$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/8D864528E26911EFB89A9142C4F9AE02.roa File: 8D864528E26911EFB89A9142C4F9AE02.roa (raw, json) Hash identifier: zOrdRoKDpoYhfG4uzIYaG3s04PB1zSIY4MZLdq9QeYE= Subject key identifier: E7:4D:7C:61:6D:10:16:07:A5:05:B3:55:1A:6E:A2:24:0E:04:6A:FA Certificate issuer: /CN=A91BB493/serialNumber=9A3FE54122A5096D3EDD88060ED4D9183CBE1867 Certificate serial: 0A42 Authority key identifier: 9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/8D864528E26911EFB89A9142C4F9AE02.roa Signing time: Mon 03 Feb 2025 20:00:45 +0000 ROA not before: Mon 03 Feb 2025 20:00:45 +0000 ROA not after: Wed 28 May 2025 00:00:00 +0000 asID: 4058 IP address blocks: 2001:218:2000:2::/64 maxlen: 64 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2626 (0xa42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB493 Validity Not Before: Feb 3 20:00:45 2025 GMT Not After : May 28 00:00:00 2025 GMT Subject: CN=67a1206c-71da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:8b:f8:fd:38:fa:bf:5c:e7:d4:ad:1f:41:e1: e8:6e:8a:fc:67:3e:5f:55:32:8d:5c:f6:8a:8e:1a: 17:07:e1:5b:83:29:26:f4:b0:c4:be:9a:83:51:ef: ff:bc:ba:3c:7c:99:3e:b8:7c:31:30:84:8b:44:92: b9:0a:29:54:45:7e:2c:3e:01:cb:66:13:7e:59:24: 73:99:ca:27:ce:53:7b:60:54:1f:92:6d:42:b8:5e: 80:eb:aa:70:e3:ea:48:ac:fe:0b:07:40:5f:f0:ea: 68:c8:ee:57:dd:29:07:69:34:46:11:e0:96:a5:e4: a7:65:ed:26:74:3a:e1:19:5f:00:53:54:1c:62:2a: 67:85:4f:ed:2c:41:87:cc:3e:e3:1b:56:7e:49:39: b6:f1:d5:5a:2a:0b:4e:d2:44:7c:ee:9b:60:90:d1: 0d:fa:f0:fa:b8:70:16:ee:8a:8c:6f:28:a1:c0:3e: bb:32:c1:3d:02:fc:d8:43:a4:b7:d6:89:8c:4b:17: 5f:c5:e0:56:dd:56:25:5f:d4:65:3e:4f:0f:30:fc: c5:be:ef:c6:63:c5:1f:b8:42:88:5b:40:cf:55:2b: 48:34:7a:70:f8:b0:fc:19:f9:4e:a0:ba:ec:bd:47: b7:96:2d:8f:6c:a4:45:61:ce:3d:d8:cb:59:b4:36: 0d:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:4D:7C:61:6D:10:16:07:A5:05:B3:55:1A:6E:A2:24:0E:04:6A:FA X509v3 Authority Key Identifier: keyid:9A:3F:E5:41:22:A5:09:6D:3E:DD:88:06:0E:D4:D9:18:3C:BE:18:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/mj_lQSKlCW0-3YgGDtTZGDy-GGc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mj_lQSKlCW0-3YgGDtTZGDy-GGc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB493/5FCAB67268F311EA832DDB37C4F9AE02/8D864528E26911EFB89A9142C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:218:2000:2::/64 Signature Algorithm: sha256WithRSAEncryption 2e:54:e8:7d:ef:68:ab:c6:3b:08:28:ee:82:f2:e4:0a:1c:b4: 57:5e:11:99:df:be:2b:04:db:4f:c5:83:7b:84:ad:78:1e:85: 16:2a:41:f9:aa:4a:45:0b:eb:be:c5:aa:6d:43:1e:f6:65:d8: 93:fc:ae:75:6e:33:26:e0:8d:80:bf:f4:cc:50:3c:83:a6:ac: f0:ce:54:a1:a7:9c:70:b6:11:9f:53:9e:b9:3c:0e:cd:27:27: b3:cc:bb:c4:df:e6:26:fa:ca:f5:9f:fb:21:a8:e4:21:66:46: a0:1b:4d:c9:c4:04:bb:18:3f:d9:bd:2b:18:8c:b5:93:b8:76: fb:c3:c5:36:21:03:e3:e5:af:44:36:96:fe:47:00:1f:c0:f0: 95:4f:38:8f:e5:c0:e3:bb:6d:a8:ec:20:ff:3b:fe:5d:a5:08: 2b:fb:8e:9d:a6:3e:24:db:6f:5b:d9:b9:51:88:01:68:ee:58: a5:92:a6:39:42:bd:c1:96:8b:5d:e8:c5:25:30:5b:ca:25:f1: 44:da:e3:2e:4e:29:63:08:c6:f9:1a:97:86:96:39:e8:17:e0: ee:f7:76:1c:0c:f6:b6:bf:e8:70:ad:88:e9:e5:fc:59:d8:f7: 63:f3:bc:e2:67:ba:e5:e7:b8:c8:28:dc:e8:e2:62:1a:08:ef: 18:5f:61:ff -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgICCkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI0OTMxMTAvBgNVBAUTKDlBM0ZFNTQxMjJBNTA5NkQzRUREODgwNjBFRDREOTE4 M0NCRTE4NjcwHhcNMjUwMjAzMjAwMDQ1WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02N2ExMjA2Yy03MWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsov4/Tj6v1zn1K0fQeHobor8Zz5fVTKNXPaKjhoXB+Fbgykm9LDEvpqDUe// vLo8fJk+uHwxMISLRJK5CilURX4sPgHLZhN+WSRzmconzlN7YFQfkm1CuF6A66pw 4+pIrP4LB0Bf8OpoyO5X3SkHaTRGEeCWpeSnZe0mdDrhGV8AU1QcYipnhU/tLEGH zD7jG1Z+STm28dVaKgtO0kR87ptgkNEN+vD6uHAW7oqMbyihwD67MsE9AvzYQ6S3 1omMSxdfxeBW3VYlX9RlPk8PMPzFvu/GY8UfuEKIW0DPVStINHpw+LD8GflOoLrs vUe3li2PbKRFYc492MtZtDYNZQIDAQABo4ICmjCCApYwHQYDVR0OBBYEFOdNfGFt EBYHpQWzVRpuoiQOBGr6MB8GA1UdIwQYMBaAFJo/5UEipQltPt2IBg7U2Rg8vhhn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjQ5My81RkNBQjY3MjY4 RjMxMUVBODMyRERCMzdDNEY5QUUwMi9tal9sUVNLbENXMC0zWWdHRHRUWkdEeS1H R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21qX2xRU0tsQ1cwLTNZZ0dEdFRaR0R5LUdHYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkI0OTMvNUZDQUI2NzI2OEYzMTFFQTgzMkREQjM3QzRGOUFFMDIvOEQ4NjQ1MjhF MjY5MTFFRkI4OUE5MTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E FTATMBEEAgACMAsDCQAgAQIYIAAAAjANBgkqhkiG9w0BAQsFAAOCAQEALlTofe9o q8Y7CCjugvLkChy0V14Rmd++KwTbT8WDe4SteB6FFipB+apKRQvrvsWqbUMe9mXY k/yudW4zJuCNgL/0zFA8g6as8M5UoaeccLYRn1OeuTwOzScns8y7xN/mJvrK9Z/7 IajkIWZGoBtNycQEuxg/2b0rGIy1k7h2+8PFNiED4+WvRDaW/kcAH8DwlU84j+XA 47ttqOwg/zv+XaUIK/uOnaY+JNtvW9m5UYgBaO5YpZKmOUK9wZaLXejFJTBbyiXx RNrjLk4pYwjG+RqXhpY56Bfg7vd2HAz2tr/ocK2I6eX8Wdj3Y/O84me65ee4yCjc 6OJiGgjvGF9h/w== -----END CERTIFICATE-----Generated at Wed Feb 19 20:56:23 2025 by rpki-client