$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/A21B6A3E71DC11EFB72B3835C4F9AE02.roa File: A21B6A3E71DC11EFB72B3835C4F9AE02.roa (raw, json) Hash identifier: i8KEwZKTy/ZHVYKdlXyRoWfCcxjGCe0M4hiqnxZiL9Q= Subject key identifier: 30:28:9B:CA:66:21:2A:B2:09:91:B1:61:FE:1A:C7:80:C4:3C:26:39 Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Certificate serial: 0D78 Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/A21B6A3E71DC11EFB72B3835C4F9AE02.roa Signing time: Sun 15 Sep 2024 13:33:57 +0000 ROA not before: Sun 15 Sep 2024 13:33:57 +0000 ROA not after: Wed 30 Jul 2025 00:00:00 +0000 asID: 153332 IP address blocks: 2406:840:9b00::/40 maxlen: 48 2406:840:cb00::/40 maxlen: 48 2406:840:cd00::/40 maxlen: 48 2406:840:f700::/40 maxlen: 48 2406:840:fea3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 06:04:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3448 (0xd78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Validity Not Before: Sep 15 13:33:57 2024 GMT Not After : Jul 30 00:00:00 2025 GMT Subject: CN=66e6e244-3407 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:e2:30:3d:c0:93:e3:73:fc:c8:8c:68:16:06: 1c:c1:69:12:d7:5d:12:32:a0:d4:05:1d:c6:9f:4f: 86:3e:d7:cd:30:38:d3:2b:ff:cf:4f:8a:50:3a:ea: 0f:e9:3c:d0:77:3e:44:52:d4:1f:0d:78:66:83:ae: c3:42:b9:3c:cb:0e:27:8e:cc:cf:ed:61:c2:c5:5f: 27:56:9f:9b:cf:7b:b9:0a:86:04:36:e2:72:bd:6d: 43:78:ac:42:30:76:a3:63:30:95:1e:ad:da:47:3a: fc:86:b8:8e:e4:87:ac:d9:92:c9:55:f5:53:bc:b8: 49:f5:e3:64:e7:d3:6d:5f:c1:ec:02:2f:ed:4d:ca: d7:64:4a:11:ed:e7:ea:f0:5e:ca:76:79:92:51:ad: dc:9e:39:14:45:17:65:15:38:37:69:a8:8b:24:e1: 7d:48:91:28:de:1f:9a:62:1c:43:f3:b3:ce:7f:38: 2c:1e:e8:6a:a1:8e:fb:3d:20:89:23:96:62:f2:43: a2:36:65:17:58:c4:c5:0b:3a:87:0b:75:a8:e8:f0: ea:5a:52:c9:32:cf:26:b5:ed:6e:fb:74:81:d0:8f: 1e:5e:97:7d:35:e7:cd:66:61:eb:77:01:f4:cd:5e: 3a:69:4c:3d:18:a4:2c:9e:8c:60:4a:54:06:ce:62: f9:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:28:9B:CA:66:21:2A:B2:09:91:B1:61:FE:1A:C7:80:C4:3C:26:39 X509v3 Authority Key Identifier: keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/A21B6A3E71DC11EFB72B3835C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:840:9b00::/40 2406:840:cb00::/40 2406:840:cd00::/40 2406:840:f700::/40 2406:840:fea3::/48 Signature Algorithm: sha256WithRSAEncryption 22:ca:8f:22:b1:ea:b7:55:da:af:f7:6f:32:24:7b:07:67:1f: 4c:8c:a1:ae:ae:0e:44:02:35:7f:96:7c:9d:4d:6d:52:a4:05: 14:cf:d5:a1:17:74:69:b9:62:88:45:42:00:a0:40:a5:02:0b: af:ea:f0:9c:26:9d:7b:9b:03:d9:b1:74:3c:55:b9:d9:95:4b: 1d:6b:f4:f8:5e:08:b9:51:9c:fb:8a:77:e7:70:87:ae:63:d3: fb:a7:f0:e0:9c:87:f4:72:fc:fb:51:49:e6:e1:3b:2a:16:a3: ad:ad:4e:7f:04:de:80:f6:e0:f6:bd:19:00:90:3f:30:4d:05: b2:c7:86:20:2a:64:d6:6e:d1:a0:45:b2:43:b4:35:e9:e8:61: 93:72:fd:53:06:80:a7:bd:2d:99:f7:a8:52:61:19:ea:b4:73: bc:ef:01:b2:74:e0:c9:9c:ab:25:38:26:cf:f2:28:24:68:8a: 65:5d:e5:3e:dc:56:af:aa:7b:51:9f:59:16:a3:14:0c:d2:d2: df:99:f9:eb:96:3d:08:04:f5:3f:a8:98:61:f8:83:eb:20:65: b3:58:72:d4:09:3f:60:36:e5:ed:f8:7e:62:3a:c2:64:30:41: b3:ef:ad:dc:ec:23:7f:f5:11:22:2e:01:99:9e:75:26:ee:b1: 38:56:07:15 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICDXgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE RTExQ0ExQTUwHhcNMjQwOTE1MTMzMzU3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NmU2ZTI0NC0zNDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+eIwPcCT43P8yIxoFgYcwWkS110SMqDUBR3Gn0+GPtfNMDjTK//PT4pQOuoP 6TzQdz5EUtQfDXhmg67DQrk8yw4njszP7WHCxV8nVp+bz3u5CoYENuJyvW1DeKxC MHajYzCVHq3aRzr8hriO5Ies2ZLJVfVTvLhJ9eNk59NtX8HsAi/tTcrXZEoR7efq 8F7KdnmSUa3cnjkURRdlFTg3aaiLJOF9SJEo3h+aYhxD87POfzgsHuhqoY77PSCJ I5Zi8kOiNmUXWMTFCzqHC3Wo6PDqWlLJMs8mte1u+3SB0I8eXpd9NefNZmHrdwH0 zV46aUw9GKQsnoxgSlQGzmL5/wIDAQABo4ICuDCCArQwHQYDVR0OBBYEFDAom8pm ISqyCZGxYf4ax4DEPCY5MB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2 MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvQTIxQjZBM0U3 MURDMTFFRkI3MkIzODM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E MzAxMC8EAgACMCkDBgAkBghAmwMGACQGCEDLAwYAJAYIQM0DBgAkBghA9wMHACQG CED+ozANBgkqhkiG9w0BAQsFAAOCAQEAIsqPIrHqt1Xar/dvMiR7B2cfTIyhrq4O RAI1f5Z8nU1tUqQFFM/VoRd0abliiEVCAKBApQILr+rwnCade5sD2bF0PFW52ZVL HWv0+F4IuVGc+4p353CHrmPT+6fw4JyH9HL8+1FJ5uE7Khajra1OfwTegPbg9r0Z AJA/ME0FsseGICpk1m7RoEWyQ7Q16ehhk3L9UwaAp70tmfeoUmEZ6rRzvO8BsnTg yZyrJTgmz/IoJGiKZV3lPtxWr6p7UZ9ZFqMUDNLS35n565Y9CAT1P6iYYfiD6yBl s1hy1Ak/YDbl7fh+YjrCZDBBs++t3Owjf/URIi4BmZ51Ju6xOFYHFQ== -----END CERTIFICATE-----Generated at Fri Nov 22 06:57:52 2024 by rpki-client on console-fra.rpki-client.org