$ rpki-client -vvf rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/5BE6836E501B11F0928AD730C4F9AE02.roa File: 5BE6836E501B11F0928AD730C4F9AE02.roa (raw, json) Hash identifier: 64RDTBNuccDdoIvEJOJA8ogdzC5IFskACfXeFbwpVtc= Subject key identifier: F6:05:24:50:22:10:1E:6A:E0:3F:A5:89:F4:25:57:20:D9:A6:A9:CF Certificate issuer: /CN=A91685E9/serialNumber=F698B5B47A06D5307DEC608969063074B68FF5CA Certificate serial: A1 Authority key identifier: F6:98:B5:B4:7A:06:D5:30:7D:EC:60:89:69:06:30:74:B6:8F:F5:CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pi1tHoG1TB97GCJaQYwdLaP9co.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/5BE6836E501B11F0928AD730C4F9AE02.roa Signing time: Mon 25 Aug 2025 18:52:35 +0000 ROA not before: Mon 25 Aug 2025 18:52:35 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 152565 IP address blocks: 2401:e920::/33 maxlen: 33 2401:e920:8000::/34 maxlen: 34 2401:e920:c00c::/48 maxlen: 48 2401:e920:fffb::/48 maxlen: 48 2401:e920:fffc::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/9pi1tHoG1TB97GCJaQYwdLaP9co.crl rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/9pi1tHoG1TB97GCJaQYwdLaP9co.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pi1tHoG1TB97GCJaQYwdLaP9co.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 06:25:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 161 (0xa1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91685E9, serialNumber=F698B5B47A06D5307DEC608969063074B68FF5CA Validity Not Before: Aug 25 18:52:35 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=68acb0f3-2691 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:9f:15:ea:60:c5:47:c1:f2:ce:9d:ac:07:26: dd:d1:2a:f4:03:f9:6b:25:41:c5:70:61:df:c6:00: 6c:a3:55:ea:6d:06:2a:ea:76:b9:10:20:23:37:40: 09:55:68:38:2b:87:8b:52:2f:e1:3c:0b:e4:6d:1c: cb:5e:00:fa:1e:17:d3:68:24:34:20:9c:e8:6e:79: cb:03:71:5b:e3:26:00:d7:78:14:c0:ff:de:ec:bb: 53:b7:2a:bb:f9:1d:0f:20:02:36:13:b6:3d:43:1d: 8c:ce:7b:1a:9b:c5:b5:05:80:e8:48:d1:a7:5e:15: 0a:d6:21:a2:b7:94:34:bb:3b:4d:97:93:66:cd:3f: d8:10:d7:e2:18:96:8c:9c:9a:46:47:ef:b5:6f:92: 45:eb:cc:5b:1a:f8:ea:a8:aa:b5:1f:ae:6c:f7:72: 92:e7:a6:94:0b:2c:ff:b7:4a:fc:bb:70:17:97:65: a8:5e:4b:d9:ff:55:26:be:a9:c1:24:4f:9f:38:89: ed:ba:b9:c1:2b:ea:72:2e:5c:b7:a7:78:88:0d:a8: 35:f8:22:69:7e:a4:58:a7:f4:24:e1:4f:92:df:2e: 07:49:e2:2f:45:fd:b6:80:f4:c1:6f:2d:ce:52:07: 60:4b:a0:02:b5:10:c9:9c:70:3b:7b:8f:66:ca:03: 9d:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:05:24:50:22:10:1E:6A:E0:3F:A5:89:F4:25:57:20:D9:A6:A9:CF X509v3 Authority Key Identifier: keyid:F6:98:B5:B4:7A:06:D5:30:7D:EC:60:89:69:06:30:74:B6:8F:F5:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/9pi1tHoG1TB97GCJaQYwdLaP9co.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pi1tHoG1TB97GCJaQYwdLaP9co.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/5BE6836E501B11F0928AD730C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:e920::-2401:e920:bfff:ffff:ffff:ffff:ffff:ffff 2401:e920:c00c::/48 2401:e920:fffb::-2401:e920:fffc:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 3d:af:0c:b5:2a:cf:59:5f:b5:7e:ea:ad:21:d1:da:78:ff:3e: 3c:b0:e2:85:dd:93:6b:df:75:f0:87:f1:fe:83:4c:a6:93:4f: 4b:01:a1:61:23:92:2d:6a:db:48:19:ba:b3:de:32:0e:83:45: ea:a7:97:73:f8:71:11:92:b2:fd:8e:f4:81:df:ba:c3:62:62: af:83:33:71:67:de:39:89:ba:8d:27:69:4f:fe:74:4c:4f:69: 98:76:b9:7d:5f:7f:57:9b:a7:92:f4:80:ca:ed:c1:ce:a5:6f: d8:ed:46:d4:b6:af:c9:68:9f:80:9c:ac:ae:84:57:02:0d:91: 29:d2:ff:3a:a7:fb:c3:19:fc:d8:85:ff:1a:89:ea:ac:98:73: 8f:49:1e:62:ea:38:92:e7:15:cf:89:f5:42:17:dc:c0:af:00: 70:67:5a:cd:8c:7d:18:d6:12:61:c7:c9:5f:22:49:dd:ad:ae: 0b:e5:d8:cf:d1:43:51:cf:b3:b6:a6:05:e2:c4:96:85:1d:91: 09:51:42:e2:92:51:e9:52:7c:8a:78:5a:fe:ed:52:e3:28:c7: d9:e5:9c:53:42:ea:74:92:86:07:9c:fb:b9:3d:a1:82:1e:a5: f1:b3:a1:b3:3a:f6:a3:cb:15:00:34:3e:31:a3:cd:22:c2:36: bf:22:60:ad -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njg1RTkxMTAvBgNVBAUTKEY2OThCNUI0N0EwNkQ1MzA3REVDNjA4OTY5MDYzMDc0 QjY4RkY1Q0EwHhcNMjUwODI1MTg1MjM1WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGFjYjBmMy0yNjkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1p8V6mDFR8Hyzp2sBybd0Sr0A/lrJUHFcGHfxgBso1XqbQYq6na5ECAjN0AJ VWg4K4eLUi/hPAvkbRzLXgD6HhfTaCQ0IJzobnnLA3Fb4yYA13gUwP/e7LtTtyq7 +R0PIAI2E7Y9Qx2Mznsam8W1BYDoSNGnXhUK1iGit5Q0uztNl5NmzT/YENfiGJaM nJpGR++1b5JF68xbGvjqqKq1H65s93KS56aUCyz/t0r8u3AXl2WoXkvZ/1UmvqnB JE+fOInturnBK+pyLly3p3iIDag1+CJpfqRYp/Qk4U+S3y4HSeIvRf22gPTBby3O UgdgS6ACtRDJnHA7e49mygOdEQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFPYFJFAi EB5q4D+lifQlVyDZpqnPMB8GA1UdIwQYMBaAFPaYtbR6BtUwfexgiWkGMHS2j/XK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODVFOS9DOTI4MDQzQUQx NzYxMUVGOTVDNURFNUFDNEY5QUUwMi85cGkxdEhvRzFUQjk3R0NKYVFZd2RMYVA5 Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlwaTF0SG9HMVRCOTdHQ0phUVl3ZExhUDljby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Njg1RTkvQzkyODA0M0FEMTc2MTFFRjk1QzVERTVBQzRGOUFFMDIvNUJFNjgzNkU1 MDFCMTFGMDkyOEFENzMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E ODA2MDQEAgACMC4wDwMFBSQB6SADBgYkAekggAMHACQB6SDADDASAwcAJAHpIP/7 AwcAJAHpIP/8MA0GCSqGSIb3DQEBCwUAA4IBAQA9rwy1Ks9ZX7V+6q0h0dp4/z48 sOKF3ZNr33Xwh/H+g0ymk09LAaFhI5ItattIGbqz3jIOg0Xqp5dz+HERkrL9jvSB 37rDYmKvgzNxZ945ibqNJ2lP/nRMT2mYdrl9X39Xm6eS9IDK7cHOpW/Y7UbUtq/J aJ+AnKyuhFcCDZEp0v86p/vDGfzYhf8aieqsmHOPSR5i6jiS5xXPifVCF9zArwBw Z1rNjH0Y1hJhx8lfIkndra4L5djP0UNRz7O2pgXixJaFHZEJUULiklHpUnyKeFr+ 7VLjKMfZ5ZxTQup0koYHnPu5PaGCHqXxs6GzOvajyxUAND4xo80iwja/ImCt -----END CERTIFICATE-----Generated at Wed Nov 5 06:33:58 2025 by rpki-client