$ rpki-client -vvf rpki.apnic.net/member_repository/A913C07A/FB182998BE6711EEB33C6D6EC4F9AE02/A20C3500BE6811EEBFF35870C4F9AE02.roa File: A20C3500BE6811EEBFF35870C4F9AE02.roa (raw, json) Hash identifier: c6893+1KjPQa/LtrFWR6uLPBm/0LNUFn7UJlPtKcgfE= Subject key identifier: BB:96:0E:40:0E:E0:B0:42:EF:C5:A8:D4:C5:D1:29:6C:15:FC:F9:13 Certificate issuer: /CN=A913C07A/serialNumber=30F0DB82D58F583E8488379BA00D35ACB3526110 Certificate serial: 5B Authority key identifier: 30:F0:DB:82:D5:8F:58:3E:84:88:37:9B:A0:0D:35:AC:B3:52:61:10 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MPDbgtWPWD6EiDeboA01rLNSYRA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913C07A/FB182998BE6711EEB33C6D6EC4F9AE02/A20C3500BE6811EEBFF35870C4F9AE02.roa Signing time: Tue 02 Jul 2024 09:24:57 +0000 ROA not before: Tue 02 Jul 2024 09:24:57 +0000 ROA not after: Thu 01 May 2025 00:00:00 +0000 asID: 152447 IP address blocks: 2401:7ae0::/32 maxlen: 32 2401:7ae0::/36 maxlen: 36 2401:7ae0:4000::/36 maxlen: 36 2401:7ae0:4003::/48 maxlen: 48 2401:7ae0:8000::/36 maxlen: 36 2401:7ae0:c000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913C07A/FB182998BE6711EEB33C6D6EC4F9AE02/MPDbgtWPWD6EiDeboA01rLNSYRA.crl rsync://rpki.apnic.net/member_repository/A913C07A/FB182998BE6711EEB33C6D6EC4F9AE02/MPDbgtWPWD6EiDeboA01rLNSYRA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MPDbgtWPWD6EiDeboA01rLNSYRA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 04:30:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 91 (0x5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913C07A/serialNumber=30F0DB82D58F583E8488379BA00D35ACB3526110 Validity Not Before: Jul 2 09:24:57 2024 GMT Not After : May 1 00:00:00 2025 GMT Subject: CN=6683c768-e4bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:25:65:74:02:47:33:f5:3c:ce:de:cd:d7:71: 5f:5e:c0:b9:b4:c2:f7:c9:1f:d2:71:41:50:f7:a9: 71:dc:fd:df:a9:e3:29:5f:ac:05:94:56:15:7c:89: 0f:df:6a:bd:a0:f2:7e:a7:5e:78:20:6c:8a:05:7e: 98:e3:8b:ba:0f:54:48:6c:be:c0:aa:f5:1a:f1:bc: 9d:af:e3:9a:9f:c1:e4:32:e8:6f:a1:e3:16:71:bd: 36:3b:1b:ce:29:47:c9:31:40:b6:83:17:58:df:55: aa:61:6b:80:ba:ca:ce:68:dc:04:a0:4a:55:c2:bb: 0c:e0:0d:73:49:1a:b8:ec:1a:20:27:da:7e:aa:5d: 11:b7:df:d8:6f:93:8d:68:e2:bc:ff:1e:c4:34:e9: ca:19:83:06:bb:b1:a1:51:5c:71:63:fd:cb:bd:3b: ed:a4:60:50:67:72:85:2c:5e:f9:4e:be:ed:fc:e4: 56:8e:c6:3e:09:4f:8b:17:f0:3d:59:d0:51:42:f4: 47:83:c5:ed:ed:d4:08:55:20:c2:ef:d0:fe:37:c1: 1e:df:aa:f4:24:1d:b9:de:e1:d7:cf:cf:bd:65:dc: b9:89:ae:ff:61:97:c9:8f:9d:fa:6e:c6:a5:9f:ef: 5c:62:4b:a8:b1:52:05:b9:f2:c8:1c:d9:54:ec:59: b5:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:96:0E:40:0E:E0:B0:42:EF:C5:A8:D4:C5:D1:29:6C:15:FC:F9:13 X509v3 Authority Key Identifier: keyid:30:F0:DB:82:D5:8F:58:3E:84:88:37:9B:A0:0D:35:AC:B3:52:61:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913C07A/FB182998BE6711EEB33C6D6EC4F9AE02/MPDbgtWPWD6EiDeboA01rLNSYRA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MPDbgtWPWD6EiDeboA01rLNSYRA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C07A/FB182998BE6711EEB33C6D6EC4F9AE02/A20C3500BE6811EEBFF35870C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:7ae0::/32 Signature Algorithm: sha256WithRSAEncryption a4:bb:6c:68:e0:5f:d5:22:51:75:a0:cb:16:ec:a2:6a:5e:eb: 6c:69:da:14:e4:a8:d6:11:8f:de:c8:60:00:a8:d3:22:34:c8: 8a:d4:3c:09:24:4f:c2:3a:2b:8f:e6:86:ee:97:f8:30:7b:e5: 46:1e:3d:9f:5a:13:c3:91:2f:6b:98:3e:b4:ca:e1:5e:27:90: b7:62:18:25:fc:39:0d:79:18:ab:95:5f:a3:97:f8:af:f6:86: 4b:36:2f:f7:c9:7b:fa:14:f5:00:fb:07:e2:f5:b3:08:11:de: 82:7f:6e:3d:6a:c7:1c:0b:05:cf:5e:ba:38:af:46:3a:b6:a6: a5:b2:1c:83:9f:9c:01:91:b8:12:cf:bc:47:8b:26:a8:23:d7: 00:e6:1d:16:ef:7b:21:0f:dc:66:0f:f6:05:16:77:b0:6b:a8: 61:d0:96:aa:bc:af:60:cc:c2:a4:63:de:f5:e2:b3:64:22:dd: e6:76:1a:90:b3:df:ad:26:79:41:cd:55:8d:f8:74:a3:d1:3b: 49:c8:b6:ee:89:59:74:94:fe:52:26:4b:e1:af:e3:e0:73:df: 91:b6:56:87:d5:81:c5:d5:71:08:44:33:64:c6:cb:de:56:ae: 79:3c:da:0b:b3:9a:21:a4:a5:10:30:72:ca:fb:c7:8f:01:44: 73:db:5b:84 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgIBWzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz QzA3QTExMC8GA1UEBRMoMzBGMERCODJENThGNTgzRTg0ODgzNzlCQTAwRDM1QUNC MzUyNjExMDAeFw0yNDA3MDIwOTI0NTdaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2ODNjNzY4LWU0YmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC9JWV0Akcz9TzO3s3XcV9ewLm0wvfJH9JxQVD3qXHc/d+p4ylfrAWUVhV8iQ/f ar2g8n6nXnggbIoFfpjji7oPVEhsvsCq9RrxvJ2v45qfweQy6G+h4xZxvTY7G84p R8kxQLaDF1jfVapha4C6ys5o3ASgSlXCuwzgDXNJGrjsGiAn2n6qXRG339hvk41o 4rz/HsQ06coZgwa7saFRXHFj/cu9O+2kYFBncoUsXvlOvu385FaOxj4JT4sX8D1Z 0FFC9EeDxe3t1AhVIMLv0P43wR7fqvQkHbne4dfPz71l3LmJrv9hl8mPnfpuxqWf 71xiS6ixUgW58sgc2VTsWbWtAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUu5YOQA7g sELvxajUxdEpbBX8+RMwHwYDVR0jBBgwFoAUMPDbgtWPWD6EiDeboA01rLNSYRAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNDMDdBL0ZCMTgyOTk4QkU2 NzExRUVCMzNDNkQ2RUM0RjlBRTAyL01QRGJndFdQV0Q2RWlEZWJvQTAxckxOU1lS QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTVBEYmd0V1BXRDZFaURlYm9BMDFyTE5TWVJBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QzA3QS9GQjE4Mjk5OEJFNjcxMUVFQjMzQzZENkVDNEY5QUUwMi9BMjBDMzUwMEJF NjgxMUVFQkZGMzU4NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR MA8wDQQCAAIwBwMFACQBeuAwDQYJKoZIhvcNAQELBQADggEBAKS7bGjgX9UiUXWg yxbsompe62xp2hTkqNYRj97IYACo0yI0yIrUPAkkT8I6K4/mhu6X+DB75UYePZ9a E8ORL2uYPrTK4V4nkLdiGCX8OQ15GKuVX6OX+K/2hks2L/fJe/oU9QD7B+L1swgR 3oJ/bj1qxxwLBc9eujivRjq2pqWyHIOfnAGRuBLPvEeLJqgj1wDmHRbveyEP3GYP 9gUWd7BrqGHQlqq8r2DMwqRj3vXis2Qi3eZ2GpCz360meUHNVY34dKPRO0nItu6J WXSU/lImS+Gv4+Bz35G2VofVgcXVcQhEM2TGy95Wrnk82guzmiGkpRAwcsr7x48B RHPbW4Q= -----END CERTIFICATE-----Generated at Thu Nov 21 05:37:04 2024 by rpki-client on console-ams.rpki-client.org