$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/971BD34C68FB11EFB3A4CD61C4F9AE02.roa File: 971BD34C68FB11EFB3A4CD61C4F9AE02.roa (raw, json) Hash identifier: hiMuJQBsL6nU5RUTNfHNIpezqly7KDVywZa1LBbCC64= Subject key identifier: 8C:4A:32:87:61:39:4A:A3:E0:13:7D:87:6F:B3:BF:1D:FF:C8:9A:C6 Certificate issuer: /CN=A91AF2D9/serialNumber=FF06343CA99A641000C711F32D69F59C19ACF043 Certificate serial: 03 Authority key identifier: FF:06:34:3C:A9:9A:64:10:00:C7:11:F3:2D:69:F5:9C:19:AC:F0:43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wY0PKmaZBAAxxHzLWn1nBms8EM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/971BD34C68FB11EFB3A4CD61C4F9AE02.roa Signing time: Mon 02 Sep 2024 07:18:45 +0000 ROA not before: Mon 02 Sep 2024 07:18:45 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 151656 IP address blocks: 2001:df4:27c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/_wY0PKmaZBAAxxHzLWn1nBms8EM.crl rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/_wY0PKmaZBAAxxHzLWn1nBms8EM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wY0PKmaZBAAxxHzLWn1nBms8EM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Oct 2024 05:54:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF2D9/serialNumber=FF06343CA99A641000C711F32D69F59C19ACF043 Validity Not Before: Sep 2 07:18:45 2024 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=66d566d5-e9bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:01:dd:66:78:e3:d2:f5:d9:e7:a6:02:86:51: d1:0a:82:92:37:95:e1:f7:e3:75:fb:69:fa:53:06: 5e:0e:a4:0f:63:1a:d1:4d:5d:70:db:b9:5a:0a:eb: af:a8:db:8f:02:97:46:b4:fb:68:52:26:54:50:f5: 85:41:5c:1e:bd:16:66:08:69:50:99:af:7b:4c:df: 16:55:da:4d:8a:6d:e9:a9:c6:5c:96:bc:23:88:93: f4:ad:a0:00:20:ff:fa:3f:c3:88:cc:2c:df:5e:9e: 0d:e5:1d:95:4d:43:df:9a:c6:53:57:ff:aa:14:2e: 82:56:c5:03:26:bd:8e:8b:e9:de:ed:cf:7c:18:cb: c9:dd:b5:96:28:8a:b5:84:6d:dd:1e:ff:5c:12:5b: 2e:e3:03:ce:27:da:39:c0:92:1a:63:a5:3f:bf:58: 44:65:8d:f2:2f:76:21:c0:c5:80:db:49:7b:4c:34: f4:70:31:48:f0:ed:57:5a:b0:2b:73:87:70:16:b6: 61:ed:e7:93:6b:d9:79:13:53:f9:d7:2d:f9:07:01: 55:9a:19:55:2d:ff:63:ab:4c:bc:54:bf:8b:0e:c9: f2:45:16:70:d4:9d:b9:a3:c9:fa:14:b3:4b:5f:65: 03:36:ac:48:9b:3b:19:a7:58:65:36:e7:67:49:32: b2:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:4A:32:87:61:39:4A:A3:E0:13:7D:87:6F:B3:BF:1D:FF:C8:9A:C6 X509v3 Authority Key Identifier: keyid:FF:06:34:3C:A9:9A:64:10:00:C7:11:F3:2D:69:F5:9C:19:AC:F0:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/_wY0PKmaZBAAxxHzLWn1nBms8EM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wY0PKmaZBAAxxHzLWn1nBms8EM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/971BD34C68FB11EFB3A4CD61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df4:27c0::/48 Signature Algorithm: sha256WithRSAEncryption 3c:2a:72:95:eb:a4:1a:22:3e:3f:3f:04:9e:cf:52:88:72:b9: 96:8d:0e:f7:49:cd:5d:c8:42:a9:32:65:57:15:2b:08:3a:f3: 58:ed:38:44:2d:9f:16:e6:65:fc:28:a8:f8:a0:25:b1:d2:ad: b5:b1:09:f5:3a:10:52:2c:f3:8c:18:23:60:03:cd:96:59:15: 58:ab:ec:ea:27:5c:d1:e0:5c:5e:12:e7:bd:6b:38:2e:c4:27: c0:4b:bf:1f:1f:e8:a1:43:13:7c:e0:44:c2:fa:f8:f7:55:f6: 38:2b:05:c9:c0:fb:a0:11:05:ec:e7:e6:04:54:72:11:e6:9e: bf:1e:ef:e6:3e:75:c2:3d:2b:dc:0a:17:d5:45:03:41:c2:8e: cd:a9:11:0f:c8:eb:fb:8a:ff:8f:1f:27:d8:63:8b:c9:60:06: d1:6f:3c:7b:4a:d0:2f:dd:af:12:64:37:5d:61:c7:42:75:61: ce:53:58:2b:7d:51:9a:37:79:7f:cb:4b:11:cc:33:c8:91:de: 7d:9f:dd:90:4a:ea:87:2d:3c:d6:9f:09:df:68:dc:c8:4d:36: b7:1d:63:eb:90:67:1a:70:05:bc:4b:76:7e:55:c7:d5:55:30: 6a:50:0d:00:30:b7:62:6d:b8:9f:79:e4:a6:db:07:b1:d6:d5: 6c:61:60:99 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB RjJEOTExMC8GA1UEBRMoRkYwNjM0M0NBOTlBNjQxMDAwQzcxMUYzMkQ2OUY1OUMx OUFDRjA0MzAeFw0yNDA5MDIwNzE4NDVaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY2ZDU2NmQ1LWU5YmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDkAd1meOPS9dnnpgKGUdEKgpI3leH343X7afpTBl4OpA9jGtFNXXDbuVoK66+o 248Cl0a0+2hSJlRQ9YVBXB69FmYIaVCZr3tM3xZV2k2KbempxlyWvCOIk/StoAAg //o/w4jMLN9eng3lHZVNQ9+axlNX/6oULoJWxQMmvY6L6d7tz3wYy8ndtZYoirWE bd0e/1wSWy7jA84n2jnAkhpjpT+/WERljfIvdiHAxYDbSXtMNPRwMUjw7VdasCtz h3AWtmHt55Nr2XkTU/nXLfkHAVWaGVUt/2OrTLxUv4sOyfJFFnDUnbmjyfoUs0tf ZQM2rEibOxmnWGU252dJMrLRAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUjEoyh2E5 SqPgE32Hb7O/Hf/ImsYwHwYDVR0jBBgwFoAU/wY0PKmaZBAAxxHzLWn1nBms8EMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGMkQ5L0IzMTIwMUUwNjdB QTExRUY4RjQ5OEEyN0M0RjlBRTAyL193WTBQS21hWkJBQXh4SHpMV24xbkJtczhF TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvX3dZMFBLbWFaQkFBeHhIekxXbjFuQm1zOEVNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjJEOS9CMzEyMDFFMDY3QUExMUVGOEY0OThBMjdDNEY5QUUwMi85NzFCRDM0QzY4 RkIxMUVGQjNBNENENjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHACABDfQnwDANBgkqhkiG9w0BAQsFAAOCAQEAPCpyleukGiI+ Pz8Ens9SiHK5lo0O90nNXchCqTJlVxUrCDrzWO04RC2fFuZl/Cio+KAlsdKttbEJ 9ToQUizzjBgjYAPNllkVWKvs6idc0eBcXhLnvWs4LsQnwEu/Hx/ooUMTfOBEwvr4 91X2OCsFycD7oBEF7OfmBFRyEeaevx7v5j51wj0r3AoX1UUDQcKOzakRD8jr+4r/ jx8n2GOLyWAG0W88e0rQL92vEmQ3XWHHQnVhzlNYK31Rmjd5f8tLEcwzyJHefZ/d kErqhy081p8J32jcyE02tx1j65BnGnAFvEt2flXH1VUwalANADC3Ym24n3nkptsH sdbVbGFgmQ== -----END CERTIFICATE-----Generated at Wed Oct 23 07:46:01 2024 by rpki-client on console-ams.rpki-client.org