$ rpki-client -vvf rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/854D304E0C9B11EC8433FE7AC4F9AE02.roa File: 854D304E0C9B11EC8433FE7AC4F9AE02.roa (raw, json) Hash identifier: pak3Iy8E0gYpnvDkmWBebcI4LeVYUCjbRqic1+nKIXc= Subject key identifier: 86:77:5A:A8:10:4B:42:D5:C0:15:7E:E6:13:42:4F:8F:46:79:26:C1 Certificate issuer: /CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897 Certificate serial: 1599 Authority key identifier: E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/854D304E0C9B11EC8433FE7AC4F9AE02.roa Signing time: Fri 12 Jul 2024 17:25:17 +0000 ROA not before: Fri 12 Jul 2024 17:25:17 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 394749 IP address blocks: 2404:6900:2012::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 16:45:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5529 (0x1599) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897 Validity Not Before: Jul 12 17:25:17 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=669166fc-5d90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:e4:f3:be:f6:ed:7c:53:a0:72:f9:15:53:47: d6:39:34:11:e1:7b:f2:a4:2b:f6:ed:b4:43:f0:0a: f4:e7:a6:a3:25:71:73:e0:07:a4:50:5a:f1:f3:d6: 82:45:2c:31:8c:fa:f9:d7:6b:cc:a9:aa:c7:83:77: f2:86:68:c0:1e:d3:b5:82:d8:69:fa:17:79:0d:2a: e5:62:7d:b1:9e:cb:d9:a9:01:c0:b4:71:8f:2d:d6: 66:f7:b7:c4:25:bf:f7:ea:02:ad:29:c8:3b:fe:ac: 80:97:c5:e0:d5:70:48:3a:e1:16:f5:bc:d9:f4:b8: cc:64:e0:dd:16:e9:00:71:ef:df:10:75:bc:66:7a: bd:7b:7e:65:6d:8a:af:5c:7b:6d:c1:e8:be:08:b1: e9:43:bd:f7:04:16:20:b8:71:ad:43:ca:84:8b:c4: 18:0f:70:91:49:40:a7:5f:0e:4a:46:e9:13:2a:51: 7b:c1:55:59:e6:8f:fb:be:04:f3:7b:e0:a1:2d:bb: ab:56:43:6d:58:99:bb:b0:a0:35:73:41:68:dc:9f: 10:4b:d2:84:64:26:8e:1b:d5:b0:a1:08:ab:6a:3b: c8:a5:51:f2:42:47:a2:73:ea:61:7b:19:04:31:bb: 7c:23:18:73:1b:e5:eb:fa:d8:99:75:38:a7:c2:00: 47:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:77:5A:A8:10:4B:42:D5:C0:15:7E:E6:13:42:4F:8F:46:79:26:C1 X509v3 Authority Key Identifier: keyid:E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/854D304E0C9B11EC8433FE7AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2404:6900:2012::/48 Signature Algorithm: sha256WithRSAEncryption 09:7a:1f:55:f1:63:bf:a2:31:da:bf:6a:dc:a9:36:0f:bd:2b: a2:8c:9a:bb:84:5f:bc:ae:36:ac:8e:27:0c:b6:e3:76:69:79: ba:0f:76:6b:c5:4b:9b:a5:d5:29:8e:71:c8:b9:f2:4d:03:28: 84:0f:c8:da:0f:53:b3:a8:b9:a1:d9:5f:ff:df:80:34:11:50: b1:80:7a:86:e2:fd:a6:23:02:d6:6f:f2:6f:21:46:e2:dc:65: 52:14:5f:b6:d6:f9:31:53:d2:eb:4d:8d:60:82:5d:1f:ec:c3: 25:3f:d5:14:10:9a:e0:51:89:bf:76:32:ee:35:9c:a4:ff:38: 25:31:1c:dd:a6:00:9d:d4:84:22:da:84:a8:56:78:67:15:5c: e8:e7:b5:d9:55:aa:58:98:1d:73:70:d7:67:95:62:e6:e9:ee: 61:ea:90:ea:f3:35:a6:d9:33:37:cd:1d:d5:94:8a:99:8a:43: 3c:c5:f8:b6:18:56:a4:01:30:d5:c4:6b:94:00:1d:a4:ba:fa: b8:94:23:14:95:4b:12:ec:b4:4c:cd:49:e5:be:de:08:4e:68: f0:86:49:13:68:3d:2d:74:16:36:80:3f:1a:3a:26:07:01:4c: fa:69:a9:e5:b3:45:8d:93:55:99:50:ad:26:ea:fc:b0:f5:a0: b1:34:f2:55 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICFZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzJEOTExMTAvBgNVBAUTKEUyRURFNEE3RUE5NzI2NjhBNzk1QjI3QkE5REM4N0Y0 QjkwREE4OTcwHhcNMjQwNzEyMTcyNTE3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NjkxNjZmYy01ZDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyeTzvvbtfFOgcvkVU0fWOTQR4XvypCv27bRD8Ar056ajJXFz4AekUFrx89aC RSwxjPr512vMqarHg3fyhmjAHtO1gthp+hd5DSrlYn2xnsvZqQHAtHGPLdZm97fE Jb/36gKtKcg7/qyAl8Xg1XBIOuEW9bzZ9LjMZODdFukAce/fEHW8Znq9e35lbYqv XHttwei+CLHpQ733BBYguHGtQ8qEi8QYD3CRSUCnXw5KRukTKlF7wVVZ5o/7vgTz e+ChLburVkNtWJm7sKA1c0Fo3J8QS9KEZCaOG9WwoQirajvIpVHyQkeic+phexkE Mbt8IxhzG+Xr+tiZdTinwgBHTQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFIZ3WqgQ S0LVwBV+5hNCT49GeSbBMB8GA1UdIwQYMBaAFOLt5KfqlyZop5Wye6nch/S5DaiX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkQ5MS9FQTY3MkE1QzE5 RTcxMUU4QjI0M0Q1N0NDNEY5QUUwMi80dTNrcC1xWEptaW5sYko3cWR5SDlMa05x SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzR1M2twLXFYSm1pbmxiSjdxZHlIOUxrTnFKYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzJEOTEvRUE2NzJBNUMxOUU3MTFFOEIyNDNENTdDQzRGOUFFMDIvODU0RDMwNEUw QzlCMTFFQzg0MzNGRTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAkBGkAIBIwDQYJKoZIhvcNAQELBQADggEBAAl6H1XxY7+i Mdq/atypNg+9K6KMmruEX7yuNqyOJwy243ZpeboPdmvFS5ul1SmOcci58k0DKIQP yNoPU7OouaHZX//fgDQRULGAeobi/aYjAtZv8m8hRuLcZVIUX7bW+TFT0utNjWCC XR/swyU/1RQQmuBRib92Mu41nKT/OCUxHN2mAJ3UhCLahKhWeGcVXOjntdlVqliY HXNw12eVYubp7mHqkOrzNabZMzfNHdWUipmKQzzF+LYYVqQBMNXEa5QAHaS6+riU IxSVSxLstEzNSeW+3ghOaPCGSRNoPS10FjaAPxo6JgcBTPppqeWzRY2TVZlQrSbq /LD1oLE08lU= -----END CERTIFICATE-----Generated at Wed Nov 20 18:44:59 2024 by rpki-client on console-fra.rpki-client.org