$ rpki-client -vvf rpki.apnic.net/member_repository/A9142489/3A3F28369BFA11EFBEB9846EC4F9AE02/4D7DE09E9BFB11EF8E975D70C4F9AE02.roa File: 4D7DE09E9BFB11EF8E975D70C4F9AE02.roa (raw, json) Hash identifier: xVXEBqNGZO/ZZnI7W9UjDyYax3N6maC/JTY4vWV0zlk= Subject key identifier: E5:D2:E6:83:C8:07:B4:B2:BC:7D:4B:AB:D5:C9:56:D7:3D:C0:98:25 Certificate issuer: /CN=A9142489/serialNumber=AAE5759A7E98AA7458598DE3C19AA1797F00F5F5 Certificate serial: 02 Authority key identifier: AA:E5:75:9A:7E:98:AA:74:58:59:8D:E3:C1:9A:A1:79:7F:00:F5:F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/quV1mn6YqnRYWY3jwZqheX8A9fU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142489/3A3F28369BFA11EFBEB9846EC4F9AE02/4D7DE09E9BFB11EF8E975D70C4F9AE02.roa Signing time: Wed 06 Nov 2024 04:55:11 +0000 ROA not before: Wed 06 Nov 2024 04:55:11 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 153393 IP address blocks: 2401:d4e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142489/3A3F28369BFA11EFBEB9846EC4F9AE02/quV1mn6YqnRYWY3jwZqheX8A9fU.crl rsync://rpki.apnic.net/member_repository/A9142489/3A3F28369BFA11EFBEB9846EC4F9AE02/quV1mn6YqnRYWY3jwZqheX8A9fU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/quV1mn6YqnRYWY3jwZqheX8A9fU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 05:18:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142489/serialNumber=AAE5759A7E98AA7458598DE3C19AA1797F00F5F5 Validity Not Before: Nov 6 04:55:11 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=672af6af-50cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:6a:85:86:8e:af:05:d4:38:be:63:d9:5b:e5: 6b:64:93:af:30:68:89:f4:ae:f8:3b:1b:12:9d:eb: 35:1f:88:55:65:55:f5:0c:0e:4f:94:95:4f:54:57: ac:42:0b:11:ea:3a:c5:a3:ef:af:65:a2:f8:2c:56: 86:ee:37:48:a0:23:9c:c9:5b:3b:90:ee:be:64:ba: 16:a7:0e:dd:e8:a3:83:34:6d:92:a5:79:29:61:b2: 77:bc:d7:0c:2f:84:3e:5d:54:0e:39:2d:3d:10:d2: 47:d8:a2:ed:5f:89:95:8f:1c:32:e8:5f:88:f2:e6: 7c:40:1a:2e:cb:e6:9e:2f:89:d2:2f:ad:8c:80:76: e2:37:60:50:4f:ef:27:43:ce:4a:bd:d0:80:4d:c6: e5:3a:65:c5:e5:48:89:b0:27:87:99:7c:cc:de:bb: 11:bd:32:ac:32:bd:84:b6:c2:c4:7e:c0:38:bd:97: 58:78:4a:26:55:f3:d4:2b:f2:32:bc:10:c4:85:88: fa:69:af:c2:29:9b:b6:a0:01:0e:55:68:74:1e:bb: b0:59:d2:d1:37:00:f7:80:9b:1d:32:84:22:f0:b9: 60:eb:44:45:8b:92:25:de:55:57:62:c3:ee:2b:1a: 93:4e:ac:86:4a:50:13:b7:50:de:4f:7c:50:3f:80: 4b:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:D2:E6:83:C8:07:B4:B2:BC:7D:4B:AB:D5:C9:56:D7:3D:C0:98:25 X509v3 Authority Key Identifier: keyid:AA:E5:75:9A:7E:98:AA:74:58:59:8D:E3:C1:9A:A1:79:7F:00:F5:F5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142489/3A3F28369BFA11EFBEB9846EC4F9AE02/quV1mn6YqnRYWY3jwZqheX8A9fU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/quV1mn6YqnRYWY3jwZqheX8A9fU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142489/3A3F28369BFA11EFBEB9846EC4F9AE02/4D7DE09E9BFB11EF8E975D70C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:d4e0::/48 Signature Algorithm: sha256WithRSAEncryption 1f:3f:ff:e3:f0:7a:dc:3c:f1:f1:74:44:2f:40:7d:c3:df:27: 58:bb:c5:c4:bc:5c:63:cb:e0:f4:7a:c2:f3:3f:43:5d:0b:1f: 2b:f7:31:a8:b9:cb:ac:b2:a5:a3:4d:bd:72:66:b9:02:8e:15: 2e:61:7d:86:08:20:ce:da:14:d9:db:b1:7a:72:bb:5c:b2:2e: b4:41:9b:95:03:c2:ea:86:73:ab:3b:6e:2a:13:4d:f2:5b:af: 97:ad:ad:97:88:26:b5:a5:bd:a2:d5:59:9d:1d:dd:25:00:f2: ac:83:37:e5:4f:d9:0e:5e:55:b4:67:3e:83:53:63:b6:32:6c: 5b:7d:1c:e8:a4:2d:97:ff:07:d6:22:62:20:45:0e:6c:bf:23: 18:2d:2d:69:00:89:1f:43:88:42:eb:2b:d1:79:e1:3e:97:eb: f2:9d:67:5b:99:38:ed:75:9c:aa:bf:b8:ec:94:7a:65:85:ac: f2:96:a9:ab:97:af:60:b6:bd:ed:3f:ba:82:55:72:4e:cd:7f: f3:b4:16:02:6f:a3:38:01:ec:05:22:db:84:07:8c:27:c9:6d: ba:82:79:0d:8d:f7:72:59:ce:bf:1e:84:17:c2:aa:e5:9b:7d: 88:8d:51:48:9a:c6:71:53:66:7d:5d:d2:57:81:2a:ef:85:30: 62:a2:07:07 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MjQ4OTExMC8GA1UEBRMoQUFFNTc1OUE3RTk4QUE3NDU4NTk4REUzQzE5QUExNzk3 RjAwRjVGNTAeFw0yNDExMDYwNDU1MTFaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3MmFmNmFmLTUwY2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCwaoWGjq8F1Di+Y9lb5Wtkk68waIn0rvg7GxKd6zUfiFVlVfUMDk+UlU9UV6xC CxHqOsWj769lovgsVobuN0igI5zJWzuQ7r5kuhanDt3oo4M0bZKleSlhsne81wwv hD5dVA45LT0Q0kfYou1fiZWPHDLoX4jy5nxAGi7L5p4vidIvrYyAduI3YFBP7ydD zkq90IBNxuU6ZcXlSImwJ4eZfMzeuxG9MqwyvYS2wsR+wDi9l1h4SiZV89Qr8jK8 EMSFiPppr8Ipm7agAQ5VaHQeu7BZ0tE3APeAmx0yhCLwuWDrREWLkiXeVVdiw+4r GpNOrIZKUBO3UN5PfFA/gEtpAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQU5dLmg8gH tLK8fUur1clW1z3AmCUwHwYDVR0jBBgwFoAUquV1mn6YqnRYWY3jwZqheX8A9fUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyNDg5LzNBM0YyODM2OUJG QTExRUZCRUI5ODQ2RUM0RjlBRTAyL3F1VjFtbjZZcW5SWVdZM2p3WnFoZVg4QTlm VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcXVWMW1uNllxblJZV1kzandacWhlWDhBOWZVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjQ4OS8zQTNGMjgzNjlCRkExMUVGQkVCOTg0NkVDNEY5QUUwMi80RDdERTA5RTlC RkIxMUVGOEU5NzVENzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHACQB1OAAADANBgkqhkiG9w0BAQsFAAOCAQEAHz//4/B63Dzx 8XREL0B9w98nWLvFxLxcY8vg9HrC8z9DXQsfK/cxqLnLrLKlo029cma5Ao4VLmF9 hgggztoU2duxenK7XLIutEGblQPC6oZzqztuKhNN8luvl62tl4gmtaW9otVZnR3d JQDyrIM35U/ZDl5VtGc+g1NjtjJsW30c6KQtl/8H1iJiIEUObL8jGC0taQCJH0OI Qusr0XnhPpfr8p1nW5k47XWcqr+47JR6ZYWs8papq5evYLa97T+6glVyTs1/87QW Am+jOAHsBSLbhAeMJ8ltuoJ5DY33clnOvx6EF8Kq5Zt9iI1RSJrGcVNmfV3SV4Eq 74UwYqIHBw== -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:01 2024 by rpki-client on console-ams.rpki-client.org