$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa File: D0CDFEEA406E11EFA085272AC4F9AE02.roa (raw, json) Hash identifier: qFjgS4TnxBDK37/ucuidHMAg92Qiv6vR40s9zvr+H5E= Subject key identifier: B3:9C:D9:97:56:77:A0:62:48:9E:85:7A:8F:4D:28:F5:FB:18:35:4E Certificate issuer: /CN=A91F9E0A/serialNumber=3D5946003EEE548AD95D796CB188B751C57CDAC8 Certificate serial: 04 Authority key identifier: 3D:59:46:00:3E:EE:54:8A:D9:5D:79:6C:B1:88:B7:51:C5:7C:DA:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa Signing time: Fri 12 Jul 2024 16:50:17 +0000 ROA not before: Fri 12 Jul 2024 16:50:17 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 152900 IP address blocks: 2401:a4a0:1::/48 maxlen: 48 2401:a4a0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.crl rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 05:18:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9E0A/serialNumber=3D5946003EEE548AD95D796CB188B751C57CDAC8 Validity Not Before: Jul 12 16:50:17 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66915ec8-f0db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:cc:6b:6e:88:02:a9:d8:3f:81:c6:23:13:1e: fe:fa:f4:d3:bb:3e:07:60:e3:2b:ee:45:5c:46:86: b1:6e:65:b2:6e:d2:06:47:b1:7c:02:1a:55:ac:96: 0b:c6:c4:79:97:81:55:83:68:c7:a8:19:99:c6:0a: ce:ad:02:14:60:14:d9:cd:70:ca:40:f2:4d:88:95: 9b:56:ff:b4:c8:72:09:05:b9:07:c1:58:53:a3:4b: 0c:d9:0a:cf:1f:83:a1:89:01:44:54:bd:3b:4a:3c: 18:58:be:af:63:2b:f8:be:74:b8:d0:29:f6:4e:1d: 0d:aa:b8:5e:31:51:c3:eb:69:f5:df:18:0b:4e:55: 66:55:42:90:3b:83:cf:9e:8e:40:ce:5b:33:79:c0: f6:a7:4b:60:c5:88:4a:99:02:37:ee:53:df:19:dd: 12:a2:3f:30:69:da:c3:f4:f9:a8:d5:c7:75:86:27: 43:fb:72:f5:7c:f6:67:46:d7:cd:ac:fe:8f:52:3c: 35:dd:8a:5d:cc:40:9e:4c:17:db:8d:00:48:25:09: 93:8b:97:19:d0:79:93:92:7b:26:b0:4e:22:c0:6f: 45:8d:9e:a7:07:8b:37:ab:a0:f1:bb:54:46:98:a8: 4e:38:e8:3c:65:7e:c3:4e:b8:12:ec:86:42:74:1c: 4d:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:9C:D9:97:56:77:A0:62:48:9E:85:7A:8F:4D:28:F5:FB:18:35:4E X509v3 Authority Key Identifier: keyid:3D:59:46:00:3E:EE:54:8A:D9:5D:79:6C:B1:88:B7:51:C5:7C:DA:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:a4a0:1::-2401:a4a0:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 55:3e:7b:48:27:0c:1d:a9:cd:b4:17:6f:f7:81:b8:c9:14:95: 61:33:b8:ce:e6:b9:3a:65:59:f0:f2:11:a8:2b:1b:a1:10:87: 38:1b:38:15:ca:1f:76:59:85:b7:f9:8a:2a:82:6c:26:ed:52: 4a:68:e2:be:ec:68:66:81:7f:37:4c:93:93:c7:67:25:84:5b: e8:a9:13:8e:38:ba:29:14:90:65:b2:d9:0c:82:6d:cf:39:51: c1:e0:a8:18:a2:3a:91:2d:95:d6:03:4e:56:77:8e:07:3a:68: 61:54:87:ca:86:ea:b4:f5:e2:46:f4:de:f8:56:6a:a9:da:0d: 7b:e0:11:24:ce:b8:66:f2:32:3b:8e:44:31:69:46:b3:bd:d3: 6c:39:20:12:52:6c:df:a7:b0:c7:d3:71:a9:ff:90:5a:f8:1c: 52:d4:9b:35:15:65:92:44:89:ba:da:bc:38:b3:96:e3:3a:e0: 08:46:f9:fd:07:23:79:91:58:80:78:a8:8f:b5:12:0b:da:60: 07:97:14:2b:b5:99:70:06:26:0b:59:7f:d4:5f:3a:57:98:29: 8d:f3:b7:9d:5b:40:1c:8d:ed:f1:f2:cd:80:3b:b6:19:b5:2d: e1:0e:f3:59:12:56:34:a3:e8:9f:e1:66:b8:d0:22:e8:42:72: 6b:12:b7:12 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG OUUwQTExMC8GA1UEBRMoM0Q1OTQ2MDAzRUVFNTQ4QUQ5NUQ3OTZDQjE4OEI3NTFD NTdDREFDODAeFw0yNDA3MTIxNjUwMTdaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY2OTE1ZWM4LWYwZGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCazGtuiAKp2D+BxiMTHv769NO7Pgdg4yvuRVxGhrFuZbJu0gZHsXwCGlWslgvG xHmXgVWDaMeoGZnGCs6tAhRgFNnNcMpA8k2IlZtW/7TIcgkFuQfBWFOjSwzZCs8f g6GJAURUvTtKPBhYvq9jK/i+dLjQKfZOHQ2quF4xUcPrafXfGAtOVWZVQpA7g8+e jkDOWzN5wPanS2DFiEqZAjfuU98Z3RKiPzBp2sP0+ajVx3WGJ0P7cvV89mdG182s /o9SPDXdil3MQJ5MF9uNAEglCZOLlxnQeZOSeyawTiLAb0WNnqcHizeroPG7VEaY qE446DxlfsNOuBLshkJ0HE3FAgMBAAGjggKjMIICnzAdBgNVHQ4EFgQUs5zZl1Z3 oGJInoV6j00o9fsYNU4wHwYDVR0jBBgwFoAUPVlGAD7uVIrZXXlssYi3UcV82sgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY5RTBBLzBCRDk4NUU4M0U2 OTExRUZBMkNFNjc2QUM0RjlBRTAyL1BWbEdBRDd1VklyWlhYbHNzWWkzVWNWODJz Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUFZsR0FEN3VWSXJaWFhsc3NZaTNVY1Y4MnNnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OUUwQS8wQkQ5ODVFODNFNjkxMUVGQTJDRTY3NkFDNEY5QUUwMi9EMENERkVFQTQw NkUxMUVGQTA4NTI3MkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcBBwEB/wQe MBwwGgQCAAIwFDASAwcAJAGkoAABAwcAJAGkoAACMA0GCSqGSIb3DQEBCwUAA4IB AQBVPntIJwwdqc20F2/3gbjJFJVhM7jO5rk6ZVnw8hGoKxuhEIc4GzgVyh92WYW3 +Yoqgmwm7VJKaOK+7GhmgX83TJOTx2clhFvoqROOOLopFJBlstkMgm3POVHB4KgY ojqRLZXWA05Wd44HOmhhVIfKhuq09eJG9N74Vmqp2g174BEkzrhm8jI7jkQxaUaz vdNsOSASUmzfp7DH03Gp/5Ba+BxS1Js1FWWSRIm62rw4s5bjOuAIRvn9ByN5kViA eKiPtRIL2mAHlxQrtZlwBiYLWX/UXzpXmCmN87edW0Acje3x8s2AO7YZtS3hDvNZ ElY0o+if4Wa40CLoQnJrErcS -----END CERTIFICATE-----Generated at Thu Nov 21 06:50:53 2024 by rpki-client on console-fra.rpki-client.org