$ rpki-client -vvf rpki.apnic.net/member_repository/A918A695/96BDF34A691D11EFB8FD1E64C4F9AE02/8BAFDC4C691E11EF9AC4F168C4F9AE02.roa File: 8BAFDC4C691E11EF9AC4F168C4F9AE02.roa (raw, json) Hash identifier: ho9e+hBvfRrUv61HQybAcXR0qZ4hUME6WoyxclRolHQ= Subject key identifier: 72:EF:6D:0B:3F:6C:0E:3C:BD:D6:C3:83:14:19:41:D3:7D:AC:45:B2 Certificate issuer: /CN=A918A695/serialNumber=715D3DDFD7D2A799137B1393D4A8CFA2B1D4D364 Certificate serial: 02 Authority key identifier: 71:5D:3D:DF:D7:D2:A7:99:13:7B:13:93:D4:A8:CF:A2:B1:D4:D3:64 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cV0939fSp5kTexOT1KjPorHU02Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918A695/96BDF34A691D11EFB8FD1E64C4F9AE02/8BAFDC4C691E11EF9AC4F168C4F9AE02.roa Signing time: Mon 02 Sep 2024 11:28:58 +0000 ROA not before: Mon 02 Sep 2024 11:28:58 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 140244 IP address blocks: 2001:df4:3540::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918A695/96BDF34A691D11EFB8FD1E64C4F9AE02/cV0939fSp5kTexOT1KjPorHU02Q.crl rsync://rpki.apnic.net/member_repository/A918A695/96BDF34A691D11EFB8FD1E64C4F9AE02/cV0939fSp5kTexOT1KjPorHU02Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cV0939fSp5kTexOT1KjPorHU02Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Dec 2024 05:31:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918A695/serialNumber=715D3DDFD7D2A799137B1393D4A8CFA2B1D4D364 Validity Not Before: Sep 2 11:28:58 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d5a17a-dce7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b0:7f:74:c9:1c:51:c8:27:db:1c:a6:9e:9b: ce:f5:a4:e9:a2:e3:a4:86:db:0a:fb:47:10:43:24: 38:f5:ed:80:c5:7c:ae:93:ad:7f:f1:21:0e:43:80: 40:2d:e9:88:19:42:68:d0:b8:e2:78:b6:d6:e5:99: c8:b6:20:c7:7b:63:e8:02:f0:56:66:86:0c:51:3e: b3:fc:7d:f1:b5:ab:82:59:fb:0f:be:80:fa:40:87: a9:e0:f3:ce:b9:f0:03:fd:21:dc:41:63:fb:34:05: 11:7b:3b:fa:13:7c:e2:3b:73:20:a5:9f:3e:39:11: bd:9f:93:ff:f5:33:39:53:bc:1c:83:87:6a:49:ec: 8f:47:d2:36:62:0f:8a:7a:f0:fa:1c:66:91:fe:7d: d6:d6:4d:aa:40:dd:f8:a0:fd:8a:43:50:58:25:d4: 20:c7:ab:a1:83:38:c5:41:d2:52:14:59:c5:06:90: 2d:c5:45:38:1f:e6:1c:12:db:79:b3:eb:d3:09:cf: 50:5a:3c:09:b4:40:4a:9f:a1:bf:45:3a:63:94:f6: f4:d5:7b:d1:70:fa:9e:62:33:09:5a:ca:22:e8:1d: 35:3a:69:f9:12:b9:e1:11:78:03:55:4b:aa:23:a1: c0:60:08:1f:cd:7a:a0:62:e7:32:22:55:74:fd:c5: 45:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:EF:6D:0B:3F:6C:0E:3C:BD:D6:C3:83:14:19:41:D3:7D:AC:45:B2 X509v3 Authority Key Identifier: keyid:71:5D:3D:DF:D7:D2:A7:99:13:7B:13:93:D4:A8:CF:A2:B1:D4:D3:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918A695/96BDF34A691D11EFB8FD1E64C4F9AE02/cV0939fSp5kTexOT1KjPorHU02Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cV0939fSp5kTexOT1KjPorHU02Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A695/96BDF34A691D11EFB8FD1E64C4F9AE02/8BAFDC4C691E11EF9AC4F168C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df4:3540::/48 Signature Algorithm: sha256WithRSAEncryption 9f:f1:a5:9b:0c:4e:d4:5e:9d:db:15:03:9c:b1:a4:a3:ea:aa: 65:f0:88:f8:7e:e3:b8:8e:62:24:6f:f4:a8:20:e3:2b:24:2a: 40:a2:a9:ba:c9:6d:96:26:18:75:b0:f0:f8:94:b6:06:f5:36: 10:46:cf:cf:df:e6:20:0f:6e:97:48:c9:85:a7:17:5c:34:60: 82:02:f1:23:ed:b7:a2:c2:c0:7b:20:2f:da:57:d4:66:30:ea: 7c:5b:31:17:9b:01:d2:5a:ca:3f:bc:8d:f6:93:f7:c9:a1:f1: 25:70:0f:5e:ba:58:c2:00:02:db:4c:fd:e9:3d:62:93:0d:0b: 98:7c:5b:b8:6b:2d:30:f9:2c:df:39:60:e9:8b:48:c4:e6:57: b5:58:fb:00:f5:ab:c9:cf:96:c3:84:6b:fb:99:07:0d:5d:47: 45:6f:2d:b1:88:1e:7b:d5:b3:25:6d:a0:18:d0:ce:2b:ac:7b: 69:3c:00:cc:4e:f7:d9:48:32:0a:55:e4:d4:25:67:0a:f5:72: 79:26:9e:6a:e5:b5:ae:85:2f:0d:6e:91:5f:3f:a9:01:f3:6a: 66:87:10:5d:98:50:a0:f0:8f:b1:55:36:65:82:ad:92:da:9e: 7e:86:bd:32:bd:4a:47:2a:1d:74:79:7d:64:6e:a9:c5:fc:fc: 6b:da:e0:48 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 QTY5NTExMC8GA1UEBRMoNzE1RDNEREZEN0QyQTc5OTEzN0IxMzkzRDRBOENGQTJC MUQ0RDM2NDAeFw0yNDA5MDIxMTI4NThaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2ZDVhMTdhLWRjZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCrsH90yRxRyCfbHKaem871pOmi46SG2wr7RxBDJDj17YDFfK6TrX/xIQ5DgEAt 6YgZQmjQuOJ4ttblmci2IMd7Y+gC8FZmhgxRPrP8ffG1q4JZ+w++gPpAh6ng8865 8AP9IdxBY/s0BRF7O/oTfOI7cyClnz45Eb2fk//1MzlTvByDh2pJ7I9H0jZiD4p6 8PocZpH+fdbWTapA3fig/YpDUFgl1CDHq6GDOMVB0lIUWcUGkC3FRTgf5hwS23mz 69MJz1BaPAm0QEqfob9FOmOU9vTVe9Fw+p5iMwlayiLoHTU6afkSueEReANVS6oj ocBgCB/NeqBi5zIiVXT9xUXHAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUcu9tCz9s Djy91sODFBlB032sRbIwHwYDVR0jBBgwFoAUcV0939fSp5kTexOT1KjPorHU02Qw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThBNjk1Lzk2QkRGMzRBNjkx RDExRUZCOEZEMUU2NEM0RjlBRTAyL2NWMDkzOWZTcDVrVGV4T1QxS2pQb3JIVTAy US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY1YwOTM5ZlNwNWtUZXhPVDFLalBvckhVMDJRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QTY5NS85NkJERjM0QTY5MUQxMUVGQjhGRDFFNjRDNEY5QUUwMi84QkFGREM0QzY5 MUUxMUVGOUFDNEYxNjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHACABDfQ1QDANBgkqhkiG9w0BAQsFAAOCAQEAn/GlmwxO1F6d 2xUDnLGko+qqZfCI+H7juI5iJG/0qCDjKyQqQKKpusltliYYdbDw+JS2BvU2EEbP z9/mIA9ul0jJhacXXDRgggLxI+23osLAeyAv2lfUZjDqfFsxF5sB0lrKP7yN9pP3 yaHxJXAPXrpYwgAC20z96T1ikw0LmHxbuGstMPks3zlg6YtIxOZXtVj7APWryc+W w4Rr+5kHDV1HRW8tsYgee9WzJW2gGNDOK6x7aTwAzE732UgyClXk1CVnCvVyeSae auW1roUvDW6RXz+pAfNqZocQXZhQoPCPsVU2ZYKtktqefoa9Mr1KRyoddHl9ZG6p xfz8a9rgSA== -----END CERTIFICATE-----Generated at Mon Nov 25 07:14:55 2024 by rpki-client on console-fra.rpki-client.org