$ rpki-client -vvf rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/F098580828C511EFB2C79E5FC4F9AE02.roa File: F098580828C511EFB2C79E5FC4F9AE02.roa (raw, json) Hash identifier: ZUfin1OIZGO8yTcL/jXugUetKgXr+iry7w1sajlCYO8= Subject key identifier: 23:39:27:02:C1:AA:52:9A:71:8C:3E:CB:30:78:98:99:C2:AE:D4:B1 Certificate issuer: /CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A Certificate serial: 0233 Authority key identifier: 10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/F098580828C511EFB2C79E5FC4F9AE02.roa Signing time: Sun 01 Mar 2026 10:15:11 +0000 ROA not before: Wed 23 Jul 2025 04:09:40 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 151403 IP address blocks: 2401:aa0::/32 maxlen: 32 2401:aa0::/34 maxlen: 34 2401:aa0::/48 maxlen: 48 2401:aa0:1::/48 maxlen: 48 2401:aa0:2::/48 maxlen: 48 2401:aa0:3::/48 maxlen: 48 2401:aa0:4::/48 maxlen: 48 2401:aa0:5::/48 maxlen: 48 2401:aa0:6::/48 maxlen: 48 2401:aa0:7::/48 maxlen: 48 2401:aa0:8::/48 maxlen: 48 2401:aa0:4000::/34 maxlen: 34 2401:aa0:8000::/34 maxlen: 34 2401:aa0:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.crl rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:42:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 563 (0x233) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91383F0, serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A Validity Not Before: Jul 23 04:09:40 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a411af-de29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a4:f6:1e:3d:e0:a8:49:d2:70:5c:56:f8:bc: c0:cb:e4:b7:7e:89:a2:0b:c2:27:49:b6:10:a0:65: d4:6a:aa:9f:7f:76:b3:0e:3c:cb:80:1c:9e:1c:37: 60:14:53:ba:b6:bb:2f:86:e8:ed:5b:93:08:27:6d: 63:2b:ad:04:82:63:18:25:76:ce:7d:9b:ad:2a:d3: f3:ab:84:3a:1e:4c:3d:98:2e:c2:fe:e0:28:10:57: e4:4f:cb:5b:70:4f:f9:9a:1a:23:f9:7f:ec:27:25: 9e:78:37:b7:70:72:84:54:b9:09:55:5c:31:79:74: 1c:7c:da:5b:51:b1:35:e8:8a:32:68:b1:c8:5a:da: 86:d0:ed:cd:cb:de:58:e9:a0:94:de:02:5a:c0:b2: 57:af:51:b8:a8:88:05:34:6f:9f:6e:38:e1:ba:be: e5:7c:68:ae:64:69:f2:e5:4a:f4:e8:22:91:91:2f: 54:ce:e0:c2:ed:f8:3f:08:c9:25:37:f3:f4:9a:bc: fb:30:ef:93:17:2e:19:7e:86:48:6a:ef:22:ac:00: 42:3a:da:67:a2:2f:d6:da:cb:28:e1:49:3a:5c:8f: dc:5e:ba:b8:78:c0:31:f7:42:86:2e:bf:71:1b:1c: 6c:a2:2c:55:43:03:01:19:f6:e2:d0:06:9c:8a:26: 21:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:39:27:02:C1:AA:52:9A:71:8C:3E:CB:30:78:98:99:C2:AE:D4:B1 X509v3 Authority Key Identifier: keyid:10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/F098580828C511EFB2C79E5FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2401:aa0::/32 Signature Algorithm: sha256WithRSAEncryption b4:f4:06:c6:aa:8b:39:a3:9a:06:01:98:b6:a4:6a:db:2b:09: 08:80:9f:e7:ed:0f:7a:49:36:62:4b:5a:60:65:d8:a2:c0:44: a0:72:31:ac:18:3c:6a:65:b7:d1:19:83:b6:e3:98:4b:20:df: 05:c8:cf:8b:26:09:4c:c7:a3:21:2b:af:c4:32:cf:f2:63:71: cd:94:ac:c9:15:7d:44:cd:f0:e2:f3:5e:83:80:12:cd:dc:1f: ab:39:3f:e6:1d:02:8a:5a:ba:a9:69:eb:52:6c:f9:ad:3b:22: ee:6e:43:35:0c:1a:7d:21:cf:9b:96:7e:85:ef:9b:51:30:61: 6a:ae:2a:70:78:48:59:24:0c:f3:8e:82:93:41:3d:5b:9a:76: 5d:8e:8a:3e:51:1e:a7:7f:02:0a:fa:e4:b7:75:e3:09:86:48: a4:48:16:79:de:cd:1c:36:1f:a8:ab:e5:25:e7:bc:1a:1b:cb: 3a:75:08:99:17:12:40:f7:97:00:c7:a1:8e:1d:0e:f1:e3:ad: b4:a1:87:32:5d:40:68:74:aa:05:78:c5:c4:ad:2c:ec:78:3a: 06:bb:07:e5:0c:ad:62:04:03:45:1b:b4:6a:d9:b2:da:45:fa: 09:76:6a:0d:01:0e:ff:67:19:45:03:1a:40:6a:ea:73:8e:09: 62:af:3c:00 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgICAjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzgzRjAxMTAvBgNVBAUTKDEwMzZDMUUwRkZFMUNGQzM3RDY1NUQ4OUZBNjVENjVG RTIyRTFGN0EwHhcNMjUwNzIzMDQwOTQwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MTFhZi1kZTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuaT2Hj3gqEnScFxW+LzAy+S3fomiC8InSbYQoGXUaqqff3azDjzLgByeHDdg FFO6trsvhujtW5MIJ21jK60EgmMYJXbOfZutKtPzq4Q6Hkw9mC7C/uAoEFfkT8tb cE/5mhoj+X/sJyWeeDe3cHKEVLkJVVwxeXQcfNpbUbE16IoyaLHIWtqG0O3Ny95Y 6aCU3gJawLJXr1G4qIgFNG+fbjjhur7lfGiuZGny5Ur06CKRkS9UzuDC7fg/CMkl N/P0mrz7MO+TFy4ZfoZIau8irABCOtpnoi/W2sso4Uk6XI/cXrq4eMAx90KGLr9x GxxsoixVQwMBGfbi0AaciiYhWwIDAQABo4ICYTCCAl0wHQYDVR0OBBYEFCM5JwLB qlKacYw+yzB4mJnCrtSxMB8GA1UdIwQYMBaAFBA2weD/4c/DfWVdifpl1l/iLh96 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODNGMC9EQ0ZDQTZBMjBB ODMxMUVFOUU2QTkyNTBDNEY5QUUwMi9FRGJCNFBfaHo4TjlaVjJKLW1YV1gtSXVI M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VEYkI0UF9oejhOOVpWMkotbVhXWC1JdUgzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzgzRjAvRENGQ0E2QTIwQTgzMTFFRTlFNkE5MjUwQzRGOUFFMDIvRjA5ODU4MDgy OEM1MTFFRkIyQzc5RTVGQzRGOUFFMDIucm9hMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAEKoDANBgkqhkiG9w0BAQsFAAOCAQEAtPQGxqqLOaOaBgGYtqRq 2ysJCICf5+0Pekk2YktaYGXYosBEoHIxrBg8amW30RmDtuOYSyDfBcjPiyYJTMej ISuvxDLP8mNxzZSsyRV9RM3w4vNeg4ASzdwfqzk/5h0Cilq6qWnrUmz5rTsi7m5D NQwafSHPm5Z+he+bUTBhaq4qcHhIWSQM846Ck0E9W5p2XY6KPlEep38CCvrkt3Xj CYZIpEgWed7NHDYfqKvlJee8GhvLOnUImRcSQPeXAMehjh0O8eOttKGHMl1AaHSq BXjFxK0s7Hg6BrsH5QytYgQDRRu0atmy2kX6CXZqDQEO/2cZRQMaQGrqc44JYq88 AA== -----END CERTIFICATE-----Generated at Mon Mar 2 06:17:17 2026 by rpki-client