$ rpki-client -vvf rpki.rand.apnic.net/repo/A91872ED0001/0/323430383a323030303a3a2f32342d3234203d3e2034363038.roa File: 323430383a323030303a3a2f32342d3234203d3e2034363038.roa (raw, json) Hash identifier: xvKfJAUQahRZdnZG06aeSaekVC7XFXOs5bCAlRAA2tM= Subject key identifier: 16:7C:C8:89:EF:54:53:42:C6:04:37:C9:A8:A6:97:FA:5A:F8:3D:D9 Certificate issuer: /CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1 Certificate serial: 660E226E88BADB598D588F048DED6D18DA5F357C Authority key identifier: C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer Subject info access: rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/323430383a323030303a3a2f32342d3234203d3e2034363038.roa Signing time: Tue 10 Sep 2024 15:52:31 +0000 ROA not before: Tue 10 Sep 2024 15:47:31 +0000 ROA not after: Tue 09 Sep 2025 15:52:31 +0000 asID: 4608 IP address blocks: 2408:2000::/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.crl rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Nov 2024 13:04:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:0e:22:6e:88:ba:db:59:8d:58:8f:04:8d:ed:6d:18:da:5f:35:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1 Validity Not Before: Sep 10 15:47:31 2024 GMT Not After : Sep 9 15:52:31 2025 GMT Subject: CN=167CC889EF545342C60437C9A8A697FA5AF83DD9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:fc:a0:c4:23:6e:47:36:9d:4f:72:2b:8e:92: 0b:33:3f:df:e0:2f:6e:00:5c:0f:87:a3:37:ad:62: 70:18:e5:fe:67:92:f1:07:80:10:be:20:5a:74:f8: 7b:fa:27:60:64:26:25:47:f3:09:c3:75:4a:13:b8: d5:d8:75:ad:c5:0f:de:ab:9a:cd:f5:22:fa:3a:21: f5:67:f6:df:45:d8:ba:8b:ce:1f:be:e4:de:4a:45: db:bb:9b:15:74:00:95:d1:0e:69:95:d0:08:86:a2: 00:e9:69:eb:70:9b:c4:93:0e:2c:cf:06:eb:0f:0b: a5:ff:e2:ac:ee:c3:b5:7c:6b:09:0e:b9:1e:80:99: a2:48:73:d8:86:eb:f8:19:54:43:31:ed:0d:59:34: 9f:79:ea:0f:28:14:b3:74:d7:cb:4b:36:97:b9:0a: 4f:54:b0:0a:00:2b:87:06:62:7e:30:66:dd:12:75: 8f:27:30:1f:bc:30:e3:bd:a8:74:00:45:7a:87:e4: 8f:e5:bc:c9:3b:e0:3a:5c:06:46:80:33:a8:1e:fe: ab:7b:b4:41:70:28:ff:04:b1:a8:15:ec:9c:71:e7: 92:ec:48:e8:6f:6c:fe:75:47:44:63:39:59:30:b7: 02:c8:6d:61:54:70:32:01:2b:cd:f2:fe:4b:3c:02: c6:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:7C:C8:89:EF:54:53:42:C6:04:37:C9:A8:A6:97:FA:5A:F8:3D:D9 X509v3 Authority Key Identifier: keyid:C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer Subject Information Access: Signed Object - URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/323430383a323030303a3a2f32342d3234203d3e2034363038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2408:2000::/24 Signature Algorithm: sha256WithRSAEncryption 6d:e3:d9:7d:1f:0b:f3:53:0e:25:af:c9:07:7c:19:e2:a1:fa: ca:10:cd:1a:e3:25:3e:71:4d:b3:63:91:dd:4d:f9:0e:a0:4d: c3:fa:ab:ee:08:93:b8:c1:b5:0b:4b:0f:ec:c4:38:d8:26:d1: 95:98:4e:09:aa:e9:7c:e8:05:c9:d9:a2:0d:5f:8d:7b:4b:51: f7:f7:85:6b:ea:57:4f:ea:cf:46:b9:c9:49:fd:4f:53:bd:c4: b4:29:2f:b2:ee:11:f5:3e:9a:f9:ed:5b:3c:53:33:ec:d8:0a: 04:6e:c8:3c:9a:a0:dc:a3:eb:b7:57:83:cb:d6:bf:51:6a:54: 67:03:51:7e:0f:df:b3:4d:97:2e:76:90:9e:57:6c:0a:cf:06: 6d:b1:2f:97:9d:52:6d:c1:48:69:7e:30:6d:7d:bb:4e:0d:0c: 70:78:45:9e:59:44:f1:1a:18:b7:bc:db:cd:34:95:ee:52:d1: 04:97:68:03:66:14:83:bc:64:34:22:39:91:a3:a9:0b:49:3a: db:7a:37:a4:1c:b7:81:7a:c6:94:a7:29:4c:53:41:73:50:54: 25:36:36:48:30:68:e7:17:2e:15:9e:4a:20:bc:0d:33:e8:54: 67:cd:79:a2:67:ec:b0:c4:c7:74:fb:73:fb:84:90:17:15:b4: 91:4f:11:f2 -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgIUZg4iboi621mNWI8Eje1tGNpfNXwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODcyRUQwMDAxMTEwLwYDVQQFEyhDMDkwNkExOUE3 REUzNDlCRkEyQjMyQjNDM0VCNEMyRDE3NzYwQ0UxMB4XDTI0MDkxMDE1NDczMVoX DTI1MDkwOTE1NTIzMVowMzExMC8GA1UEAxMoMTY3Q0M4ODlFRjU0NTM0MkM2MDQz N0M5QThBNjk3RkE1QUY4M0REOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMP8oMQjbkc2nU9yK46SCzM/3+AvbgBcD4ejN61icBjl/meS8QeAEL4gWnT4 e/onYGQmJUfzCcN1ShO41dh1rcUP3quazfUi+joh9Wf230XYuovOH77k3kpF27ub FXQAldEOaZXQCIaiAOlp63CbxJMOLM8G6w8Lpf/irO7DtXxrCQ65HoCZokhz2Ibr +BlUQzHtDVk0n3nqDygUs3TXy0s2l7kKT1SwCgArhwZifjBm3RJ1jycwH7ww472o dABFeofkj+W8yTvgOlwGRoAzqB7+q3u0QXAo/wSxqBXsnHHnkuxI6G9s/nVHRGM5 WTC3AshtYVRwMgErzfL+SzwCxn8CAwEAAaOCAgMwggH/MB0GA1UdDgQWBBQWfMiJ 71RTQsYEN8moppf6Wvg92TAfBgNVHSMEGDAWgBTAkGoZp940m/orMrPD60wtF3YM 4TAOBgNVHQ8BAf8EBAMCB4AwbQYDVR0fBGYwZDBioGCgXoZccnN5bmM6Ly9ycGtp LnJhbmQuYXBuaWMubmV0L3JlcG8vQTkxODcyRUQwMDAxLzAvQzA5MDZBMTlBN0RF MzQ5QkZBMkIzMkIzQzNFQjRDMkQxNzc2MENFMS5jcmwwfgYIKwYBBQUHAQEEcjBw MG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv QjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd0pCcUdhZmVOSnY2S3pL enctdE1MUmQyRE9FLmNlcjCBggYIKwYBBQUHAQsEdjB0MHIGCCsGAQUFBzALhmZy c3luYzovL3Jwa2kucmFuZC5hcG5pYy5uZXQvcmVwby9BOTE4NzJFRDAwMDEvMC8z MjM0MzAzODNhMzIzMDMwMzAzYTNhMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM2MzAz OC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAIwBgMEACQIIDANBgkqhkiG9w0BAQsFAAOCAQEAbePZfR8L81MOJa/J B3wZ4qH6yhDNGuMlPnFNs2OR3U35DqBNw/qr7giTuMG1C0sP7MQ42CbRlZhOCarp fOgFydmiDV+Ne0tR9/eFa+pXT+rPRrnJSf1PU73EtCkvsu4R9T6a+e1bPFMz7NgK BG7IPJqg3KPrt1eDy9a/UWpUZwNRfg/fs02XLnaQnldsCs8GbbEvl51SbcFIaX4w bX27Tg0McHhFnllE8RoYt7zbzTSV7lLRBJdoA2YUg7xkNCI5kaOpC0k623o3pBy3 gXrGlKcpTFNBc1BUJTY2SDBo5xcuFZ5KILwNM+hUZ815omfssMTHdPtz+4SQFxW0 kU8R8g== -----END CERTIFICATE-----Generated at Sat Nov 23 13:14:42 2024 by rpki-client on console-fra.rpki-client.org