$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/40123778C4EE11EEB870DA3AC4F9AE02.roa File: 40123778C4EE11EEB870DA3AC4F9AE02.roa (raw, json) Hash identifier: Kpac+Z0PAI0IdsbsHeDlc3ClNphx+6PtBL16dLNbc68= Subject key identifier: BC:B7:6D:8C:C0:C8:CE:08:C4:A5:05:B1:6E:CB:F0:BD:22:B4:E8:BD Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Certificate serial: 0BCC Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/40123778C4EE11EEB870DA3AC4F9AE02.roa Signing time: Tue 06 Feb 2024 12:50:05 +0000 ROA not before: Tue 06 Feb 2024 12:50:05 +0000 ROA not after: Tue 30 Jul 2024 00:00:00 +0000 asID: 215575 IP address blocks: 2406:840:e520::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 21:22:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3020 (0xbcc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Validity Not Before: Feb 6 12:50:05 2024 GMT Not After : Jul 30 00:00:00 2024 GMT Subject: CN=65c22afd-4962 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fd:79:95:31:ab:6e:00:80:28:dd:82:49:a9:c7: 6f:d1:aa:79:5d:0b:43:20:e3:bc:90:f1:40:8e:e3: a7:a2:b2:69:55:51:69:13:7e:ae:36:45:d1:c5:d7: 22:44:49:93:00:03:ee:73:ba:60:89:4e:94:d2:c9: 7f:e4:2e:95:e5:08:f4:8d:f7:20:13:79:3b:aa:87: 92:94:71:af:fa:ce:99:13:97:9e:df:3f:a9:92:30: 40:7d:ce:24:cf:bb:8f:34:57:ef:d9:ae:8b:97:ac: 0b:39:ca:62:eb:cf:a5:6a:e2:af:00:9f:5c:ab:9c: b0:19:59:44:5d:11:6f:8a:ac:3e:0c:db:0a:20:da: 61:57:78:d5:71:91:37:fc:0d:71:3a:e8:08:53:54: 88:d5:14:a8:2d:31:cd:3f:f9:a8:a2:a2:4c:bd:08: b8:37:4a:75:5e:2f:b5:b0:08:c5:40:9a:58:6b:ec: 92:94:a7:3c:bf:f5:8a:b5:77:1f:9b:14:f5:1f:ca: 93:9a:a8:f4:5f:6b:8a:b2:d9:c1:16:5e:a5:7b:1e: 94:6f:b3:c1:f1:7a:08:c8:21:57:3d:db:2b:cb:32: a2:59:48:f7:08:fc:1c:f3:63:a3:e3:d1:67:71:68: 94:86:3a:ed:05:83:b9:71:a0:db:80:a9:96:40:a7: af:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:B7:6D:8C:C0:C8:CE:08:C4:A5:05:B1:6E:CB:F0:BD:22:B4:E8:BD X509v3 Authority Key Identifier: keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/40123778C4EE11EEB870DA3AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:840:e520::/44 Signature Algorithm: sha256WithRSAEncryption 69:53:77:ab:4d:c7:8f:b4:d5:4d:5a:64:57:57:07:10:ad:ac: dc:6c:b6:e2:7c:41:56:7c:6c:64:d9:f3:d6:bd:4a:93:c7:1e: 37:3e:a9:13:0a:ea:eb:db:65:c7:79:64:aa:d9:28:f8:b8:da: b6:57:ee:d9:66:bd:91:4a:71:2f:6c:61:e2:58:d4:19:87:d5: 68:36:1f:dd:26:a4:7e:f9:59:39:14:d8:7c:90:21:17:1a:2e: 4a:51:97:77:8f:3a:cf:16:6c:7f:b0:d6:a5:cc:a5:f8:90:9d: 0f:6f:dc:ad:a9:ac:e9:c4:7e:88:df:b1:96:d2:1c:72:e1:06: dc:05:ce:42:74:3c:40:0f:b9:94:14:8f:4e:52:77:0b:db:7f: 45:4e:59:3d:5e:d0:8e:ba:37:ac:22:82:c5:89:4e:65:bd:6f: 34:3a:ef:f6:3b:ed:72:99:f9:99:73:70:bd:4a:49:f0:be:eb: 06:68:e2:69:86:78:e6:36:66:51:31:95:00:6d:a8:1b:3c:28: 0e:38:81:00:08:3d:0a:dc:6a:84:94:a9:92:f9:56:32:17:f5: 0f:02:fc:2e:6c:1d:b7:98:b5:5b:bd:dd:c7:9c:7a:33:22:81: bb:aa:30:d8:ad:f7:39:4f:93:83:79:f2:b9:1e:4b:7b:26:a1: ac:4d:cf:8f -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICC8wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE RTExQ0ExQTUwHhcNMjQwMjA2MTI1MDA1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NWMyMmFmZC00OTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA/XmVMatuAIAo3YJJqcdv0ap5XQtDIOO8kPFAjuOnorJpVVFpE36uNkXRxdci REmTAAPuc7pgiU6U0sl/5C6V5Qj0jfcgE3k7qoeSlHGv+s6ZE5ee3z+pkjBAfc4k z7uPNFfv2a6Ll6wLOcpi68+lauKvAJ9cq5ywGVlEXRFviqw+DNsKINphV3jVcZE3 /A1xOugIU1SI1RSoLTHNP/mooqJMvQi4N0p1Xi+1sAjFQJpYa+ySlKc8v/WKtXcf mxT1H8qTmqj0X2uKstnBFl6lex6Ub7PB8XoIyCFXPdsryzKiWUj3CPwc82Oj49Fn cWiUhjrtBYO5caDbgKmWQKev6QIDAQABo4ICmDCCApQwHQYDVR0OBBYEFLy3bYzA yM4IxKUFsW7L8L0itOi9MB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2 MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvNDAxMjM3NzhD NEVFMTFFRUI4NzBEQTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwQkBghA5SAwDQYJKoZIhvcNAQELBQADggEBAGlTd6tNx4+0 1U1aZFdXBxCtrNxstuJ8QVZ8bGTZ89a9SpPHHjc+qRMK6uvbZcd5ZKrZKPi42rZX 7tlmvZFKcS9sYeJY1BmH1Wg2H90mpH75WTkU2HyQIRcaLkpRl3ePOs8WbH+w1qXM pfiQnQ9v3K2prOnEfojfsZbSHHLhBtwFzkJ0PEAPuZQUj05Sdwvbf0VOWT1e0I66 N6wigsWJTmW9bzQ67/Y77XKZ+ZlzcL1KSfC+6wZo4mmGeOY2ZlExlQBtqBs8KA44 gQAIPQrcaoSUqZL5VjIX9Q8C/C5sHbeYtVu93cecejMigbuqMNit9zlPk4N58rke S3smoaxNz48= -----END CERTIFICATE-----Generated at Sat Apr 27 10:19:16 2024 by rpki-client on console-ams.rpki-client.org