$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/CB608BD0D13311EE8B61C185C4F9AE02.roa File: CB608BD0D13311EE8B61C185C4F9AE02.roa (raw, json) Hash identifier: LaQUt3uITCWbGGrq7B5P13l9POhouqu7zMDBeTVkmqk= Subject key identifier: 8B:4D:CD:65:F9:BF:3B:70:D0:59:AA:97:3D:D0:1A:35:B8:B5:4D:88 Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015 Certificate serial: 3E61 Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/CB608BD0D13311EE8B61C185C4F9AE02.roa Signing time: Thu 22 Feb 2024 03:38:08 +0000 ROA not before: Thu 22 Feb 2024 03:38:08 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 10233 IP address blocks: 2001:df7:5380::/48 maxlen: 48 2001:df7:5381::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 14:21:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15969 (0x3e61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015 Validity Not Before: Feb 22 03:38:08 2024 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=65d6c1a0-c6ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:29:9b:53:42:3f:5b:0b:f1:c1:6e:f0:19:a2: 65:b0:77:d5:26:79:54:74:96:cd:d9:35:d5:eb:ea: 02:f3:63:d0:c6:09:a9:f5:84:92:d2:ed:81:9c:7d: 58:e2:6d:28:6c:7d:49:5d:ee:04:0d:b9:c3:68:14: fd:7e:41:29:25:f5:62:a8:44:4f:be:f7:0f:d6:33: e3:dd:53:35:71:2c:c7:8b:f9:76:41:ce:5b:fa:ed: bc:8d:f3:96:59:51:ba:b1:de:4e:71:94:f4:59:a1: 2f:cc:43:9d:aa:8f:d9:f4:b4:ad:f4:32:17:01:98: ce:e4:68:59:82:88:47:bf:90:49:59:d8:3b:03:41: 47:c5:b9:b1:4d:0c:2e:40:9a:93:c1:e9:af:4c:56: 82:84:2f:12:0d:e3:02:ab:cd:7a:d9:24:a3:7e:7e: 40:96:b7:5b:88:8c:47:f4:d1:27:06:29:8b:cb:9c: 7d:03:5a:ee:ff:2d:5b:a7:6b:f8:15:e7:37:9d:77: 66:e4:73:e4:5f:f3:b7:ed:6f:04:bf:de:cb:d8:64: 97:ab:7c:f8:64:f8:fc:60:05:34:18:67:c9:55:b4: 67:82:b4:38:92:f6:d8:6b:ab:b5:7a:c7:58:d9:f2: d5:e9:1c:56:42:ad:ba:74:ee:9e:d5:36:05:cb:57: 1b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:4D:CD:65:F9:BF:3B:70:D0:59:AA:97:3D:D0:1A:35:B8:B5:4D:88 X509v3 Authority Key Identifier: keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/CB608BD0D13311EE8B61C185C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df7:5380::/47 Signature Algorithm: sha256WithRSAEncryption 5d:24:2a:aa:71:dc:74:44:83:a2:92:fe:40:b9:03:50:3b:16: df:6a:0d:df:6d:6b:72:30:5f:f7:72:57:e8:81:3f:43:1e:18: ab:18:34:1e:65:f0:d0:bf:80:56:41:3e:d7:9a:03:fd:3c:b9: 58:d0:71:32:fa:bb:e8:14:f6:71:be:45:79:b8:03:d3:e3:fe: b0:4e:f0:f5:c3:5c:8a:ee:4a:91:67:7e:61:bc:89:92:19:05: 91:93:58:f8:e6:c0:69:db:9d:73:85:3b:2e:8c:83:66:90:58: 19:f3:a8:92:50:8e:dd:a6:3c:92:d4:5f:b6:d6:66:a6:29:5e: a1:d9:57:e4:41:6e:48:9d:56:d8:52:9e:e6:93:b1:18:20:c0: d1:79:17:3f:2c:98:81:37:f3:6a:1f:2c:7a:21:3e:ee:aa:5d: 66:04:3c:4e:7e:2d:eb:c3:91:10:21:df:a5:5b:48:9d:f6:10: 87:98:54:70:1d:36:a6:d7:e0:16:d2:b1:d7:10:e3:16:e9:f7: f0:ac:c7:a1:12:96:38:ef:bd:79:3d:95:58:f8:86:20:b7:78: b9:50:ef:d2:47:be:c5:98:c0:34:34:cd:61:33:3e:36:12:b6: 6b:73:23:28:b1:02:c6:43:9d:3a:99:50:25:ac:66:e1:4e:34: 8c:9d:f4:e2 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICPmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC RkE4OEQwMTUwHhcNMjQwMjIyMDMzODA4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02NWQ2YzFhMC1jNmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4SmbU0I/WwvxwW7wGaJlsHfVJnlUdJbN2TXV6+oC82PQxgmp9YSS0u2BnH1Y 4m0obH1JXe4EDbnDaBT9fkEpJfViqERPvvcP1jPj3VM1cSzHi/l2Qc5b+u28jfOW WVG6sd5OcZT0WaEvzEOdqo/Z9LSt9DIXAZjO5GhZgohHv5BJWdg7A0FHxbmxTQwu QJqTwemvTFaChC8SDeMCq8162SSjfn5AlrdbiIxH9NEnBimLy5x9A1ru/y1bp2v4 Fec3nXdm5HPkX/O37W8Ev97L2GSXq3z4ZPj8YAU0GGfJVbRngrQ4kvbYa6u1esdY 2fLV6RxWQq26dO6e1TYFy1cbCwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFItNzWX5 vztw0Fmqlz3QGjW4tU2IMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvQ0I2MDhCRDBE MTMzMTFFRThCNjFDMTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwEgAQ33U4AwDQYJKoZIhvcNAQELBQADggEBAF0kKqpx3HRE g6KS/kC5A1A7Ft9qDd9ta3IwX/dyV+iBP0MeGKsYNB5l8NC/gFZBPteaA/08uVjQ cTL6u+gU9nG+RXm4A9Pj/rBO8PXDXIruSpFnfmG8iZIZBZGTWPjmwGnbnXOFOy6M g2aQWBnzqJJQjt2mPJLUX7bWZqYpXqHZV+RBbkidVthSnuaTsRggwNF5Fz8smIE3 82ofLHohPu6qXWYEPE5+LevDkRAh36VbSJ32EIeYVHAdNqbX4BbSsdcQ4xbp9/Cs x6ESljjvvXk9lVj4hiC3eLlQ79JHvsWYwDQ0zWEzPjYStmtzIyixAsZDnTqZUCWs ZuFONIyd9OI= -----END CERTIFICATE-----Generated at Sat May 18 15:58:23 2024 by rpki-client on console-ams.rpki-client.org