$ rpki-client -vvf rpki.apnic.net/member_repository/A91706E4/3ABA80AAA68411EF8F5ED37FC4F9AE02/31E9AEC6E30411EFBC0C3B2CC4F9AE02.roa File: 31E9AEC6E30411EFBC0C3B2CC4F9AE02.roa (raw, json) Hash identifier: iUCXkP/k8vFDK+xe4w0gGSkxJOnd/FNj32EaA1KJbt4= Subject key identifier: 10:0A:39:C2:D8:4E:84:B9:27:37:08:B3:FA:47:5B:8C:28:E2:6A:9E Certificate issuer: /CN=A91706E4/serialNumber=6F7E58D0896389F7E7FE4E8795AA555D5C555188 Certificate serial: 2A Authority key identifier: 6F:7E:58:D0:89:63:89:F7:E7:FE:4E:87:95:AA:55:5D:5C:55:51:88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b35Y0Iljiffn_k6HlapVXVxVUYg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91706E4/3ABA80AAA68411EF8F5ED37FC4F9AE02/31E9AEC6E30411EFBC0C3B2CC4F9AE02.roa Signing time: Tue 04 Feb 2025 14:27:43 +0000 ROA not before: Tue 04 Feb 2025 14:27:43 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 141212 IP address blocks: 2001:df4:9fc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91706E4/3ABA80AAA68411EF8F5ED37FC4F9AE02/b35Y0Iljiffn_k6HlapVXVxVUYg.crl rsync://rpki.apnic.net/member_repository/A91706E4/3ABA80AAA68411EF8F5ED37FC4F9AE02/b35Y0Iljiffn_k6HlapVXVxVUYg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b35Y0Iljiffn_k6HlapVXVxVUYg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 06:03:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91706E4, serialNumber=6F7E58D0896389F7E7FE4E8795AA555D5C555188 Validity Not Before: Feb 4 14:27:43 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67a223df-aba8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:15:39:90:0c:23:a7:f8:26:90:38:20:de:2d: d1:1f:64:c8:5d:fe:4d:45:17:0c:06:5e:71:55:d2: cc:92:60:80:87:3f:44:91:fe:81:b4:fe:9f:6b:22: db:27:0b:15:9c:49:ac:35:97:69:d1:0e:69:b4:ac: f0:7a:b6:49:a6:01:24:de:0e:fd:13:e8:2b:3b:4a: 5f:74:f8:5e:d3:ef:1f:5b:65:4b:c4:41:be:d6:aa: f0:65:69:95:17:31:d0:cc:ce:94:0c:16:9a:b8:5b: 9e:fe:61:55:32:56:9a:6d:3f:7c:25:d6:59:b5:d4: d2:7c:2f:72:48:db:5d:fe:cc:f8:b4:35:1d:e8:04: cc:dc:37:95:e6:03:da:91:09:b8:0c:ca:4b:06:e9: 53:c6:bd:54:97:93:e4:42:ed:a3:b7:f8:e8:74:6c: 64:c0:d3:ac:f4:29:12:f0:44:5b:ed:21:85:db:a5: d2:fe:12:41:41:42:21:a4:5d:c5:c4:6a:9a:ec:03: b3:a0:80:42:1a:9d:e3:fb:48:7d:04:96:2e:f3:ce: a1:81:6d:db:c6:b0:bf:2c:ba:81:47:22:0d:74:b0: ba:44:53:12:17:ce:d6:3c:34:78:d6:f6:39:a4:23: db:88:d7:dd:cb:17:8f:17:28:c8:83:52:d3:a8:82: 41:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:0A:39:C2:D8:4E:84:B9:27:37:08:B3:FA:47:5B:8C:28:E2:6A:9E X509v3 Authority Key Identifier: keyid:6F:7E:58:D0:89:63:89:F7:E7:FE:4E:87:95:AA:55:5D:5C:55:51:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91706E4/3ABA80AAA68411EF8F5ED37FC4F9AE02/b35Y0Iljiffn_k6HlapVXVxVUYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b35Y0Iljiffn_k6HlapVXVxVUYg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91706E4/3ABA80AAA68411EF8F5ED37FC4F9AE02/31E9AEC6E30411EFBC0C3B2CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df4:9fc0::/48 Signature Algorithm: sha256WithRSAEncryption 20:82:53:9f:9a:39:c2:5f:53:43:9e:c5:ad:4d:ae:26:2b:e2: e5:51:85:02:30:18:21:28:f7:73:c2:f8:09:13:94:e6:a2:24: be:91:b2:2c:a1:bd:64:13:03:ab:37:90:59:21:d2:f6:bc:3a: 02:7c:33:60:73:c9:e3:d7:47:d8:47:a4:26:1a:db:af:62:ec: c7:21:4e:d1:31:15:a4:97:44:9d:85:b7:47:e0:ff:f7:f0:62: f0:45:ec:10:31:3a:9e:1e:bd:d7:1c:1f:d6:f8:c3:0d:0d:b1: 2b:7c:0d:c6:2d:66:c6:e9:8d:0c:80:85:21:bc:78:87:4c:cf: a3:79:89:31:76:41:0d:a1:4f:41:65:9a:7c:20:7d:51:6c:fc: 2c:fe:7c:3f:84:79:0e:63:a7:ed:9c:fe:b3:b1:c7:09:95:d7: cf:70:fd:f7:4d:48:ea:5c:05:54:88:06:55:1a:4c:73:e8:77: e5:8c:76:d0:a5:9f:10:70:77:13:e9:55:db:20:31:ce:51:32: ca:dd:0a:33:0b:3c:ee:6e:37:67:91:a6:3e:a5:13:dc:c7:37: df:e6:4c:81:6c:06:2a:49:0d:30:05:25:14:29:0c:08:c3:37: 82:2c:5e:9d:0a:8b:49:40:b1:05:7e:93:f6:8e:cb:f2:22:4b: 40:97:00:6a -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MDZFNDExMC8GA1UEBRMoNkY3RTU4RDA4OTYzODlGN0U3RkU0RTg3OTVBQTU1NUQ1 QzU1NTE4ODAeFw0yNTAyMDQxNDI3NDNaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3YTIyM2RmLWFiYTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDSFTmQDCOn+CaQOCDeLdEfZMhd/k1FFwwGXnFV0sySYICHP0SR/oG0/p9rItsn CxWcSaw1l2nRDmm0rPB6tkmmASTeDv0T6Cs7Sl90+F7T7x9bZUvEQb7WqvBlaZUX MdDMzpQMFpq4W57+YVUyVpptP3wl1lm11NJ8L3JI213+zPi0NR3oBMzcN5XmA9qR CbgMyksG6VPGvVSXk+RC7aO3+Oh0bGTA06z0KRLwRFvtIYXbpdL+EkFBQiGkXcXE aprsA7OggEIaneP7SH0Eli7zzqGBbdvGsL8suoFHIg10sLpEUxIXztY8NHjW9jmk I9uI193LF48XKMiDUtOogkFxAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUEAo5wthO hLknNwiz+kdbjCjiap4wHwYDVR0jBBgwFoAUb35Y0Iljiffn/k6HlapVXVxVUYgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwNkU0LzNBQkE4MEFBQTY4 NDExRUY4RjVFRDM3RkM0RjlBRTAyL2IzNVkwSWxqaWZmbl9rNkhsYXBWWFZ4VlVZ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvYjM1WTBJbGppZmZuX2s2SGxhcFZYVnhWVVlnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MDZFNC8zQUJBODBBQUE2ODQxMUVGOEY1RUQzN0ZDNEY5QUUwMi8zMUU5QUVDNkUz MDQxMUVGQkMwQzNCMkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHACABDfSfwDANBgkqhkiG9w0BAQsFAAOCAQEAIIJTn5o5wl9T Q57FrU2uJivi5VGFAjAYISj3c8L4CROU5qIkvpGyLKG9ZBMDqzeQWSHS9rw6Anwz YHPJ49dH2EekJhrbr2LsxyFO0TEVpJdEnYW3R+D/9/Bi8EXsEDE6nh691xwf1vjD DQ2xK3wNxi1mxumNDICFIbx4h0zPo3mJMXZBDaFPQWWafCB9UWz8LP58P4R5DmOn 7Zz+s7HHCZXXz3D9901I6lwFVIgGVRpMc+h35Yx20KWfEHB3E+lV2yAxzlEyyt0K Mws87m43Z5GmPqUT3Mc33+ZMgWwGKkkNMAUlFCkMCMM3gixenQqLSUCxBX6T9o7L 8iJLQJcAag== -----END CERTIFICATE-----Generated at Tue Nov 4 19:04:37 2025 by rpki-client