$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa File: D0CDFEEA406E11EFA085272AC4F9AE02.roa (raw, json) Hash identifier: Ls+MqXGV/peb18S4iXh7J0QZNFdZuOz4J59MYeTRfFI= Subject key identifier: B6:9C:6B:A0:36:96:29:2B:0E:EC:7D:E5:4D:71:91:CC:AA:2B:88:5F Certificate issuer: /CN=A91F9E0A/serialNumber=3D5946003EEE548AD95D796CB188B751C57CDAC8 Certificate serial: 62 Authority key identifier: 3D:59:46:00:3E:EE:54:8A:D9:5D:79:6C:B1:88:B7:51:C5:7C:DA:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa Signing time: Fri 03 Jan 2025 16:23:58 +0000 ROA not before: Fri 03 Jan 2025 16:23:58 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 152900 IP address blocks: 2401:a4a0:1::/48 maxlen: 48 2401:a4a0:2::/48 maxlen: 48 2401:a4a0:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.crl rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:21:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 98 (0x62) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9E0A, serialNumber=3D5946003EEE548AD95D796CB188B751C57CDAC8 Validity Not Before: Jan 3 16:23:58 2025 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=67780f1e-6168 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d7:27:59:6f:33:44:16:b0:c7:fc:e7:55:d2: 7e:ef:29:2f:55:29:58:86:dc:d3:3a:6d:e1:cd:f0: f6:ee:6b:9b:92:b1:f7:bd:74:91:d7:a0:e1:bc:8a: b5:c0:20:77:c9:4f:b1:14:a7:fc:a9:2a:7e:1e:76: 61:5a:d7:e4:02:d9:3a:1c:b6:51:46:20:ca:c6:9a: 22:0b:7e:6b:74:d6:63:1a:bf:94:5e:14:63:bc:e8: ce:97:6f:18:8c:81:79:7b:ef:86:88:88:84:12:6e: 63:69:03:c9:8f:db:84:d9:7e:a6:4f:c2:db:8a:33: 6b:b3:06:ce:17:45:99:22:7b:40:22:2c:ef:1a:3b: ff:6b:42:b1:e2:cc:5f:75:fc:83:3b:ac:8f:af:74: 4b:d1:30:8b:d9:8f:7b:9d:43:de:4c:2d:11:0a:7a: d9:2f:d7:61:20:be:e3:b9:99:96:2a:bd:cd:a3:2e: 11:be:71:12:7f:d5:f5:29:67:13:8b:9e:ef:63:89: 65:9e:e2:de:0a:b4:31:1b:fc:89:aa:25:e5:8b:86: 3a:9a:fd:88:43:9f:e3:86:2f:b3:99:f1:33:bd:fc: 05:e8:62:d9:dc:36:32:cd:1c:10:5c:96:b1:1f:c8: 1a:d6:c2:7a:2f:d3:21:34:a6:2b:0d:83:65:7f:83: c9:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:9C:6B:A0:36:96:29:2B:0E:EC:7D:E5:4D:71:91:CC:AA:2B:88:5F X509v3 Authority Key Identifier: keyid:3D:59:46:00:3E:EE:54:8A:D9:5D:79:6C:B1:88:B7:51:C5:7C:DA:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:a4a0:1::-2401:a4a0:3:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 80:60:af:48:88:63:e8:b1:d8:ca:26:b8:30:17:96:60:5b:dc: eb:09:64:41:a4:ec:72:27:25:6f:35:80:65:c7:eb:00:d6:78: eb:2e:55:a7:66:79:b2:ca:06:bc:a3:49:6e:98:76:73:ce:f0: ab:93:44:1a:4c:45:71:8e:0c:f7:a9:20:b5:15:f3:6c:b3:42: a5:f1:94:9a:37:6e:45:de:cf:1b:ab:11:5a:0a:6f:06:4c:41: 8b:07:e8:4d:70:45:e1:08:84:ca:6c:d8:f2:7a:33:7a:5d:aa: c8:25:49:c8:34:f1:90:7e:c3:f8:19:af:3f:14:a9:6f:7a:66: 14:ee:72:f9:af:15:70:94:99:32:ae:7f:dd:2e:15:fc:e8:c8: b5:3b:05:b7:11:82:ec:aa:2c:46:1c:1e:b5:31:79:36:f0:eb: 57:92:0e:5d:bb:da:1d:1f:66:e0:89:e5:d9:c6:3d:60:be:a9: a4:4f:d5:39:8e:50:22:c1:89:04:95:a7:2e:4b:39:2f:22:92: c2:92:e7:00:f1:94:a4:ae:3c:7a:d3:f4:7f:8f:a1:66:39:f7: 7d:8e:28:6a:8d:ee:a8:0b:53:d9:30:b3:99:d9:f1:16:2e:05: 5c:f7:f3:d3:aa:9a:47:cb:04:52:3e:d7:09:c3:d8:a0:c4:5a: a5:ba:6d:1c -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgIBYjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG OUUwQTExMC8GA1UEBRMoM0Q1OTQ2MDAzRUVFNTQ4QUQ5NUQ3OTZDQjE4OEI3NTFD NTdDREFDODAeFw0yNTAxMDMxNjIzNThaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY3NzgwZjFlLTYxNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCy1ydZbzNEFrDH/OdV0n7vKS9VKViG3NM6beHN8Pbua5uSsfe9dJHXoOG8irXA IHfJT7EUp/ypKn4edmFa1+QC2ToctlFGIMrGmiILfmt01mMav5ReFGO86M6XbxiM gXl774aIiIQSbmNpA8mP24TZfqZPwtuKM2uzBs4XRZkie0AiLO8aO/9rQrHizF91 /IM7rI+vdEvRMIvZj3udQ95MLREKetkv12EgvuO5mZYqvc2jLhG+cRJ/1fUpZxOL nu9jiWWe4t4KtDEb/ImqJeWLhjqa/YhDn+OGL7OZ8TO9/AXoYtncNjLNHBBclrEf yBrWwnov0yE0pisNg2V/g8npAgMBAAGjggKjMIICnzAdBgNVHQ4EFgQUtpxroDaW KSsO7H3lTXGRzKoriF8wHwYDVR0jBBgwFoAUPVlGAD7uVIrZXXlssYi3UcV82sgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY5RTBBLzBCRDk4NUU4M0U2 OTExRUZBMkNFNjc2QUM0RjlBRTAyL1BWbEdBRDd1VklyWlhYbHNzWWkzVWNWODJz Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUFZsR0FEN3VWSXJaWFhsc3NZaTNVY1Y4MnNnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OUUwQS8wQkQ5ODVFODNFNjkxMUVGQTJDRTY3NkFDNEY5QUUwMi9EMENERkVFQTQw NkUxMUVGQTA4NTI3MkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAtBggrBgEFBQcBBwEB/wQe MBwwGgQCAAIwFDASAwcAJAGkoAABAwcCJAGkoAAAMA0GCSqGSIb3DQEBCwUAA4IB AQCAYK9IiGPosdjKJrgwF5ZgW9zrCWRBpOxyJyVvNYBlx+sA1njrLlWnZnmyyga8 o0lumHZzzvCrk0QaTEVxjgz3qSC1FfNss0Kl8ZSaN25F3s8bqxFaCm8GTEGLB+hN cEXhCITKbNjyejN6XarIJUnINPGQfsP4Ga8/FKlvemYU7nL5rxVwlJkyrn/dLhX8 6Mi1OwW3EYLsqixGHB61MXk28OtXkg5du9odH2bgieXZxj1gvqmkT9U5jlAiwYkE lacuSzkvIpLCkucA8ZSkrjx60/R/j6FmOfd9jihqje6oC1PZMLOZ2fEWLgVc9/PT qppHywRSPtcJw9igxFqlum0c -----END CERTIFICATE-----Generated at Sat Apr 26 08:13:16 2025 by rpki-client