$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA69F/C665DF2233A311EFA5B49B23C4F9AE02/4FAF60B433A411EFB7A29C24C4F9AE02.roa File: 4FAF60B433A411EFB7A29C24C4F9AE02.roa (raw, json) Hash identifier: LD7B5+XzyaE0f/ths6DbB5WXZXs6tAf0rdqOWz9N/kI= Subject key identifier: 6B:F9:A8:41:28:1C:56:E6:63:D8:0C:EF:B0:EE:1E:24:FC:CA:F0:E3 Certificate issuer: /CN=A91FA69F/serialNumber=784EC0F0FF9D6D80DC9F7DCE39149FC60F961499 Certificate serial: 02 Authority key identifier: 78:4E:C0:F0:FF:9D:6D:80:DC:9F:7D:CE:39:14:9F:C6:0F:96:14:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eE7A8P-dbYDcn33OORSfxg-WFJk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA69F/C665DF2233A311EFA5B49B23C4F9AE02/4FAF60B433A411EFB7A29C24C4F9AE02.roa Signing time: Wed 26 Jun 2024 10:10:28 +0000 ROA not before: Wed 26 Jun 2024 10:10:28 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 153037 IP address blocks: 2001:df3:fa40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA69F/C665DF2233A311EFA5B49B23C4F9AE02/eE7A8P-dbYDcn33OORSfxg-WFJk.crl rsync://rpki.apnic.net/member_repository/A91FA69F/C665DF2233A311EFA5B49B23C4F9AE02/eE7A8P-dbYDcn33OORSfxg-WFJk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eE7A8P-dbYDcn33OORSfxg-WFJk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 05:18:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA69F/serialNumber=784EC0F0FF9D6D80DC9F7DCE39149FC60F961499 Validity Not Before: Jun 26 10:10:28 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=667be913-b45b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:34:63:91:5a:83:e5:95:03:d8:d4:b6:c1:2e: 54:f8:81:56:07:df:59:c9:2d:41:b2:a4:19:88:c2: ed:73:2f:93:d2:dd:68:49:f7:d8:b7:fe:b4:34:c9: 47:f6:6f:a1:d6:17:89:2f:06:62:9e:ee:53:69:76: 1f:72:fd:11:87:c8:f6:46:27:3e:da:88:e2:09:5c: ff:a1:bb:89:84:16:fe:87:23:a0:27:9d:96:94:fb: f6:c5:cb:3e:b2:af:41:e8:d1:44:a1:ba:28:7e:18: 84:43:61:37:75:fd:0e:08:f5:f6:17:dd:39:8c:1a: 14:9b:4d:a2:c1:55:06:33:62:9b:5e:88:2d:f3:15: cf:88:9c:6f:0a:78:27:e5:fc:d7:aa:c9:9b:44:f6: 5e:0f:15:10:25:8f:b1:98:5e:0a:e7:a9:75:31:ae: 63:1d:b3:f8:9e:93:c3:bf:72:65:8f:c4:af:17:52: 29:fe:25:91:cd:3e:e3:1a:3c:c2:13:48:c9:6e:61: 15:e5:2b:c8:2e:c2:3c:59:38:8d:4c:60:e0:e9:a4: cf:04:81:e0:63:ae:f6:ac:85:8d:cd:12:d5:d0:81: af:10:91:37:0f:e9:75:fa:1c:0f:3f:51:44:2c:57: 84:13:16:49:e1:b8:e0:c1:2b:ec:03:2c:cd:02:37: 2f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:F9:A8:41:28:1C:56:E6:63:D8:0C:EF:B0:EE:1E:24:FC:CA:F0:E3 X509v3 Authority Key Identifier: keyid:78:4E:C0:F0:FF:9D:6D:80:DC:9F:7D:CE:39:14:9F:C6:0F:96:14:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA69F/C665DF2233A311EFA5B49B23C4F9AE02/eE7A8P-dbYDcn33OORSfxg-WFJk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eE7A8P-dbYDcn33OORSfxg-WFJk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA69F/C665DF2233A311EFA5B49B23C4F9AE02/4FAF60B433A411EFB7A29C24C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df3:fa40::/48 Signature Algorithm: sha256WithRSAEncryption 3b:e6:fe:2d:55:5e:ff:af:98:e0:34:2f:28:67:76:f2:19:cb: 5e:58:cc:2d:0f:6a:3b:eb:e5:17:b2:2b:fa:37:b6:ce:fe:fe: 0a:44:15:e6:c4:43:c1:34:5d:1b:5d:ee:8e:d2:b1:f7:60:11: 9d:1d:18:3b:16:3d:e6:b9:15:66:de:d9:8b:e6:66:69:b8:d5: 04:48:67:1c:2d:84:3a:f4:43:7d:47:b7:9b:4f:75:c3:87:be: 99:f4:e2:b8:19:fb:45:21:0c:d1:7b:b6:93:82:2b:29:8d:5f: 6a:4b:1d:10:09:1c:c9:87:7e:12:d3:00:20:33:67:1f:c3:ce: 73:86:dc:f8:14:75:38:9a:d8:d2:45:9d:a5:a2:43:1f:c8:79: da:cb:29:05:f7:40:fa:ef:5d:66:ad:4d:5a:1a:c3:eb:73:c3: f1:18:d2:87:8d:54:4a:cd:a9:30:ae:3a:df:d1:92:08:cf:fb: 33:b6:1e:f1:e8:b4:90:d1:35:10:a6:7c:a6:15:fc:e8:e2:cb: c2:47:fc:0c:2b:b3:7a:95:47:9d:c7:3c:f3:70:14:41:2c:3f: 72:7c:eb:2e:80:77:31:83:6e:cc:c7:5c:e6:87:e4:04:43:dd: 58:69:64:59:b9:f9:34:54:d1:36:85:a9:25:59:e4:ed:c0:27: 1d:2c:bd:ad -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QTY5RjExMC8GA1UEBRMoNzg0RUMwRjBGRjlENkQ4MERDOUY3RENFMzkxNDlGQzYw Rjk2MTQ5OTAeFw0yNDA2MjYxMDEwMjhaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY2N2JlOTEzLWI0NWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDcNGORWoPllQPY1LbBLlT4gVYH31nJLUGypBmIwu1zL5PS3WhJ99i3/rQ0yUf2 b6HWF4kvBmKe7lNpdh9y/RGHyPZGJz7aiOIJXP+hu4mEFv6HI6AnnZaU+/bFyz6y r0Ho0UShuih+GIRDYTd1/Q4I9fYX3TmMGhSbTaLBVQYzYpteiC3zFc+InG8KeCfl /NeqyZtE9l4PFRAlj7GYXgrnqXUxrmMds/iek8O/cmWPxK8XUin+JZHNPuMaPMIT SMluYRXlK8guwjxZOI1MYODppM8EgeBjrvashY3NEtXQga8QkTcP6XX6HA8/UUQs V4QTFknhuODBK+wDLM0CNy9TAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUa/moQSgc VuZj2AzvsO4eJPzK8OMwHwYDVR0jBBgwFoAUeE7A8P+dbYDcn33OORSfxg+WFJkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZBNjlGL0M2NjVERjIyMzNB MzExRUZBNUI0OUIyM0M0RjlBRTAyL2VFN0E4UC1kYllEY24zM09PUlNmeGctV0ZK ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZUU3QThQLWRiWURjbjMzT09SU2Z4Zy1XRkprLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTY5Ri9DNjY1REYyMjMzQTMxMUVGQTVCNDlCMjNDNEY5QUUwMi80RkFGNjBCNDMz QTQxMUVGQjdBMjlDMjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHACABDfP6QDANBgkqhkiG9w0BAQsFAAOCAQEAO+b+LVVe/6+Y 4DQvKGd28hnLXljMLQ9qO+vlF7Ir+je2zv7+CkQV5sRDwTRdG13ujtKx92ARnR0Y OxY95rkVZt7Zi+ZmabjVBEhnHC2EOvRDfUe3m091w4e+mfTiuBn7RSEM0Xu2k4Ir KY1faksdEAkcyYd+EtMAIDNnH8POc4bc+BR1OJrY0kWdpaJDH8h52sspBfdA+u9d Zq1NWhrD63PD8RjSh41USs2pMK4639GSCM/7M7Ye8ei0kNE1EKZ8phX86OLLwkf8 DCuzepVHncc883AUQSw/cnzrLoB3MYNuzMdc5ofkBEPdWGlkWbn5NFTRNoWpJVnk 7cAnHSy9rQ== -----END CERTIFICATE-----Generated at Thu Nov 21 07:40:40 2024 by rpki-client on console-ams.rpki-client.org