$ rpki-client -vvf rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/20B02A7A2C6D11EF9E3D5230C4F9AE02.roa File: 20B02A7A2C6D11EF9E3D5230C4F9AE02.roa (raw, json) Hash identifier: H2+jKh4xZzJqTlXK+9On2PWXsSGlykUS9ZhMn+P1PmU= Subject key identifier: A5:3F:83:AF:0B:4F:DE:0E:74:E5:B7:E4:80:11:F0:84:C7:0D:80:99 Certificate issuer: /CN=A913AE23/serialNumber=E8876B51AB2B177440CD4C4CD2E4F0A598E0381C Certificate serial: 08 Authority key identifier: E8:87:6B:51:AB:2B:17:74:40:CD:4C:4C:D2:E4:F0:A5:98:E0:38:1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6IdrUasrF3RAzUxM0uTwpZjgOBw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/20B02A7A2C6D11EF9E3D5230C4F9AE02.roa Signing time: Mon 17 Jun 2024 15:42:37 +0000 ROA not before: Mon 17 Jun 2024 15:42:37 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 138933 IP address blocks: 2401:a820::/32 maxlen: 32 2401:a820:22::/48 maxlen: 48 2401:a820:100::/48 maxlen: 48 2401:a820:200::/48 maxlen: 48 2401:a820:300::/48 maxlen: 48 2401:a820:500::/48 maxlen: 48 2401:a820:600::/48 maxlen: 48 2401:a820:fce::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/6IdrUasrF3RAzUxM0uTwpZjgOBw.crl rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/6IdrUasrF3RAzUxM0uTwpZjgOBw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6IdrUasrF3RAzUxM0uTwpZjgOBw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Sep 2024 04:46:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913AE23/serialNumber=E8876B51AB2B177440CD4C4CD2E4F0A598E0381C Validity Not Before: Jun 17 15:42:37 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=6670596d-3150 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c4:90:84:f4:ca:a3:cb:4a:71:53:04:14:f5: 3e:80:a3:2a:fb:44:a0:ef:23:3c:b3:b1:eb:b4:d1: ca:a4:c6:f6:8d:d6:3f:c4:f0:f0:a8:d4:d6:e0:86: 28:b3:1a:cd:c0:86:df:a6:ea:a3:a3:45:cc:48:c5: 6b:47:e5:89:c1:a4:28:5d:68:04:b3:04:30:53:6c: 90:db:ee:54:1d:69:d8:ce:18:14:e6:03:fc:d4:73: 4a:9a:0d:44:d6:ce:b7:48:5d:d8:48:d6:fb:98:e6: 07:0e:cb:6b:cd:b9:00:72:03:45:d8:01:55:37:bf: 22:69:80:b4:88:06:80:c1:19:76:cd:df:ec:d6:ac: c2:3d:5a:eb:84:94:49:f9:56:0f:a4:4b:82:2f:33: 0d:3a:08:47:94:7f:12:bc:92:34:0f:b2:17:5a:af: 73:95:85:82:2e:58:c0:2d:60:84:1a:14:20:3a:1e: 08:76:fc:64:36:6b:80:3d:98:77:90:e4:4e:be:d2: 05:43:c3:c5:4a:7d:53:aa:53:b8:79:2d:91:1c:15: 87:3e:06:6b:71:d8:9b:83:38:f8:95:68:f7:6d:e5: 5b:ab:ab:46:79:68:a5:02:b5:13:96:ec:0c:68:94: fe:a4:cf:3c:6e:5c:96:72:1b:99:30:d1:e9:7c:26: d1:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:3F:83:AF:0B:4F:DE:0E:74:E5:B7:E4:80:11:F0:84:C7:0D:80:99 X509v3 Authority Key Identifier: keyid:E8:87:6B:51:AB:2B:17:74:40:CD:4C:4C:D2:E4:F0:A5:98:E0:38:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/6IdrUasrF3RAzUxM0uTwpZjgOBw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6IdrUasrF3RAzUxM0uTwpZjgOBw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913AE23/3A72ABFA2C6C11EFA346942DC4F9AE02/20B02A7A2C6D11EF9E3D5230C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:a820::/32 Signature Algorithm: sha256WithRSAEncryption 34:a3:b9:11:9b:3e:50:7f:57:44:2e:e8:23:79:3b:8c:b2:5a: a2:4a:65:ab:5d:07:74:4a:f5:8d:5d:c5:2a:2a:07:68:86:50: a1:0f:31:1a:9b:5e:f8:b3:e7:9a:bf:fc:05:cf:51:fc:85:82: e0:62:28:93:16:b9:d3:31:24:c6:b2:4d:7a:4e:c0:af:9c:47: 06:6b:c9:65:2c:d5:db:c4:6a:ac:1b:ee:9d:aa:d0:81:4f:36: df:8f:61:5c:68:b0:b4:a8:55:68:ea:eb:84:d2:35:9e:d9:8d: 8a:02:5c:ed:9f:5e:10:35:cc:53:a9:65:3c:aa:86:c6:11:22: 82:c8:59:40:3b:bd:fe:c2:ce:e5:17:20:5f:7e:79:69:c8:f5: fa:86:a1:10:a1:88:a9:3e:44:4d:ad:7e:42:2c:25:fe:fa:30: 93:0a:1c:ec:b2:d3:96:9d:a4:af:bd:16:b0:ca:da:69:46:37: cd:4b:ac:62:ec:b1:2a:cf:2e:c6:02:7c:c7:50:bc:ba:26:35: e3:e2:22:fc:c5:cb:97:28:7f:dd:43:80:ed:06:5b:44:a5:5e: 1e:57:89:98:4b:4c:c1:60:81:b0:d4:0b:40:ea:79:49:cd:b7: 12:14:71:5c:bf:4a:4b:1c:24:ff:8c:22:6d:8c:07:0d:97:2b: ef:69:71:a2 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz QUUyMzExMC8GA1UEBRMoRTg4NzZCNTFBQjJCMTc3NDQwQ0Q0QzRDRDJFNEYwQTU5 OEUwMzgxQzAeFw0yNDA2MTcxNTQyMzdaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY2NzA1OTZkLTMxNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC7xJCE9Mqjy0pxUwQU9T6Aoyr7RKDvIzyzseu00cqkxvaN1j/E8PCo1Nbghiiz Gs3Aht+m6qOjRcxIxWtH5YnBpChdaASzBDBTbJDb7lQdadjOGBTmA/zUc0qaDUTW zrdIXdhI1vuY5gcOy2vNuQByA0XYAVU3vyJpgLSIBoDBGXbN3+zWrMI9WuuElEn5 Vg+kS4IvMw06CEeUfxK8kjQPshdar3OVhYIuWMAtYIQaFCA6Hgh2/GQ2a4A9mHeQ 5E6+0gVDw8VKfVOqU7h5LZEcFYc+Bmtx2JuDOPiVaPdt5Vurq0Z5aKUCtROW7Axo lP6kzzxuXJZyG5kw0el8JtGnAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUpT+DrwtP 3g505bfkgBHwhMcNgJkwHwYDVR0jBBgwFoAU6IdrUasrF3RAzUxM0uTwpZjgOBww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNBRTIzLzNBNzJBQkZBMkM2 QzExRUZBMzQ2OTQyREM0RjlBRTAyLzZJZHJVYXNyRjNSQXpVeE0wdVR3cFpqZ09C dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNklkclVhc3JGM1JBelV4TTB1VHdwWmpnT0J3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QUUyMy8zQTcyQUJGQTJDNkMxMUVGQTM0Njk0MkRDNEY5QUUwMi8yMEIwMkE3QTJD NkQxMUVGOUUzRDUyMzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR MA8wDQQCAAIwBwMFACQBqCAwDQYJKoZIhvcNAQELBQADggEBADSjuRGbPlB/V0Qu 6CN5O4yyWqJKZatdB3RK9Y1dxSoqB2iGUKEPMRqbXviz55q//AXPUfyFguBiKJMW udMxJMayTXpOwK+cRwZryWUs1dvEaqwb7p2q0IFPNt+PYVxosLSoVWjq64TSNZ7Z jYoCXO2fXhA1zFOpZTyqhsYRIoLIWUA7vf7CzuUXIF9+eWnI9fqGoRChiKk+RE2t fkIsJf76MJMKHOyy05adpK+9FrDK2mlGN81LrGLssSrPLsYCfMdQvLomNePiIvzF y5cof91DgO0GW0SlXh5XiZhLTMFggbDUC0DqeUnNtxIUcVy/SkscJP+MIm2MBw2X K+9pcaI= -----END CERTIFICATE-----Generated at Tue Sep 17 06:07:26 2024 by rpki-client on console-fra.rpki-client.org