$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/756E0BBCEAE711EE88CD8641C4F9AE02.roa File: 756E0BBCEAE711EE88CD8641C4F9AE02.roa (raw, json) Hash identifier: XGyaR0ustoTHYGTHylMLu/5dtoppDHHQmGzCG+ndx/Q= Subject key identifier: EA:06:4B:B9:10:4C:07:A2:A5:16:6A:40:EF:31:66:A4:51:B1:7C:07 Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E Certificate serial: 0674 Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/756E0BBCEAE711EE88CD8641C4F9AE02.roa Signing time: Sun 04 Aug 2024 23:41:35 +0000 ROA not before: Sun 04 Aug 2024 23:41:35 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 142045 IP address blocks: 2407:4ac0:1400::/38 maxlen: 40 2407:4ac0:1800::/37 maxlen: 40 2407:4ac0:2000::/35 maxlen: 40 2407:4ac0:2800::/37 maxlen: 40 2407:4ac0:3000::/36 maxlen: 40 2407:4ac0:6000::/35 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 20:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1652 (0x674) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E Validity Not Before: Aug 4 23:41:35 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=66b011af-3942 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:a0:77:d7:6f:db:2b:70:9e:71:5b:76:8a:7f: fc:00:07:23:81:50:c5:46:54:54:de:d0:8c:56:d3: bb:e2:e9:f4:26:2c:4f:9d:e6:e2:f6:01:79:27:02: 33:ef:e3:28:ad:4b:98:f8:7b:36:07:65:5a:88:ad: 90:a0:46:0e:31:d0:03:71:f9:b7:58:60:33:76:50: a2:83:cd:e4:13:3c:c1:e5:ad:bb:87:19:53:0c:e7: dc:d3:35:95:84:3e:c8:c4:6b:47:bd:8d:74:74:c2: 85:ad:7c:f5:9c:21:5c:48:35:5d:77:f6:5d:73:23: bc:1f:58:f7:e1:b2:f7:9a:6d:2f:13:75:83:de:cf: 9e:9e:b4:ad:e0:29:0e:a7:83:f8:13:3e:1f:d5:f6: 55:55:6b:90:e7:f0:c0:08:06:3f:ac:dc:be:13:39: 63:4e:cb:3b:87:c9:5c:ea:f0:4f:70:d8:ee:5d:19: bf:1b:ce:eb:46:02:b7:f2:b7:2f:a4:76:f2:d8:86: d4:46:ac:3d:b7:90:72:be:dc:4a:fd:9e:40:0f:0b: d3:c7:6e:3c:ba:a0:d0:5c:b5:45:cf:04:20:57:85: 68:97:b8:70:2d:7e:e1:4e:a1:9d:d3:1d:ed:81:fd: 42:18:46:98:02:3c:f5:c2:8c:04:8c:2b:fe:ca:0e: fb:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:06:4B:B9:10:4C:07:A2:A5:16:6A:40:EF:31:66:A4:51:B1:7C:07 X509v3 Authority Key Identifier: keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/756E0BBCEAE711EE88CD8641C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2407:4ac0:1400::-2407:4ac0:3fff:ffff:ffff:ffff:ffff:ffff 2407:4ac0:6000::/35 Signature Algorithm: sha256WithRSAEncryption 62:7d:e8:77:c1:35:07:1f:ae:43:80:03:ea:b4:5c:b1:91:32: 2c:08:4c:68:a6:f5:35:d4:7e:0b:29:4c:32:f8:75:7c:21:28: 4e:aa:4e:48:08:70:de:da:6b:01:45:0b:6e:96:c7:5e:c9:66: 02:1b:c3:a0:dd:b5:bc:bc:9b:58:7c:aa:bf:83:7e:2c:a3:c5: 78:34:d7:73:41:e6:89:8b:81:46:1e:5e:33:90:97:f9:46:8d: 39:73:60:8b:40:40:c0:8d:25:01:63:88:ff:a0:00:86:0e:9b: c3:ef:d0:c3:27:28:73:29:bd:b7:f7:68:d6:dd:42:56:f8:1e: 0d:1e:55:57:2b:63:66:86:df:08:67:56:13:0a:63:7e:0b:b6: 88:ff:4b:0c:aa:07:da:e2:1f:9e:b7:04:75:91:f4:3f:99:5a: 95:8e:a1:22:38:65:19:50:ff:00:e8:62:bc:ad:3a:d3:86:e4: 7c:c2:6c:d5:6b:88:2b:24:56:b6:55:36:61:98:9b:3c:ab:00: 1d:b9:bb:e4:86:08:d2:54:36:56:46:df:1f:94:5d:59:6c:ad: 25:89:4b:74:80:e2:e3:12:8b:c9:7e:21:f0:2b:85:05:cf:fc: b0:73:c1:fb:71:d8:0a:29:82:b1:d7:3b:ff:f9:e4:28:0b:7d: 50:9c:22:6d -----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgICBnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE QzdFNjA2MUUwHhcNMjQwODA0MjM0MTM1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmIwMTFhZi0zOTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA26B312/bK3CecVt2in/8AAcjgVDFRlRU3tCMVtO74un0JixPnebi9gF5JwIz 7+MorUuY+Hs2B2VaiK2QoEYOMdADcfm3WGAzdlCig83kEzzB5a27hxlTDOfc0zWV hD7IxGtHvY10dMKFrXz1nCFcSDVdd/ZdcyO8H1j34bL3mm0vE3WD3s+enrSt4CkO p4P4Ez4f1fZVVWuQ5/DACAY/rNy+EzljTss7h8lc6vBPcNjuXRm/G87rRgK38rcv pHby2IbURqw9t5ByvtxK/Z5ADwvTx248uqDQXLVFzwQgV4Vol7hwLX7hTqGd0x3t gf1CGEaYAjz1wowEjCv+yg77awIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFOoGS7kQ TAeipRZqQO8xZqRRsXwHMB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2 N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvNzU2RTBCQkNF QUU3MTFFRTg4Q0Q4NjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E JDAiMCAEAgACMBowEAMGAiQHSsAUAwYGJAdKwAADBgUkB0rAYDANBgkqhkiG9w0B AQsFAAOCAQEAYn3od8E1Bx+uQ4AD6rRcsZEyLAhMaKb1NdR+CylMMvh1fCEoTqpO SAhw3tprAUULbpbHXslmAhvDoN21vLybWHyqv4N+LKPFeDTXc0HmiYuBRh5eM5CX +UaNOXNgi0BAwI0lAWOI/6AAhg6bw+/Qwycocym9t/do1t1CVvgeDR5VVytjZobf CGdWEwpjfgu2iP9LDKoH2uIfnrcEdZH0P5lalY6hIjhlGVD/AOhivK0604bkfMJs 1WuIKyRWtlU2YZibPKsAHbm75IYI0lQ2VkbfH5RdWWytJYlLdIDi4xKLyX4h8CuF Bc/8sHPB+3HYCimCsdc7//nkKAt9UJwibQ== -----END CERTIFICATE-----Generated at Sat Nov 23 00:08:43 2024 by rpki-client on console-ams.rpki-client.org