$ rpki-client -vvf rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/F552E6BA05A111F082D17325C4F9AE02.roa File: F552E6BA05A111F082D17325C4F9AE02.roa (raw, json) Hash identifier: IboM73984syJmuqfIfDKvmHL/HfnKXEhHqhYyaPXIGg= Subject key identifier: 7B:B5:54:6A:99:6F:C3:36:61:98:83:84:E8:BE:0F:A7:4E:61:7D:34 Certificate issuer: /CN=A9167FBA/serialNumber=153C98D3313CC64EDB9AE15ABA3B543E48045990 Certificate serial: 03 Authority key identifier: 15:3C:98:D3:31:3C:C6:4E:DB:9A:E1:5A:BA:3B:54:3E:48:04:59:90 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FTyY0zE8xk7bmuFaujtUPkgEWZA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/F552E6BA05A111F082D17325C4F9AE02.roa Signing time: Thu 20 Mar 2025 15:42:41 +0000 ROA not before: Thu 20 Mar 2025 15:42:41 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 153469 IP address blocks: 2401:dce0::/32 maxlen: 32 2401:dce0::/48 maxlen: 48 2401:dce0:1::/48 maxlen: 48 2401:dce0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/FTyY0zE8xk7bmuFaujtUPkgEWZA.crl rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/FTyY0zE8xk7bmuFaujtUPkgEWZA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FTyY0zE8xk7bmuFaujtUPkgEWZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167FBA, serialNumber=153C98D3313CC64EDB9AE15ABA3B543E48045990 Validity Not Before: Mar 20 15:42:41 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67dc3771-c9f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:02:42:42:a3:ef:6c:8e:4d:ce:71:83:30:e4: 4e:4b:fe:5f:25:f2:d3:06:6c:33:a3:bb:7e:de:d1: af:5b:da:28:c0:47:fd:1d:e8:61:bf:cb:a7:52:04: 90:ab:8c:4d:de:b3:f0:ed:fa:3a:05:a0:b5:3b:f1: 4d:bf:c7:d1:52:eb:5b:4b:60:9a:ae:55:57:d9:81: 43:b8:09:d7:54:3e:07:c2:c5:55:1a:d7:25:b5:ad: 88:fb:8f:39:a8:11:bf:dc:b7:2e:d5:1e:77:93:72: 0b:96:26:b3:f6:49:ec:53:52:49:49:e7:37:65:61: 1d:7f:04:05:c6:e6:30:bd:a5:09:c4:5c:39:cf:aa: 7c:21:05:c0:35:54:ef:2f:62:b5:f5:31:2a:ae:8d: 47:79:ab:e1:16:6e:d7:f8:b8:43:56:59:72:8f:ec: 97:82:c8:53:6d:b2:0b:43:34:0d:28:8a:e3:05:fd: fb:1b:df:5e:ae:ef:b3:0b:5e:f5:f6:8a:2b:aa:77: 8a:92:9d:c1:3c:c2:e8:b2:9a:82:43:bb:a4:fc:0a: a9:3e:09:32:07:e4:6e:bf:d7:c8:82:05:65:b4:12: 67:42:a3:2a:e7:d4:52:3f:08:35:40:1c:cb:8b:b6: 26:42:da:fc:cb:93:e4:8d:eb:d1:b1:22:bc:d6:8c: 7d:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:B5:54:6A:99:6F:C3:36:61:98:83:84:E8:BE:0F:A7:4E:61:7D:34 X509v3 Authority Key Identifier: keyid:15:3C:98:D3:31:3C:C6:4E:DB:9A:E1:5A:BA:3B:54:3E:48:04:59:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/FTyY0zE8xk7bmuFaujtUPkgEWZA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FTyY0zE8xk7bmuFaujtUPkgEWZA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/F552E6BA05A111F082D17325C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:dce0::/32 Signature Algorithm: sha256WithRSAEncryption 48:9b:c3:42:c5:bb:51:19:44:68:35:18:16:7f:70:0f:27:82: 6e:38:7c:cf:e5:3b:8a:6b:3d:ed:8c:17:d9:da:b6:1f:f7:fd: a6:01:95:72:2c:0b:4e:40:f2:0c:96:bd:c7:fd:8e:26:07:a3: 18:74:75:c5:b8:43:70:8d:b1:b4:50:38:c0:25:b6:c5:2c:2a: da:32:53:e3:75:12:2a:5e:d7:24:90:d5:3e:20:c3:62:ca:2d: 02:21:64:34:bd:77:f2:f6:b9:81:7f:df:56:f0:46:2e:d9:ed: 05:dc:b6:8f:70:7a:84:ec:4e:ed:28:76:55:e4:98:2a:be:bb: 2e:20:7f:f5:44:3a:75:da:19:2e:9f:60:b5:e7:ca:cb:56:f2: 54:05:46:0c:56:09:6b:6f:d2:d6:6b:4f:f6:ac:02:c9:47:b7: cf:0d:95:cb:5c:c4:5d:2d:49:3e:1f:7f:c1:0b:b4:dc:90:40: a0:4b:09:bd:ec:ca:cb:22:17:1d:2e:b3:9e:47:43:47:d8:32: a7:ea:30:34:01:71:96:8e:59:cc:40:0e:d5:97:2c:ec:e0:be: 3e:0e:44:c0:91:5e:c9:86:67:2f:64:b0:b0:97:47:2f:87:49: ae:f5:c5:15:76:02:7c:b9:fd:38:3d:9c:3e:3c:87:b3:e6:2d: 8c:5b:eb:b5 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 N0ZCQTExMC8GA1UEBRMoMTUzQzk4RDMzMTNDQzY0RURCOUFFMTVBQkEzQjU0M0U0 ODA0NTk5MDAeFw0yNTAzMjAxNTQyNDFaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZGMzNzcxLWM5ZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDcAkJCo+9sjk3OcYMw5E5L/l8l8tMGbDOju37e0a9b2ijAR/0d6GG/y6dSBJCr jE3es/Dt+joFoLU78U2/x9FS61tLYJquVVfZgUO4CddUPgfCxVUa1yW1rYj7jzmo Eb/cty7VHneTcguWJrP2SexTUklJ5zdlYR1/BAXG5jC9pQnEXDnPqnwhBcA1VO8v YrX1MSqujUd5q+EWbtf4uENWWXKP7JeCyFNtsgtDNA0oiuMF/fsb316u77MLXvX2 iiuqd4qSncE8wuiymoJDu6T8Cqk+CTIH5G6/18iCBWW0EmdCoyrn1FI/CDVAHMuL tiZC2vzLk+SN69GxIrzWjH3LAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUe7VUaplv wzZhmIOE6L4Pp05hfTQwHwYDVR0jBBgwFoAUFTyY0zE8xk7bmuFaujtUPkgEWZAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3RkJBLzRCNkUwMEZDMDQ4 RjExRjA4NzJFODU0N0M0RjlBRTAyL0ZUeVkwekU4eGs3Ym11RmF1anRVUGtnRVda QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRlR5WTB6RTh4azdibXVGYXVqdFVQa2dFV1pBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0ZCQS80QjZFMDBGQzA0OEYxMUYwODcyRTg1NDdDNEY5QUUwMi9GNTUyRTZCQTA1 QTExMUYwODJEMTczMjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR MA8wDQQCAAIwBwMFACQB3OAwDQYJKoZIhvcNAQELBQADggEBAEibw0LFu1EZRGg1 GBZ/cA8ngm44fM/lO4prPe2MF9nath/3/aYBlXIsC05A8gyWvcf9jiYHoxh0dcW4 Q3CNsbRQOMAltsUsKtoyU+N1Eipe1ySQ1T4gw2LKLQIhZDS9d/L2uYF/31bwRi7Z 7QXcto9weoTsTu0odlXkmCq+uy4gf/VEOnXaGS6fYLXnystW8lQFRgxWCWtv0tZr T/asAslHt88NlctcxF0tST4ff8ELtNyQQKBLCb3syssiFx0us55HQ0fYMqfqMDQB cZaOWcxADtWXLOzgvj4ORMCRXsmGZy9ksLCXRy+HSa71xRV2Any5/Tg9nD48h7Pm LYxb67U= -----END CERTIFICATE-----Generated at Wed Nov 5 20:05:55 2025 by rpki-client