$ rpki-client -vvf rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/D281F334A23C11EE9C497526C4F9AE02.roa File: D281F334A23C11EE9C497526C4F9AE02.roa (raw, json) Hash identifier: T3yCjUn5TQe9DF2Sq2LKwWLndR0CVsw6xKTLO8fI9Tg= Subject key identifier: F7:89:3E:EE:9E:51:DD:1B:E3:26:98:43:C9:2E:A0:10:58:0E:BE:5B Certificate issuer: /CN=A91E923A/serialNumber=6638A604260FCCF2E9D8B20C1792ECA15DC76D5C Certificate serial: 2B Authority key identifier: 66:38:A6:04:26:0F:CC:F2:E9:D8:B2:0C:17:92:EC:A1:5D:C7:6D:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZjimBCYPzPLp2LIMF5LsoV3HbVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/D281F334A23C11EE9C497526C4F9AE02.roa Signing time: Sun 24 Dec 2023 09:14:21 +0000 ROA not before: Sun 24 Dec 2023 09:14:21 +0000 ROA not after: Sat 31 Aug 2024 00:00:00 +0000 asID: 137871 IP address blocks: 2406:1dc0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/ZjimBCYPzPLp2LIMF5LsoV3HbVw.crl rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/ZjimBCYPzPLp2LIMF5LsoV3HbVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZjimBCYPzPLp2LIMF5LsoV3HbVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 18:54:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E923A/serialNumber=6638A604260FCCF2E9D8B20C1792ECA15DC76D5C Validity Not Before: Dec 24 09:14:21 2023 GMT Not After : Aug 31 00:00:00 2024 GMT Subject: CN=6587f66d-5a50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:93:c5:cf:82:0c:42:96:62:f6:e2:58:71:c1: 97:14:9c:30:96:3b:18:b6:fd:5e:18:86:d0:0a:06: 1e:08:4b:4b:f6:07:81:af:7d:3f:d0:0c:48:99:81: 5b:fe:e0:f7:12:bd:41:93:b2:f0:04:e5:c9:0e:dc: 2c:e7:af:97:f1:d3:c6:f0:9f:d3:fd:e8:0e:85:09: 4a:05:87:d2:e0:84:9a:85:7f:b0:e0:0a:36:e0:c8: c7:e2:2f:05:31:a8:4d:f4:b0:e7:33:3c:e6:4c:9e: a3:c4:e6:f4:54:ed:b4:20:1c:29:e8:17:11:1f:f2: fa:8c:68:85:43:e3:36:16:c4:1f:4b:3b:e3:11:a2: dd:e6:1b:46:50:6f:43:2e:33:8a:7e:e1:e4:1a:83: 5b:a7:83:c5:0d:fc:e5:06:2f:40:b7:88:8a:28:64: 5c:87:5e:e7:15:35:a0:d5:da:6e:70:e6:06:e8:96: 53:37:03:59:6f:21:e7:7b:8d:a1:a8:d4:26:e8:67: f8:05:2d:f0:9e:cd:c4:18:fa:b4:90:83:87:77:2e: 9a:82:b7:70:75:c8:9d:b4:a3:f5:bb:eb:7a:df:5e: 73:83:06:0a:48:44:ea:61:ef:48:2e:74:1e:a3:a6: 17:05:12:41:26:ae:57:e5:52:6a:4d:eb:25:a0:98: b9:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:89:3E:EE:9E:51:DD:1B:E3:26:98:43:C9:2E:A0:10:58:0E:BE:5B X509v3 Authority Key Identifier: keyid:66:38:A6:04:26:0F:CC:F2:E9:D8:B2:0C:17:92:EC:A1:5D:C7:6D:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/ZjimBCYPzPLp2LIMF5LsoV3HbVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZjimBCYPzPLp2LIMF5LsoV3HbVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E923A/C9B3CC54EC1111E98E0F8647C4F9AE02/D281F334A23C11EE9C497526C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:1dc0::/32 Signature Algorithm: sha256WithRSAEncryption 2e:8d:64:f0:5d:89:a9:df:1a:3b:19:c1:74:26:9e:d8:55:e1: 74:19:60:cf:a4:7b:af:a7:9b:76:3f:f2:12:12:7c:a6:86:8a: 70:4d:2b:9a:17:b5:f0:d2:dc:1c:20:34:21:f2:94:a6:d3:b1: d7:7d:74:e1:83:a3:a5:ce:d0:65:7a:e9:82:b7:71:74:13:14: 82:a4:c6:21:d3:29:15:9b:e4:6e:08:c7:ee:bb:de:3c:b7:7d: 0a:06:c5:7a:b1:fe:94:4f:41:fa:97:24:74:2e:c8:da:d4:36: e9:15:b8:91:37:f3:a3:93:cb:76:f5:d0:9b:4e:32:fe:34:eb: 39:3b:75:d7:15:94:85:ce:c8:a6:9d:c1:69:67:56:4b:f3:f8: 9f:8e:dd:34:f7:eb:12:86:7d:20:ac:b6:57:f9:81:f1:27:0c: ed:49:f8:b5:eb:91:82:64:b6:d6:ce:5b:1d:19:e7:4b:ac:af: 87:ac:63:57:51:c0:ae:e6:14:0b:6b:0d:28:1f:46:18:0a:1a: df:8d:1a:09:aa:cd:2f:7b:01:ab:13:08:b4:92:fe:08:aa:cc: e7:ca:61:92:f3:e6:fb:ab:59:d4:4d:34:c0:6b:48:67:04:d7: ba:dc:2a:eb:a4:d4:ff:58:d2:84:e1:40:fa:6b:d4:04:19:b4: 0f:d3:34:32 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF OTIzQTExMC8GA1UEBRMoNjYzOEE2MDQyNjBGQ0NGMkU5RDhCMjBDMTc5MkVDQTE1 REM3NkQ1QzAeFw0yMzEyMjQwOTE0MjFaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1ODdmNjZkLTVhNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDok8XPggxClmL24lhxwZcUnDCWOxi2/V4YhtAKBh4IS0v2B4GvfT/QDEiZgVv+ 4PcSvUGTsvAE5ckO3Cznr5fx08bwn9P96A6FCUoFh9LghJqFf7DgCjbgyMfiLwUx qE30sOczPOZMnqPE5vRU7bQgHCnoFxEf8vqMaIVD4zYWxB9LO+MRot3mG0ZQb0Mu M4p+4eQag1ung8UN/OUGL0C3iIooZFyHXucVNaDV2m5w5gbollM3A1lvIed7jaGo 1CboZ/gFLfCezcQY+rSQg4d3LpqCt3B1yJ20o/W763rfXnODBgpIROph70gudB6j phcFEkEmrlflUmpN6yWgmLkrAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQU94k+7p5R 3RvjJphDyS6gEFgOvlswHwYDVR0jBBgwFoAUZjimBCYPzPLp2LIMF5LsoV3HbVww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU5MjNBL0M5QjNDQzU0RUMx MTExRTk4RTBGODY0N0M0RjlBRTAyL1pqaW1CQ1lQelBMcDJMSU1GNUxzb1YzSGJW dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWmppbUJDWVB6UExwMkxJTUY1THNvVjNIYlZ3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OTIzQS9DOUIzQ0M1NEVDMTExMUU5OEUwRjg2NDdDNEY5QUUwMi9EMjgxRjMzNEEy M0MxMUVFOUM0OTc1MjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR MA8wDQQCAAIwBwMFACQGHcAwDQYJKoZIhvcNAQELBQADggEBAC6NZPBdianfGjsZ wXQmnthV4XQZYM+ke6+nm3Y/8hISfKaGinBNK5oXtfDS3BwgNCHylKbTsdd9dOGD o6XO0GV66YK3cXQTFIKkxiHTKRWb5G4Ix+673jy3fQoGxXqx/pRPQfqXJHQuyNrU NukVuJE386OTy3b10JtOMv406zk7ddcVlIXOyKadwWlnVkvz+J+O3TT36xKGfSCs tlf5gfEnDO1J+LXrkYJkttbOWx0Z50usr4esY1dRwK7mFAtrDSgfRhgKGt+NGgmq zS97AasTCLSS/giqzOfKYZLz5vurWdRNNMBrSGcE17rcKuuk1P9Y0oThQPpr1AQZ tA/TNDI= -----END CERTIFICATE-----Generated at Sun Apr 28 19:55:48 2024 by rpki-client on console-ams.rpki-client.org