$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/DB3F283C0E9611EEBE4A8A4BC4F9AE02.roa File: DB3F283C0E9611EEBE4A8A4BC4F9AE02.roa (raw, json) Hash identifier: X4sbwhXOcs0E6HH8WE+weWdBTfEHEDAbpILj7M9FN7Q= Subject key identifier: 81:D1:87:D8:3A:E9:A0:C1:76:4D:20:8B:AF:D0:0B:AF:3E:F0:0C:C3 Certificate issuer: /CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4 Certificate serial: 55 Authority key identifier: B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/DB3F283C0E9611EEBE4A8A4BC4F9AE02.roa Signing time: Mon 30 Oct 2023 17:27:40 +0000 ROA not before: Mon 30 Oct 2023 17:27:40 +0000 ROA not after: Mon 30 Sep 2024 00:00:00 +0000 asID: 202662 IP address blocks: 2401:b60::/48 maxlen: 48 2401:b60:1::/48 maxlen: 48 2401:b60:2::/48 maxlen: 48 2401:b60:3::/48 maxlen: 48 2401:b60:4::/48 maxlen: 48 2401:b60:5::/48 maxlen: 48 2401:b60:8::/48 maxlen: 48 2401:b60:9::/48 maxlen: 48 2401:b60:10::/48 maxlen: 48 2401:b60:11::/48 maxlen: 48 2401:b60:12::/48 maxlen: 48 2401:b60:13::/48 maxlen: 48 2401:b60:14::/48 maxlen: 48 2401:b60:15::/48 maxlen: 48 2401:b60:16::/48 maxlen: 48 2401:b60:17::/48 maxlen: 48 2401:b60:18::/48 maxlen: 48 2401:b60:19::/48 maxlen: 48 2401:b60:20::/48 maxlen: 48 2401:b60:21::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 07:21:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 85 (0x55) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4 Validity Not Before: Oct 30 17:27:40 2023 GMT Not After : Sep 30 00:00:00 2024 GMT Subject: CN=653fe78b-7e95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:9e:b1:c9:8c:37:f1:ec:c0:e5:b9:97:6f:15: 6b:e1:70:70:07:1a:e1:74:98:f9:90:ae:56:eb:fc: 23:54:eb:e5:55:da:91:3a:31:e0:b5:8b:c9:21:70: e8:30:54:3a:2d:61:dd:5b:bb:5c:24:21:a6:70:1e: 58:26:cd:3c:d0:68:5f:32:a5:08:4a:f5:c0:12:74: 74:2d:68:d9:97:17:eb:1e:dd:b7:aa:57:9b:16:cc: af:cb:b6:7c:58:b5:bd:a2:40:03:af:2e:c6:f9:bc: 44:25:7b:b0:b6:0f:da:ce:c4:16:aa:a0:81:d0:78: ad:e9:ce:61:97:56:9b:0d:3b:4e:54:ac:4c:c4:12: 5e:b6:74:b2:66:6f:82:a4:94:78:c1:11:ce:49:af: 3e:67:25:88:9f:db:0e:61:b2:6f:fa:36:2a:92:00: 81:41:42:c8:70:16:2a:c2:a6:62:1b:fc:84:33:56: 68:7e:47:87:fb:07:58:ed:0b:68:85:8e:3d:bc:3e: b3:9f:1a:4e:87:df:7f:19:0a:9e:4f:a2:38:bd:62: 61:88:04:1a:19:79:0d:95:28:52:66:e5:06:fd:d1: 4e:fa:b4:f3:1a:15:43:a4:c6:3e:d7:fe:54:64:3f: 92:c1:6e:b0:9a:79:cd:e1:b5:8c:98:97:22:94:43: eb:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:D1:87:D8:3A:E9:A0:C1:76:4D:20:8B:AF:D0:0B:AF:3E:F0:0C:C3 X509v3 Authority Key Identifier: keyid:B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/DB3F283C0E9611EEBE4A8A4BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:b60::-2401:b60:5:ffff:ffff:ffff:ffff:ffff 2401:b60:8::/47 2401:b60:10::-2401:b60:19:ffff:ffff:ffff:ffff:ffff 2401:b60:20::/47 Signature Algorithm: sha256WithRSAEncryption 7f:1d:da:10:9b:c3:ae:e7:bc:b8:af:f3:e1:2c:4e:1a:ec:f6: 57:aa:c0:2e:67:e3:1c:45:b8:0f:f9:3f:7d:d3:60:13:73:a1: 42:46:d6:cf:2e:35:e8:51:42:e6:7f:76:7b:10:a8:18:c1:63: 79:15:b8:6c:b1:e6:4d:9f:44:16:da:e2:52:1f:f3:40:ab:a9: 1c:bb:18:d3:73:75:b7:56:58:fc:84:d5:75:24:0e:c7:e7:7f: 19:aa:db:72:8d:ad:ab:7f:5e:73:a2:21:fe:13:df:59:06:d9: 90:35:38:ff:54:ad:a8:a5:3b:ba:98:e3:98:c4:59:71:ef:f5: a6:9d:3a:ba:f0:c3:34:89:18:d2:0c:7f:ee:4b:c3:9e:c9:34: f7:78:c3:db:da:1a:43:f2:f1:81:2a:19:d7:35:f3:d3:73:58: 5e:cf:eb:c8:2f:bb:cb:9d:f8:85:5d:b5:f5:fd:1b:22:d1:01: 2c:e9:6b:97:ed:b9:9f:0e:a3:b7:9a:d0:3c:49:e8:e4:44:d8: 84:6d:0b:87:96:f8:3b:be:41:cd:b5:4c:1f:36:09:cd:89:e4: 7d:75:78:3f:35:8e:c2:99:35:48:f3:62:5c:c3:33:3d:39:37: 1e:2d:b3:d0:12:02:52:45:ec:06:ab:57:8c:87:11:9a:b8:21: f7:ea:6c:54 -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgIBVTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF RTAzQjExMC8GA1UEBRMoQjlFNjBDRjE3OUY0RUFDQkRCOTQ5MkJBNUY3Q0FDRjQ1 MjM5Q0NGNDAeFw0yMzEwMzAxNzI3NDBaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY1M2ZlNzhiLTdlOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDEnrHJjDfx7MDluZdvFWvhcHAHGuF0mPmQrlbr/CNU6+VV2pE6MeC1i8khcOgw VDotYd1bu1wkIaZwHlgmzTzQaF8ypQhK9cASdHQtaNmXF+se3beqV5sWzK/LtnxY tb2iQAOvLsb5vEQle7C2D9rOxBaqoIHQeK3pzmGXVpsNO05UrEzEEl62dLJmb4Kk lHjBEc5Jrz5nJYif2w5hsm/6NiqSAIFBQshwFirCpmIb/IQzVmh+R4f7B1jtC2iF jj28PrOfGk6H338ZCp5Poji9YmGIBBoZeQ2VKFJm5Qb90U76tPMaFUOkxj7X/lRk P5LBbrCaec3htYyYlyKUQ+uvAgMBAAGjggLHMIICwzAdBgNVHQ4EFgQUgdGH2Drp oMF2TSCLr9ALrz7wDMMwHwYDVR0jBBgwFoAUueYM8Xn06svblJK6X3ys9FI5zPQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFMDNCL0FGOTY3MTY2MEI2 RTExRUVCMjlCQjE3MEM0RjlBRTAyL3VlWU04WG4wNnN2YmxKSzZYM3lzOUZJNXpQ US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdWVZTThYbjA2c3ZibEpLNlgzeXM5Rkk1elBRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RTAzQi9BRjk2NzE2NjBCNkUxMUVFQjI5QkIxNzBDNEY5QUUwMi9EQjNGMjgzQzBF OTYxMUVFQkU0QThBNEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBRBggrBgEFBQcBBwEB/wRC MEAwPgQCAAIwODAQAwUFJAELYAMHASQBC2AABAMHASQBC2AACDASAwcEJAELYAAQ AwcBJAELYAAYAwcBJAELYAAgMA0GCSqGSIb3DQEBCwUAA4IBAQB/HdoQm8Ou57y4 r/PhLE4a7PZXqsAuZ+McRbgP+T9902ATc6FCRtbPLjXoUULmf3Z7EKgYwWN5Fbhs seZNn0QW2uJSH/NAq6kcuxjTc3W3Vlj8hNV1JA7H538Zqttyja2rf15zoiH+E99Z BtmQNTj/VK2opTu6mOOYxFlx7/WmnTq68MM0iRjSDH/uS8OeyTT3eMPb2hpD8vGB KhnXNfPTc1hez+vIL7vLnfiFXbX1/Rsi0QEs6WuX7bmfDqO3mtA8SejkRNiEbQuH lvg7vkHNtUwfNgnNieR9dXg/NY7CmTVI82JcwzM9OTceLbPQEgJSRewGq1eMhxGa uCH36mxU -----END CERTIFICATE-----Generated at Fri May 31 10:02:46 2024 by rpki-client on console-ams.rpki-client.org