$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/FA05DFF47F4911ED847FF862C4F9AE02.roa File: FA05DFF47F4911ED847FF862C4F9AE02.roa (raw, json) Hash identifier: J6vqwZm1lCenuly0yp2d06eQQieFO+C8qbrJwg1f8lA= Subject key identifier: D8:36:32:13:FE:D1:FE:21:B9:5E:51:CB:63:1C:74:58:93:71:A2:48 Certificate issuer: /CN=A91A3E3F/serialNumber=59DDC3969B9863CFB5A15528AA4A391AF2337F43 Certificate serial: CF Authority key identifier: 59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/FA05DFF47F4911ED847FF862C4F9AE02.roa Signing time: Tue 05 Dec 2023 04:55:07 +0000 ROA not before: Tue 05 Dec 2023 04:55:07 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 3598 IP address blocks: 2404:f801::/32 maxlen: 32 2404:f801:8028::/48 maxlen: 48 2404:f801:8058::/48 maxlen: 48 2404:f801:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.crl rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Nov 2024 20:33:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 207 (0xcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3E3F/serialNumber=59DDC3969B9863CFB5A15528AA4A391AF2337F43 Validity Not Before: Dec 5 04:55:07 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=656ead2b-b098 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:ba:ad:d2:d1:45:ab:ab:64:3b:fd:4e:bd:f8: da:fb:42:23:b3:32:cc:86:b5:fc:e6:ed:f4:84:f0: 15:43:c7:bc:32:7c:eb:e7:72:a4:2e:c7:fe:3f:9e: 71:41:20:96:e8:b0:c6:29:6d:2a:56:90:9f:76:07: 91:31:79:8c:8f:b8:65:51:ba:1b:42:96:3b:18:4a: f7:b1:d3:ee:ac:a9:f0:1d:d8:45:42:31:b1:36:3f: 00:e1:94:3c:72:65:4a:26:c6:7e:33:b7:92:ed:dd: 94:3e:c5:2a:f1:e4:d8:4d:f6:c2:34:98:83:29:b9: fc:df:50:db:3f:a4:4d:24:67:6f:f1:0c:08:ac:9d: 84:23:d2:3c:1f:79:11:d6:3f:71:2c:50:0e:95:3e: 53:73:37:4b:ec:ff:06:df:ed:07:a2:1f:58:85:48: 25:eb:ac:6f:e0:e4:7b:32:f9:4b:7f:37:dc:5f:dd: fa:98:06:63:40:99:95:1a:cd:67:a0:cd:b2:30:ed: c1:bb:4d:91:3f:15:c3:c7:a9:b8:42:f3:37:f8:69: 6e:88:95:d3:ff:9d:ad:3e:61:5e:62:cf:81:58:ee: 0e:15:41:d1:6b:6a:1f:15:9f:a3:43:73:53:f1:02: 3c:c1:ef:7f:e4:5b:96:5a:ac:c7:c7:8a:be:26:4f: 50:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:36:32:13:FE:D1:FE:21:B9:5E:51:CB:63:1C:74:58:93:71:A2:48 X509v3 Authority Key Identifier: keyid:59:DD:C3:96:9B:98:63:CF:B5:A1:55:28:AA:4A:39:1A:F2:33:7F:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/Wd3DlpuYY8-1oVUoqko5GvIzf0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wd3DlpuYY8-1oVUoqko5GvIzf0M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3E3F/FBDFFEC0768611EDA6CB3F41C4F9AE02/FA05DFF47F4911ED847FF862C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2404:f801::/32 Signature Algorithm: sha256WithRSAEncryption 04:f0:e9:a9:ab:73:c0:d9:c4:1a:97:d4:9d:03:52:55:01:c2: a8:4f:2f:f7:50:5d:e7:f2:50:ce:73:10:1a:44:9b:e4:83:d5: cf:d2:e4:3e:a1:f6:52:9e:3a:7a:4c:02:ff:f5:58:28:9d:ca: eb:92:54:67:f3:e5:cc:39:a4:31:f4:d5:ac:d3:09:3a:a9:f4: 51:2c:de:72:0e:0e:04:e1:de:9d:82:7e:cc:15:55:cc:49:38: 27:cf:fc:89:d7:ef:b5:4d:7e:fe:07:ff:e0:7c:99:b0:a4:c0: 0d:1d:e3:8e:0a:5e:d3:56:9d:7a:39:6f:a6:3b:bc:06:76:23: e9:43:a8:af:19:cf:a2:59:a6:26:b6:13:4d:06:5a:da:26:5f: 77:4e:1b:ed:8c:2e:fb:a2:d6:94:fe:48:57:24:aa:4b:1b:61: 3c:b3:7b:4f:ea:ac:43:0e:3b:29:21:8b:7a:a0:ae:9f:d5:2c: f7:45:07:55:be:c3:36:be:01:2f:7b:ca:7a:3e:33:89:71:1d: 74:e1:99:ba:67:e3:09:48:ce:a5:9e:f5:b1:af:5f:69:a5:71: 1b:0b:dd:b0:d1:5c:79:61:1b:e7:4d:ad:f4:f2:29:e9:d0:d3: 4a:d8:c0:00:fa:7d:dc:0f:a0:68:46:2a:8f:0e:a8:d4:1e:93: e8:07:2e:f8 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTNFM0YxMTAvBgNVBAUTKDU5RERDMzk2OUI5ODYzQ0ZCNUExNTUyOEFBNEEzOTFB RjIzMzdGNDMwHhcNMjMxMjA1MDQ1NTA3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTZlYWQyYi1iMDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Lqt0tFFq6tkO/1Ovfja+0IjszLMhrX85u30hPAVQ8e8Mnzr53KkLsf+P55x QSCW6LDGKW0qVpCfdgeRMXmMj7hlUbobQpY7GEr3sdPurKnwHdhFQjGxNj8A4ZQ8 cmVKJsZ+M7eS7d2UPsUq8eTYTfbCNJiDKbn831DbP6RNJGdv8QwIrJ2EI9I8H3kR 1j9xLFAOlT5TczdL7P8G3+0Hoh9YhUgl66xv4OR7MvlLfzfcX936mAZjQJmVGs1n oM2yMO3Bu02RPxXDx6m4QvM3+GluiJXT/52tPmFeYs+BWO4OFUHRa2ofFZ+jQ3NT 8QI8we9/5FuWWqzHx4q+Jk9QfQIDAQABo4ICljCCApIwHQYDVR0OBBYEFNg2MhP+ 0f4huV5Ry2McdFiTcaJIMB8GA1UdIwQYMBaAFFndw5abmGPPtaFVKKpKORryM39D MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0UzRi9GQkRGRkVDMDc2 ODYxMUVEQTZDQjNGNDFDNEY5QUUwMi9XZDNEbHB1WVk4LTFvVlVvcWtvNUd2SXpm ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dkM0RscHVZWTgtMW9WVW9xa281R3ZJemYwTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTNFM0YvRkJERkZFQzA3Njg2MTFFREE2Q0IzRjQxQzRGOUFFMDIvRkEwNURGRjQ3 RjQ5MTFFRDg0N0ZGODYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkBPgBMA0GCSqGSIb3DQEBCwUAA4IBAQAE8Ompq3PA2cQa l9SdA1JVAcKoTy/3UF3n8lDOcxAaRJvkg9XP0uQ+ofZSnjp6TAL/9VgoncrrklRn 8+XMOaQx9NWs0wk6qfRRLN5yDg4E4d6dgn7MFVXMSTgnz/yJ1++1TX7+B//gfJmw pMANHeOOCl7TVp16OW+mO7wGdiPpQ6ivGc+iWaYmthNNBlraJl93ThvtjC77otaU /khXJKpLG2E8s3tP6qxDDjspIYt6oK6f1Sz3RQdVvsM2vgEve8p6PjOJcR104Zm6 Z+MJSM6lnvWxr19ppXEbC92w0Vx5YRvnTa308inp0NNK2MAA+n3cD6BoRiqPDqjU HpPoBy74 -----END CERTIFICATE-----Generated at Thu Nov 21 03:21:49 2024 by rpki-client on console-ams.rpki-client.org