$ rpki-client -vvf rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/BFF3C17CD23A11EB8E7BA35DC4F9AE02.roa File: BFF3C17CD23A11EB8E7BA35DC4F9AE02.roa (raw, json) Hash identifier: C95dcxmbgG9m0J5QHw9VXXRl9oV1Z68MXGZ2KXxsrFI= Subject key identifier: FD:74:25:C4:19:44:28:D1:F7:D8:D5:E7:BD:B1:EA:46:AC:AC:61:5F Certificate issuer: /CN=A918036A/serialNumber=57840FB441D2B34C8EE699D264712B4A5E0FED8D Certificate serial: 0FC4 Authority key identifier: 57:84:0F:B4:41:D2:B3:4C:8E:E6:99:D2:64:71:2B:4A:5E:0F:ED:8D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/BFF3C17CD23A11EB8E7BA35DC4F9AE02.roa Signing time: Thu 10 Oct 2024 17:55:41 +0000 ROA not before: Thu 10 Oct 2024 17:55:41 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 134707 IP address blocks: 2406:a240::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/V4QPtEHSs0yO5pnSZHErSl4P7Y0.crl rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/V4QPtEHSs0yO5pnSZHErSl4P7Y0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 17:29:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4036 (0xfc4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918036A/serialNumber=57840FB441D2B34C8EE699D264712B4A5E0FED8D Validity Not Before: Oct 10 17:55:41 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=6708151c-6c19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:04:07:ac:04:32:1b:6b:04:a2:9f:c0:49:dd: 84:9d:f4:42:15:11:55:47:f8:cd:55:a5:0e:1b:5a: 8e:56:57:56:22:c6:81:62:e7:fc:1e:fa:cd:67:ab: c9:6d:4f:05:cf:0d:4f:eb:0f:64:d3:9a:72:2a:5d: e3:2a:b4:a2:52:ce:ae:3f:b7:35:b7:ea:fa:ce:5a: 54:18:d1:82:c7:a2:0f:2c:5d:4e:9b:a9:1a:6c:6c: b2:f0:65:69:af:37:3c:ac:cb:6a:21:ba:2d:f8:fd: 72:da:c0:7b:ab:95:6a:1c:5d:ba:70:b9:05:ae:0b: 5c:af:89:b4:24:dc:67:de:35:26:5f:bf:aa:f2:58: 3a:89:25:6a:18:32:69:8f:26:a3:22:5d:42:ce:73: d1:ee:44:0e:75:f2:bb:f5:e6:e3:69:25:61:2b:e0: 7f:68:69:82:82:aa:be:bf:4d:99:bb:48:a2:e8:bb: 54:6f:36:32:de:2f:36:61:73:d0:8b:d4:87:d1:cf: 7d:e5:fb:fc:71:98:25:a9:31:8e:98:b3:61:6a:79: fc:3f:85:a1:dc:ef:3a:03:5b:b0:24:52:83:04:57: 62:d3:4b:2e:03:c7:a1:09:39:90:cb:cf:b5:57:90: 9d:7d:d9:0f:c3:66:cd:3c:6c:15:93:75:a0:dc:b7: bc:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:74:25:C4:19:44:28:D1:F7:D8:D5:E7:BD:B1:EA:46:AC:AC:61:5F X509v3 Authority Key Identifier: keyid:57:84:0F:B4:41:D2:B3:4C:8E:E6:99:D2:64:71:2B:4A:5E:0F:ED:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/V4QPtEHSs0yO5pnSZHErSl4P7Y0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V4QPtEHSs0yO5pnSZHErSl4P7Y0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918036A/433AF78C46C711E9ADE9D424C4F9AE02/BFF3C17CD23A11EB8E7BA35DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:a240::/32 Signature Algorithm: sha256WithRSAEncryption bd:74:92:ef:e6:8c:62:34:d5:0e:53:2b:8a:9c:6d:b0:8a:32: 12:81:88:46:e4:6c:5c:3f:70:bd:a5:9d:3f:d2:e6:0f:88:8a: ac:ae:e8:6f:5e:c9:21:34:16:ff:6e:5c:0e:67:d0:4a:64:56: 55:35:cd:56:46:84:22:4c:8f:e9:96:5b:98:c8:d0:ad:5b:6f: 21:2b:fc:9a:ae:43:7c:6b:3e:fa:a0:fc:1b:08:92:f2:8d:43: cb:ca:35:61:1c:c1:26:3f:31:8c:45:94:5d:12:9a:e9:bd:05: 90:04:c4:16:a7:c5:66:68:90:b5:e4:10:e0:79:ff:74:cb:09: 81:00:dc:3b:4b:a9:a3:aa:83:d5:fc:08:90:d2:51:a7:c6:aa: 89:fa:58:50:0d:fa:54:12:f8:a7:05:f7:99:bf:14:e5:07:d2: d3:d4:30:dc:b1:e7:1b:2b:c9:1d:a2:31:a5:04:c1:36:82:3c: 8b:63:8e:94:de:04:c7:51:ba:9a:cc:b6:99:79:bf:dd:86:d1: 1f:19:4c:9b:09:99:4e:ba:03:2a:67:05:22:6d:95:b2:43:99: bc:9a:11:0b:a6:56:e1:c1:40:e9:91:7e:bb:47:b9:87:5e:05: 8b:0c:d5:60:18:ab:2d:0e:9b:fc:07:26:da:f4:60:52:04:d7: 28:46:14:05 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICD8QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODAzNkExMTAvBgNVBAUTKDU3ODQwRkI0NDFEMkIzNEM4RUU2OTlEMjY0NzEyQjRB NUUwRkVEOEQwHhcNMjQxMDEwMTc1NTQxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02NzA4MTUxYy02YzE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqAQHrAQyG2sEop/ASd2EnfRCFRFVR/jNVaUOG1qOVldWIsaBYuf8HvrNZ6vJ bU8Fzw1P6w9k05pyKl3jKrSiUs6uP7c1t+r6zlpUGNGCx6IPLF1Om6kabGyy8GVp rzc8rMtqIbot+P1y2sB7q5VqHF26cLkFrgtcr4m0JNxn3jUmX7+q8lg6iSVqGDJp jyajIl1CznPR7kQOdfK79ebjaSVhK+B/aGmCgqq+v02Zu0ii6LtUbzYy3i82YXPQ i9SH0c995fv8cZglqTGOmLNhann8P4Wh3O86A1uwJFKDBFdi00suA8ehCTmQy8+1 V5CdfdkPw2bNPGwVk3Wg3Le8twIDAQABo4ICljCCApIwHQYDVR0OBBYEFP10JcQZ RCjR99jV572x6kasrGFfMB8GA1UdIwQYMBaAFFeED7RB0rNMjuaZ0mRxK0peD+2N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MDM2QS80MzNBRjc4QzQ2 QzcxMUU5QURFOUQ0MjRDNEY5QUUwMi9WNFFQdEVIU3MweU81cG5TWkhFclNsNFA3 WTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Y0UVB0RUhTczB5TzVwblNaSEVyU2w0UDdZMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODAzNkEvNDMzQUY3OEM0NkM3MTFFOUFERTlENDI0QzRGOUFFMDIvQkZGM0MxN0NE MjNBMTFFQjhFN0JBMzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkBqJAMA0GCSqGSIb3DQEBCwUAA4IBAQC9dJLv5oxiNNUO UyuKnG2wijISgYhG5GxcP3C9pZ0/0uYPiIqsruhvXskhNBb/blwOZ9BKZFZVNc1W RoQiTI/plluYyNCtW28hK/yarkN8az76oPwbCJLyjUPLyjVhHMEmPzGMRZRdEprp vQWQBMQWp8VmaJC15BDgef90ywmBANw7S6mjqoPV/AiQ0lGnxqqJ+lhQDfpUEvin BfeZvxTlB9LT1DDcsecbK8kdojGlBME2gjyLY46U3gTHUbqazLaZeb/dhtEfGUyb CZlOugMqZwUibZWyQ5m8mhELplbhwUDpkX67R7mHXgWLDNVgGKstDpv8Byba9GBS BNcoRhQF -----END CERTIFICATE-----Generated at Fri Nov 22 19:44:59 2024 by rpki-client on console-fra.rpki-client.org