$ rpki-client -vvf rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/5997A6A624E011EDAEC0E529C4F9AE02.roa File: 5997A6A624E011EDAEC0E529C4F9AE02.roa (raw, json) Hash identifier: 6p9TqnChUnyfm26ZZLBLmmyndB/671MOguxKaFX62F4= Subject key identifier: 37:19:E4:6F:42:76:8D:D9:92:E6:92:B2:EE:C0:57:61:89:07:78:6E Certificate issuer: /CN=A9170E11/serialNumber=3D6447D7297483294ECECB853A5E500935D1B8D7 Certificate serial: 0366 Authority key identifier: 3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/5997A6A624E011EDAEC0E529C4F9AE02.roa Signing time: Thu 11 Jan 2024 02:24:29 +0000 ROA not before: Thu 11 Jan 2024 02:24:29 +0000 ROA not after: Mon 31 Mar 2025 00:00:00 +0000 asID: 210542 IP address blocks: 2400:3e20:2000::/36 maxlen: 36 2400:3e20:3000::/36 maxlen: 36 2400:3e20:e000::/36 maxlen: 36 2400:3e20:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.crl rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 02:51:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 870 (0x366) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170E11/serialNumber=3D6447D7297483294ECECB853A5E500935D1B8D7 Validity Not Before: Jan 11 02:24:29 2024 GMT Not After : Mar 31 00:00:00 2025 GMT Subject: CN=659f515d-202b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:43:35:f8:b4:81:2a:7b:e1:cf:44:49:e2:c6: 58:e5:c6:52:c3:c8:b1:9f:8a:a2:fd:b8:45:20:58: 6e:52:47:e4:99:28:34:4c:c9:9b:f7:88:99:a7:56: 76:d1:a1:32:c9:9a:ac:e2:0a:0d:c6:f2:b0:65:12: 0e:4f:74:96:d9:1f:f7:66:4d:74:e3:1e:03:15:da: 6e:0c:c1:6e:cb:cd:85:6c:cd:90:c2:77:6c:19:89: c5:63:a3:f2:9c:e1:e4:c0:4b:e9:3f:70:32:49:19: d5:46:df:15:50:50:00:fa:1b:01:f3:a0:fb:08:0c: 80:64:4b:aa:32:2c:91:b6:7c:1c:9a:96:a1:f2:68: 58:33:2f:c8:cc:38:3b:55:26:98:bd:97:bf:98:5d: 3a:5a:aa:a5:89:d7:c3:4b:9d:47:b0:02:8a:8d:4e: 08:0c:12:f0:25:66:6d:2a:f6:db:ed:5b:22:e1:af: e7:5e:0e:ca:7a:a2:63:d8:6f:69:90:e1:9a:83:1a: db:8a:70:26:66:32:54:a3:1d:73:24:de:3a:3d:ab: c9:d5:87:77:b9:15:6d:29:3f:a2:ef:33:08:12:d1: 9a:e5:ef:e8:72:f7:57:c1:8c:a5:3e:58:9f:7a:a2: 6a:de:e0:59:cb:b9:66:9a:77:d6:aa:a1:b6:67:ce: 44:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:19:E4:6F:42:76:8D:D9:92:E6:92:B2:EE:C0:57:61:89:07:78:6E X509v3 Authority Key Identifier: keyid:3D:64:47:D7:29:74:83:29:4E:CE:CB:85:3A:5E:50:09:35:D1:B8:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/PWRH1yl0gylOzsuFOl5QCTXRuNc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PWRH1yl0gylOzsuFOl5QCTXRuNc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170E11/D060C9B25BD611ECAD833651C4F9AE02/5997A6A624E011EDAEC0E529C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2400:3e20:2000::/35 2400:3e20:e000::/35 Signature Algorithm: sha256WithRSAEncryption 9c:02:78:91:38:61:8c:5a:27:da:77:ff:d1:f8:7b:6e:7d:60: fd:c6:a2:ab:a4:92:32:b4:4b:27:9b:19:db:0c:26:45:3a:dc: 63:51:1d:43:07:83:03:34:03:29:49:bf:cf:c4:50:12:fa:63: e8:5a:06:e9:27:f3:76:ce:a6:78:db:14:42:5f:9b:93:44:44: 21:e0:a6:e1:9a:02:5d:82:e8:cb:e3:ce:5f:36:b8:ca:d3:d0: 5d:21:8b:00:46:8b:18:b8:a5:f4:c8:28:a8:3f:e4:ac:36:cd: 17:14:b5:91:bc:08:39:53:43:b0:70:3c:bd:6f:54:0c:b3:cd: bb:d4:93:24:28:10:c3:63:78:95:82:01:d5:71:21:16:0e:e4: 1b:23:91:29:d2:9e:84:83:46:7f:73:e5:ad:78:48:c1:88:fc: b7:46:47:44:fb:86:2a:9a:d7:95:b0:68:2a:83:63:a4:31:2c: 32:26:eb:62:50:6b:36:8b:ee:23:d9:83:7d:35:14:af:1d:1c: a5:3c:92:d6:f3:ac:04:40:17:b3:46:c0:60:72:b4:68:dd:e2: 96:87:30:7f:9d:67:aa:24:c2:95:04:67:37:a4:cc:53:63:51: dc:69:6f:22:15:b2:c7:a0:ee:2b:ed:e4:5f:f3:7f:6a:1a:53: 75:68:4c:de -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgICA2YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBFMTExMTAvBgNVBAUTKDNENjQ0N0Q3Mjk3NDgzMjk0RUNFQ0I4NTNBNUU1MDA5 MzVEMUI4RDcwHhcNMjQwMTExMDIyNDI5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTlmNTE1ZC0yMDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxkM1+LSBKnvhz0RJ4sZY5cZSw8ixn4qi/bhFIFhuUkfkmSg0TMmb94iZp1Z2 0aEyyZqs4goNxvKwZRIOT3SW2R/3Zk104x4DFdpuDMFuy82FbM2QwndsGYnFY6Py nOHkwEvpP3AySRnVRt8VUFAA+hsB86D7CAyAZEuqMiyRtnwcmpah8mhYMy/IzDg7 VSaYvZe/mF06WqqlidfDS51HsAKKjU4IDBLwJWZtKvbb7Vsi4a/nXg7KeqJj2G9p kOGagxrbinAmZjJUox1zJN46PavJ1Yd3uRVtKT+i7zMIEtGa5e/ocvdXwYylPlif eqJq3uBZy7lmmnfWqqG2Z85EdwIDAQABo4ICnzCCApswHQYDVR0OBBYEFDcZ5G9C do3ZkuaSsu7AV2GJB3huMB8GA1UdIwQYMBaAFD1kR9cpdIMpTs7LhTpeUAk10bjX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEUxMS9EMDYwQzlCMjVC RDYxMUVDQUQ4MzM2NTFDNEY5QUUwMi9QV1JIMXlsMGd5bE96c3VGT2w1UUNUWFJ1 TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BXUkgxeWwwZ3lsT3pzdUZPbDVRQ1RYUnVOYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzBFMTEvRDA2MEM5QjI1QkQ2MTFFQ0FEODMzNjUxQzRGOUFFMDIvNTk5N0E2QTYy NEUwMTFFREFFQzBFNTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQcBAf8E GjAYMBYEAgACMBADBgUkAD4gIAMGBSQAPiDgMA0GCSqGSIb3DQEBCwUAA4IBAQCc AniROGGMWifad//R+HtufWD9xqKrpJIytEsnmxnbDCZFOtxjUR1DB4MDNAMpSb/P xFAS+mPoWgbpJ/N2zqZ42xRCX5uTREQh4KbhmgJdgujL485fNrjK09BdIYsARosY uKX0yCioP+SsNs0XFLWRvAg5U0OwcDy9b1QMs8271JMkKBDDY3iVggHVcSEWDuQb I5Ep0p6Eg0Z/c+WteEjBiPy3RkdE+4YqmteVsGgqg2OkMSwyJutiUGs2i+4j2YN9 NRSvHRylPJLW86wEQBezRsBgcrRo3eKWhzB/nWeqJMKVBGc3pMxTY1HcaW8iFbLH oO4r7eRf839qGlN1aEze -----END CERTIFICATE-----Generated at Fri May 17 03:52:21 2024 by rpki-client on console-ams.rpki-client.org