$ rpki-client -vvf rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/8D6973CE77C311EE90D4BD46C4F9AE02.roa File: 8D6973CE77C311EE90D4BD46C4F9AE02.roa (raw, json) Hash identifier: 9fLp3FpzRgG8gTpa9Wdwux4sENLbjSpORh9XzAGvous= Subject key identifier: 16:91:EE:E7:E4:6F:12:E4:D7:1E:B4:54:0B:B2:7F:8D:11:A2:51:18 Certificate issuer: /CN=A914BC7A/serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09 Certificate serial: 35A6 Authority key identifier: 53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/8D6973CE77C311EE90D4BD46C4F9AE02.roa Signing time: Thu 30 Oct 2025 15:31:20 +0000 ROA not before: Thu 30 Oct 2025 15:31:20 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 142502 IP address blocks: 2405:8a00:ffff::/48 maxlen: 48 2409:e:e1::/48 maxlen: 48 2409:e:e2::/48 maxlen: 48 2409:e:e3::/48 maxlen: 48 2409:e:e5::/48 maxlen: 48 2409:e:e7::/48 maxlen: 48 2409:e:e9::/48 maxlen: 48 2409:e:ef::/48 maxlen: 48 2409:f:f2::/48 maxlen: 48 2409:f:f4::/48 maxlen: 48 240a:eabc:abce::/48 maxlen: 48 240a:eabc:abcf::/48 maxlen: 48 240a:eabc:dabc::/48 maxlen: 48 240a:eabc:dabd::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:23:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13734 (0x35a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914BC7A, serialNumber=5312F399A6F7EB0DDCD51C039F83F7B7A47A5F09 Validity Not Before: Oct 30 15:31:20 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=690384c7-0e71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:5b:67:fb:24:9f:8e:b7:95:ca:ee:e2:09:0b: 41:50:80:f6:e3:da:23:16:16:e7:f4:f5:ec:94:26: 84:7d:19:d4:61:2b:4b:74:9c:51:35:78:60:c6:44: c3:cd:be:c0:ba:7f:2f:4b:01:26:7f:d3:72:17:7f: 64:14:fe:58:9d:6b:e8:72:37:60:30:08:3a:ef:5e: 01:56:63:27:c5:d2:56:45:22:25:e7:3f:ec:bf:75: 6d:b3:9d:87:bd:85:a9:cf:8b:e4:77:f4:52:4a:f5: 21:0c:0e:ea:7b:70:c1:f4:93:69:f7:2b:d1:14:e2: db:75:55:6d:6a:2f:07:de:fb:46:56:73:7e:bd:dd: c3:05:43:8b:42:f5:60:ca:32:06:ad:9a:6e:6c:82: 73:4f:06:67:4f:fc:24:06:a9:33:a9:40:b5:35:c6: c1:3a:bf:35:50:ca:33:71:8b:61:d4:11:52:f1:08: 46:f0:c2:7c:51:62:48:68:e9:eb:21:15:e6:9c:81: b9:d4:3d:61:88:ce:29:2b:c7:0a:34:cc:65:6a:a3: 7a:8f:cc:ff:42:f6:22:70:e0:29:16:42:02:ee:71: 7f:fc:b6:49:c6:f7:7a:cc:61:73:f5:54:8e:55:34: 8f:75:4e:ad:0b:d6:7d:59:b3:8c:85:a6:d0:67:7c: 91:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:91:EE:E7:E4:6F:12:E4:D7:1E:B4:54:0B:B2:7F:8D:11:A2:51:18 X509v3 Authority Key Identifier: keyid:53:12:F3:99:A6:F7:EB:0D:DC:D5:1C:03:9F:83:F7:B7:A4:7A:5F:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/UxLzmab36w3c1RwDn4P3t6R6Xwk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UxLzmab36w3c1RwDn4P3t6R6Xwk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BC7A/4C528F78450311E2BDCA1F732979BB20/8D6973CE77C311EE90D4BD46C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2405:8a00:ffff::/48 2409:e:e1::-2409:e:e3:ffff:ffff:ffff:ffff:ffff 2409:e:e5::/48 2409:e:e7::/48 2409:e:e9::/48 2409:e:ef::/48 2409:f:f2::/48 2409:f:f4::/48 240a:eabc:abce::/47 240a:eabc:dabc::/47 Signature Algorithm: sha256WithRSAEncryption f6:63:91:51:a8:c4:c0:d0:95:f4:8e:4c:d6:54:ba:a7:da:d0: 6f:bf:27:bd:bd:ab:b8:8e:01:6a:a1:57:45:89:e7:24:f8:9d: f2:a7:8b:ce:21:b5:ec:93:e4:c6:64:35:d3:38:51:91:a2:d6: cd:a6:cb:b5:49:19:57:0d:19:1c:08:04:a4:28:13:e6:a5:7a: 2a:67:20:d7:24:08:d7:b3:7f:5d:f9:3e:f7:8f:bf:3b:4f:47: 44:77:3f:fe:6f:2f:0f:a6:b3:22:89:60:2b:2c:3f:d9:5c:86: f6:54:ce:50:a0:6e:21:e9:bc:d9:64:47:96:5e:c1:38:c4:39: 7d:0d:ef:60:f0:af:c0:59:3d:9c:67:60:a1:14:0e:7e:f3:73: 70:26:9b:0e:6d:79:7e:a6:25:ab:ad:0d:aa:7f:0e:86:b1:0d: ff:f4:ec:71:a9:54:30:26:b4:36:cf:6b:8a:18:f0:76:be:90: 87:f3:08:fd:96:88:4e:20:f8:7e:63:e4:83:63:a6:2b:e2:12: 43:48:8c:05:a9:6f:74:12:99:06:bb:a6:df:47:29:1b:f7:0e: ee:0b:b2:4f:f3:a1:31:0b:4a:a7:d3:f9:14:16:3f:1c:aa:27: aa:58:fa:44:c6:26:4d:58:20:f5:d8:20:3c:4f:a5:8a:0b:34: 4a:90:68:7f -----BEGIN CERTIFICATE----- MIIF0DCCBLigAwIBAgICNaYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEJDN0ExMTAvBgNVBAUTKDUzMTJGMzk5QTZGN0VCMEREQ0Q1MUMwMzlGODNGN0I3 QTQ3QTVGMDkwHhcNMjUxMDMwMTUzMTIwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAzODRjNy0wZTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmVtn+ySfjreVyu7iCQtBUID249ojFhbn9PXslCaEfRnUYStLdJxRNXhgxkTD zb7Aun8vSwEmf9NyF39kFP5YnWvocjdgMAg6714BVmMnxdJWRSIl5z/sv3Vts52H vYWpz4vkd/RSSvUhDA7qe3DB9JNp9yvRFOLbdVVtai8H3vtGVnN+vd3DBUOLQvVg yjIGrZpubIJzTwZnT/wkBqkzqUC1NcbBOr81UMozcYth1BFS8QhG8MJ8UWJIaOnr IRXmnIG51D1hiM4pK8cKNMxlaqN6j8z/QvYicOApFkIC7nF//LZJxvd6zGFz9VSO VTSPdU6tC9Z9WbOMhabQZ3yRFwIDAQABo4IC9DCCAvAwHQYDVR0OBBYEFBaR7ufk bxLk1x60VAuyf40RolEYMB8GA1UdIwQYMBaAFFMS85mm9+sN3NUcA5+D97ekel8J MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkM3QS80QzUyOEY3ODQ1 MDMxMUUyQkRDQTFGNzMyOTc5QkIyMC9VeEx6bWFiMzZ3M2MxUndEbjRQM3Q2UjZY d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1V4THptYWIzNnczYzFSd0RuNFAzdDZSNlh3ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEJDN0EvNEM1MjhGNzg0NTAzMTFFMkJEQ0ExRjczMjk3OUJCMjAvOEQ2OTczQ0U3 N0MzMTFFRTkwRDRCRDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfgYIKwYBBQUHAQcBAf8E bzBtMGsEAgACMGUDBwAkBYoA//8wEgMHACQJAA4A4QMHAiQJAA4A4AMHACQJAA4A 5QMHACQJAA4A5wMHACQJAA4A6QMHACQJAA4A7wMHACQJAA8A8gMHACQJAA8A9AMH ASQK6ryrzgMHASQK6rzavDANBgkqhkiG9w0BAQsFAAOCAQEA9mORUajEwNCV9I5M 1lS6p9rQb78nvb2ruI4BaqFXRYnnJPid8qeLziG17JPkxmQ10zhRkaLWzabLtUkZ Vw0ZHAgEpCgT5qV6Kmcg1yQI17N/Xfk+94+/O09HRHc//m8vD6azIolgKyw/2VyG 9lTOUKBuIem82WRHll7BOMQ5fQ3vYPCvwFk9nGdgoRQOfvNzcCabDm15fqYlq60N qn8OhrEN//TscalUMCa0Ns9rihjwdr6Qh/MI/ZaITiD4fmPkg2OmK+ISQ0iMBalv dBKZBrum30cpG/cO7guyT/OhMQtKp9P5FBY/HKonqlj6RMYmTVgg9dggPE+ligs0 SpBofw== -----END CERTIFICATE-----Generated at Wed Nov 5 19:47:09 2025 by rpki-client