$ rpki-client -vvf rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/86CD7C2E72B011EB9FC4FE4EC4F9AE02.roa File: 86CD7C2E72B011EB9FC4FE4EC4F9AE02.roa (raw, json) Hash identifier: RvH9liGYtN3pCJtiX2u2KDE0nqgRa0CwWenaE2r1n/4= Subject key identifier: D5:15:B0:8B:CE:45:93:E9:B7:24:EA:FE:2B:E2:1C:3E:BD:28:27:DC Certificate issuer: /CN=A91B625F/serialNumber=E155B82A87D28E877602F994F8FFD3E744AAF480 Certificate serial: 06D0 Authority key identifier: E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/86CD7C2E72B011EB9FC4FE4EC4F9AE02.roa Signing time: Mon 20 Nov 2023 22:50:28 +0000 ROA not before: Mon 20 Nov 2023 22:50:28 +0000 ROA not after: Fri 31 Jan 2025 00:00:00 +0000 asID: 38173 IP address blocks: 2406:9dc0:1000::/44 maxlen: 48 2406:9dc0:6660::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 23:08:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1744 (0x6d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B625F/serialNumber=E155B82A87D28E877602F994F8FFD3E744AAF480 Validity Not Before: Nov 20 22:50:28 2023 GMT Not After : Jan 31 00:00:00 2025 GMT Subject: CN=655be2b4-7a0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a3:51:be:a4:cd:c8:5d:d2:78:f5:79:25:6a: 01:69:03:ca:34:0f:82:25:1d:ee:ac:1e:e9:d1:d3: e2:97:e7:3d:ea:e8:da:5f:55:55:c5:a6:0e:ab:2f: 1b:a1:02:3b:08:1e:5c:3b:ce:ff:a7:34:44:c0:da: a0:49:5a:ca:ba:b1:46:bb:8c:ae:6c:87:28:e8:a7: 5c:e0:ac:2b:a6:c0:90:ce:3f:26:2e:5b:9f:00:7d: eb:0f:e1:18:ad:b3:8e:2b:c8:74:d7:5f:09:64:1f: ab:98:58:0b:30:3a:55:cf:b9:00:8d:9e:d4:dc:27: c1:80:36:93:db:4b:a2:ed:7b:77:17:56:51:1c:3e: b1:f6:47:83:d0:05:84:33:65:3e:e7:fb:91:01:bf: fc:89:8c:ab:a6:19:51:ef:57:a0:9c:ee:37:17:c3: e9:78:6b:7e:dd:9e:38:e5:5d:f8:c3:a6:5a:e9:61: 5c:7f:83:78:eb:b5:81:0c:3a:77:7a:83:4d:01:74: a3:05:03:3b:b7:ce:0e:15:d5:1a:91:40:d4:aa:27: fb:c4:e2:76:cb:f1:a6:52:e6:30:ca:e9:fb:67:99: de:ef:9a:67:d9:a1:95:d2:96:6b:5c:87:34:fb:78: 7e:74:6d:3c:dc:5d:5b:07:25:63:1f:7a:88:76:87: 1d:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:15:B0:8B:CE:45:93:E9:B7:24:EA:FE:2B:E2:1C:3E:BD:28:27:DC X509v3 Authority Key Identifier: keyid:E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/86CD7C2E72B011EB9FC4FE4EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:9dc0:1000::/44 2406:9dc0:6660::/44 Signature Algorithm: sha256WithRSAEncryption a5:19:e9:8f:71:30:5b:3d:36:5d:bf:5e:b0:a3:50:c1:d7:d4: f2:e6:75:ab:80:16:64:d5:92:92:11:35:77:98:4c:dc:6e:52: 3f:04:6d:50:ff:9f:72:6f:6e:89:a3:e6:a4:12:44:00:77:ab: 60:ba:68:16:70:69:2f:5f:ff:d3:48:3b:06:f1:0b:33:02:45: 66:e6:44:64:79:e3:59:39:ca:64:04:f8:86:8b:99:e2:16:bd: 94:65:b4:36:b6:44:3b:c7:f7:2d:98:83:53:51:79:2c:5c:86: 41:45:33:7e:29:f2:27:a8:58:2d:e7:36:a2:a7:1e:e5:31:84: be:87:1e:33:66:c3:93:d6:17:40:66:00:d0:4c:ce:88:1d:cb: f1:75:8d:b7:cb:07:d2:3f:9a:be:7a:5b:73:81:aa:d7:45:77: f6:57:fe:22:c4:43:20:1f:02:29:c6:82:2a:25:11:ca:55:17: 99:d5:f2:d1:b6:a7:97:59:05:b3:84:b1:bf:9a:b4:0d:d9:91: b1:15:8f:5c:30:57:dd:36:13:b3:f3:b1:7b:5f:58:25:3d:d7: cb:bf:a7:0d:11:8c:5b:4d:3e:92:64:f9:f3:63:e7:52:2d:65: c6:ce:2f:bc:c9:75:e9:fe:e1:01:0c:68:5d:e6:08:10:a5:04: bb:a3:cc:bb -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICBtAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjYyNUYxMTAvBgNVBAUTKEUxNTVCODJBODdEMjhFODc3NjAyRjk5NEY4RkZEM0U3 NDRBQUY0ODAwHhcNMjMxMTIwMjI1MDI4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02NTViZTJiNC03YTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtKNRvqTNyF3SePV5JWoBaQPKNA+CJR3urB7p0dPil+c96ujaX1VVxaYOqy8b oQI7CB5cO87/pzREwNqgSVrKurFGu4yubIco6Kdc4KwrpsCQzj8mLlufAH3rD+EY rbOOK8h0118JZB+rmFgLMDpVz7kAjZ7U3CfBgDaT20ui7Xt3F1ZRHD6x9keD0AWE M2U+5/uRAb/8iYyrphlR71egnO43F8PpeGt+3Z445V34w6Za6WFcf4N467WBDDp3 eoNNAXSjBQM7t84OFdUakUDUqif7xOJ2y/GmUuYwyun7Z5ne75pn2aGV0pZrXIc0 +3h+dG083F1bByVjH3qIdocdTwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNUVsIvO RZPptyTq/iviHD69KCfcMB8GA1UdIwQYMBaAFOFVuCqH0o6HdgL5lPj/0+dEqvSA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjI1Ri8yMkQ5MUY3MjEx Q0UxMUVCOEFEMDVBMkJDNEY5QUUwMi80Vlc0S29mU2pvZDJBdm1VLVBfVDUwU3E5 SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRWVzRLb2ZTam9kMkF2bVUtUF9UNTBTcTlJQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjYyNUYvMjJEOTFGNzIxMUNFMTFFQjhBRDA1QTJCQzRGOUFFMDIvODZDRDdDMkU3 MkIwMTFFQjlGQzRGRTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgACMBIDBwQkBp3AEAADBwQkBp3AZmAwDQYJKoZIhvcNAQELBQADggEB AKUZ6Y9xMFs9Nl2/XrCjUMHX1PLmdauAFmTVkpIRNXeYTNxuUj8EbVD/n3Jvbomj 5qQSRAB3q2C6aBZwaS9f/9NIOwbxCzMCRWbmRGR541k5ymQE+IaLmeIWvZRltDa2 RDvH9y2Yg1NReSxchkFFM34p8ieoWC3nNqKnHuUxhL6HHjNmw5PWF0BmANBMzogd y/F1jbfLB9I/mr56W3OBqtdFd/ZX/iLEQyAfAinGgiolEcpVF5nV8tG2p5dZBbOE sb+atA3ZkbEVj1wwV902E7PzsXtfWCU918u/pw0RjFtNPpJk+fNj51ItZcbOL7zJ den+4QEMaF3mCBClBLujzLs= -----END CERTIFICATE-----Generated at Tue May 7 00:53:23 2024 by rpki-client on console-ams.rpki-client.org