$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/C37CCA126FE611EA9D9F5E67C4F9AE02.roa File: C37CCA126FE611EA9D9F5E67C4F9AE02.roa (raw, json) Hash identifier: L5z6CZuJjQUruU4WBLzzNr0zFcI7mWzwVCjhbt9gItQ= Subject key identifier: F1:A1:35:F3:0E:09:AB:A6:62:F5:41:F8:42:83:E0:2D:74:2C:C1:2E Certificate issuer: /CN=A91B6E73/serialNumber=4A17AF66A048FC81DAE8545F7E35D9DAABD40271 Certificate serial: 11CC Authority key identifier: 4A:17:AF:66:A0:48:FC:81:DA:E8:54:5F:7E:35:D9:DA:AB:D4:02:71 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShevZqBI_IHa6FRffjXZ2qvUAnE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/C37CCA126FE611EA9D9F5E67C4F9AE02.roa Signing time: Tue 24 Dec 2024 17:14:51 +0000 ROA not before: Tue 24 Dec 2024 17:14:51 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 64087 IP address blocks: 2403:a280:1000::/48 maxlen: 48 2403:a280:3000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/ShevZqBI_IHa6FRffjXZ2qvUAnE.crl rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/ShevZqBI_IHa6FRffjXZ2qvUAnE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShevZqBI_IHa6FRffjXZ2qvUAnE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:11:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4556 (0x11cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6E73, serialNumber=4A17AF66A048FC81DAE8545F7E35D9DAABD40271 Validity Not Before: Dec 24 17:14:51 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=676aec0b-e95d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:c1:bb:9e:3d:2d:59:3f:85:a8:a9:35:22:b6: d7:24:98:5b:d2:c1:6d:39:66:f9:35:ad:88:f9:c2: eb:56:45:91:e9:98:c3:81:dc:12:19:4f:f2:1b:e5: f2:c5:81:34:89:22:a9:3f:c5:42:58:df:b5:20:4e: bc:0c:f9:8e:d5:82:68:71:ac:21:21:86:05:b9:ca: b3:59:6d:e0:33:9a:60:47:72:d7:52:3b:af:1e:53: e6:15:2d:7d:c0:90:e0:32:d6:df:f3:51:d7:77:e9: 4d:e6:4b:d5:e1:09:e2:0f:32:d9:bb:87:d4:7e:74: 8c:f1:e8:88:4a:5c:6f:86:d9:7e:d2:79:7b:83:01: 5d:66:e8:6e:00:35:a8:b8:ed:77:ff:d4:8e:c5:29: 0d:01:f8:27:bc:af:7b:c2:b3:3c:01:9b:8f:ec:14: 0a:f2:82:be:b6:0f:54:65:f4:85:32:8f:fa:58:d6: 15:ef:66:94:50:36:d4:76:eb:d1:39:75:1f:97:da: 54:7b:44:d1:03:a0:4b:ff:94:8c:96:d3:6c:2c:2a: e2:98:2d:58:f1:f2:f4:5e:09:28:8f:33:a7:d9:5d: 0c:43:74:a9:d5:c5:a4:a5:74:e8:af:e8:4b:85:4d: 9c:67:5c:2c:e8:0c:85:f1:f0:e6:10:a1:cd:70:7e: 53:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:A1:35:F3:0E:09:AB:A6:62:F5:41:F8:42:83:E0:2D:74:2C:C1:2E X509v3 Authority Key Identifier: keyid:4A:17:AF:66:A0:48:FC:81:DA:E8:54:5F:7E:35:D9:DA:AB:D4:02:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/ShevZqBI_IHa6FRffjXZ2qvUAnE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ShevZqBI_IHa6FRffjXZ2qvUAnE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6E73/F41D40F2EA0911E8ADA2ED0CC4F9AE02/C37CCA126FE611EA9D9F5E67C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2403:a280:1000::/48 2403:a280:3000::/48 Signature Algorithm: sha256WithRSAEncryption 38:72:bd:16:ac:07:81:42:0b:bf:ca:bc:6d:fd:f1:27:a8:68: b4:f9:19:d3:30:d9:e5:8b:43:2d:b0:46:d7:18:bd:98:4e:e6: c3:50:43:ef:53:c0:96:92:02:07:6f:d0:78:5a:db:25:90:56: e2:2a:0f:b5:9d:35:87:29:0d:ed:bb:ff:ed:96:7a:98:6f:57: 6c:28:7a:12:35:a5:1f:be:a1:c3:94:78:6b:0e:a4:5d:f0:e2: 34:74:7a:1f:b2:48:bf:fe:3f:7c:65:04:3a:54:25:46:42:9b: ed:f0:f8:5c:dd:22:68:0a:06:9a:dd:7c:3d:e5:5f:15:0a:16: 3e:55:d3:ed:a4:1d:50:00:3f:c9:8e:3c:0b:b0:f3:a0:92:14: b1:3b:99:b4:ab:0f:09:a7:7f:31:60:27:67:a9:4b:59:6b:eb: 01:17:67:0c:bd:5f:3f:fa:f7:c5:37:27:ff:92:5a:24:e8:26: 16:9d:0e:ef:2b:69:15:64:f7:f2:55:4c:84:45:9f:f1:9d:4f: a7:34:1a:97:83:46:bb:16:d5:5a:00:51:bc:84:e2:79:8c:2d: c1:3d:a2:24:66:18:6a:08:8a:c1:9a:36:48:da:25:5b:18:03: 5f:12:4f:3f:81:fe:e7:64:f9:91:ad:df:d8:42:46:45:5c:79: 4b:59:12:23 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICEcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZFNzMxMTAvBgNVBAUTKDRBMTdBRjY2QTA0OEZDODFEQUU4NTQ1RjdFMzVEOURB QUJENDAyNzEwHhcNMjQxMjI0MTcxNDUxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02NzZhZWMwYi1lOTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo8G7nj0tWT+FqKk1IrbXJJhb0sFtOWb5Na2I+cLrVkWR6ZjDgdwSGU/yG+Xy xYE0iSKpP8VCWN+1IE68DPmO1YJocawhIYYFucqzWW3gM5pgR3LXUjuvHlPmFS19 wJDgMtbf81HXd+lN5kvV4QniDzLZu4fUfnSM8eiISlxvhtl+0nl7gwFdZuhuADWo uO13/9SOxSkNAfgnvK97wrM8AZuP7BQK8oK+tg9UZfSFMo/6WNYV72aUUDbUduvR OXUfl9pUe0TRA6BL/5SMltNsLCrimC1Y8fL0XgkojzOn2V0MQ3Sp1cWkpXTor+hL hU2cZ1ws6AyF8fDmEKHNcH5TdQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPGhNfMO CaumYvVB+EKD4C10LMEuMB8GA1UdIwQYMBaAFEoXr2agSPyB2uhUX3412dqr1AJx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkU3My9GNDFENDBGMkVB MDkxMUU4QURBMkVEMENDNEY5QUUwMi9TaGV2WnFCSV9JSGE2RlJmZmpYWjJxdlVB bkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NoZXZacUJJX0lIYTZGUmZmalhaMnF2VUFuRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjZFNzMvRjQxRDQwRjJFQTA5MTFFOEFEQTJFRDBDQzRGOUFFMDIvQzM3Q0NBMTI2 RkU2MTFFQTlEOUY1RTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgACMBIDBwAkA6KAEAADBwAkA6KAMAAwDQYJKoZIhvcNAQELBQADggEB ADhyvRasB4FCC7/KvG398SeoaLT5GdMw2eWLQy2wRtcYvZhO5sNQQ+9TwJaSAgdv 0Hha2yWQVuIqD7WdNYcpDe27/+2WephvV2woehI1pR++ocOUeGsOpF3w4jR0eh+y SL/+P3xlBDpUJUZCm+3w+FzdImgKBprdfD3lXxUKFj5V0+2kHVAAP8mOPAuw86CS FLE7mbSrDwmnfzFgJ2epS1lr6wEXZwy9Xz/698U3J/+SWiToJhadDu8raRVk9/JV TIRFn/GdT6c0GpeDRrsW1VoAUbyE4nmMLcE9oiRmGGoIisGaNkjaJVsYA18STz+B /udk+ZGt39hCRkVceUtZEiM= -----END CERTIFICATE-----Generated at Sat Apr 26 08:26:07 2025 by rpki-client