMBkDBgAkAbxAYwMGACQBvECjAwcAJAG8QOMDMA0GCSqGSIb3DQEB CwUAA4IBAQB8gSS8EnCB/owtx6GpYlLEOMUBR6ZijNOuPITRXxAkyZBDlogywz6B Y/8rxayDGmENS56/wnR0cgHFCGC6r+oF1QiMrRGDpduq2jhPh1WRkv1iefkAcriC URzq7eu18RZhhFkX3Z1uAyTGeDcJ2ZorbGbPMjpNnQqYPEixQ0gunVlxGQgVvlpv PqGe8DB4YSnTg/l+t9mCpaT6gXW5VXseocE4ENM/AcNDESb+ZiAgDKPZmwSSfXFF TKuvNUW6SZM1oWi2wLRSe1/UNjEt+FBnfBYmKxWlfHubIbjmhxMW5ugYK8md2sVP mji/SKHQK3YqnHtumTnvpj/c4MLx4MzI -----END CERTIFICATE-----Generated at Sun Nov 24 23:58:44 2024 by rpki-client on console-fra.rpki-client.org