$ rpki-client -vvf rpki.apnic.net/member_repository/A9172FC5/EDABD230AB3F11EFBE02CF14C4F9AE02/2D810A88AB4011EF849D9515C4F9AE02.roa File: 2D810A88AB4011EF849D9515C4F9AE02.roa (raw, json) Hash identifier: Y+fJ5KK7IVdhYlyuLVkF2P1TQN/5/+n0ri0WCyCm2Xk= Subject key identifier: 2A:A4:9F:DC:A4:C3:84:06:1F:A5:F9:61:77:85:A1:BA:45:B9:61:F8 Certificate issuer: /CN=A9172FC5/serialNumber=FD88DEF9A6BDDBEA59389EDC6171AADCA106B509 Certificate serial: 02 Authority key identifier: FD:88:DE:F9:A6:BD:DB:EA:59:38:9E:DC:61:71:AA:DC:A1:06:B5:09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Yje-aa92-pZOJ7cYXGq3KEGtQk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172FC5/EDABD230AB3F11EFBE02CF14C4F9AE02/2D810A88AB4011EF849D9515C4F9AE02.roa Signing time: Mon 25 Nov 2024 15:16:00 +0000 ROA not before: Mon 25 Nov 2024 15:16:00 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 132233 IP address blocks: 2401:d820::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172FC5/EDABD230AB3F11EFBE02CF14C4F9AE02/_Yje-aa92-pZOJ7cYXGq3KEGtQk.crl rsync://rpki.apnic.net/member_repository/A9172FC5/EDABD230AB3F11EFBE02CF14C4F9AE02/_Yje-aa92-pZOJ7cYXGq3KEGtQk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Yje-aa92-pZOJ7cYXGq3KEGtQk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:18:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172FC5, serialNumber=FD88DEF9A6BDDBEA59389EDC6171AADCA106B509 Validity Not Before: Nov 25 15:16:00 2024 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=674494b0-7053 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:03:8a:27:3b:29:21:31:50:33:a6:46:4c:1c: 1e:14:63:3d:67:ed:ba:c3:71:ac:82:cf:df:c1:23: 0d:b2:1c:15:c0:eb:19:52:b4:ef:36:a3:8e:ca:a3: 2e:85:56:4c:03:6d:a9:2c:18:fc:f1:f2:99:49:32: 83:37:21:6d:fb:c8:ee:ed:90:74:93:2b:33:c6:c4: 30:ec:e4:a2:77:ac:36:67:49:8b:3e:95:18:69:48: b3:d7:14:ea:5d:fd:67:5c:82:4a:78:27:44:77:26: 6c:4a:b2:24:d3:eb:41:bb:73:11:48:1e:61:2c:ee: 20:7c:b3:20:c6:c0:67:dc:97:0b:af:bf:91:49:5b: e2:c7:63:13:a7:83:bc:d5:5e:a6:4a:75:7c:09:f2: d8:23:34:be:b2:a3:d1:1e:18:89:44:14:87:76:85: 22:7c:64:70:93:48:64:d0:5c:5d:53:f7:7d:d6:fe: ff:c0:da:29:b8:33:8a:3a:d6:ec:63:85:eb:35:e3: 9d:fa:82:aa:d0:01:ca:36:8e:61:d7:3f:7b:01:06: 22:34:63:99:dd:8c:b0:9e:e8:6b:be:ab:79:ff:9c: 57:b5:b3:96:43:73:a2:5a:7a:5a:b2:92:d6:e4:05: ef:17:7f:82:f8:64:6f:38:e4:70:7d:07:0a:32:30: de:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:A4:9F:DC:A4:C3:84:06:1F:A5:F9:61:77:85:A1:BA:45:B9:61:F8 X509v3 Authority Key Identifier: keyid:FD:88:DE:F9:A6:BD:DB:EA:59:38:9E:DC:61:71:AA:DC:A1:06:B5:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172FC5/EDABD230AB3F11EFBE02CF14C4F9AE02/_Yje-aa92-pZOJ7cYXGq3KEGtQk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Yje-aa92-pZOJ7cYXGq3KEGtQk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172FC5/EDABD230AB3F11EFBE02CF14C4F9AE02/2D810A88AB4011EF849D9515C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:d820::/32 Signature Algorithm: sha256WithRSAEncryption 9f:71:87:3a:11:d1:df:80:6d:90:91:45:1b:4c:ce:92:9c:4a: ba:1c:5a:86:3d:e7:a1:b5:73:c0:84:0d:e9:49:52:b9:4e:05: 6d:09:ec:dd:2e:2c:ba:13:87:22:6a:3a:18:05:a1:eb:4c:f4: 2e:d0:8e:1e:19:ca:8e:23:04:36:05:99:f1:cf:4a:5d:50:06: 6b:e1:c6:b3:2d:c2:02:dc:93:b2:b1:68:ec:4b:4d:48:18:b8: 1c:eb:10:90:c0:a2:82:38:39:b8:54:7c:9d:84:81:42:6c:01: 3d:4d:81:26:5e:cb:c7:63:fb:85:b3:8b:8f:56:a4:40:9f:1a: 0e:d9:e9:12:57:ba:a5:c7:3d:a3:a6:c0:d9:17:a3:f6:fe:1d: a7:95:74:f3:7b:89:3a:35:ce:33:ca:f8:e2:c5:2e:a3:63:60: 0c:d8:d5:ac:29:9f:90:24:56:ce:cd:cd:4f:62:24:9c:b6:77: b8:89:1d:73:48:25:f3:8e:ce:f0:fb:d4:64:d9:e2:45:bd:97: f3:4e:c6:70:eb:77:96:10:b8:f3:6d:82:33:bf:ea:ce:ff:fc: c9:7a:c6:99:ff:48:a8:a5:69:b2:5b:f2:03:7f:bb:83:36:f7: e5:7d:30:8e:bf:94:79:7d:85:9a:bf:34:79:17:c1:bb:3d:c4: 56:04:aa:e2 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MkZDNTExMC8GA1UEBRMoRkQ4OERFRjlBNkJEREJFQTU5Mzg5RURDNjE3MUFBRENB MTA2QjUwOTAeFw0yNDExMjUxNTE2MDBaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3NDQ5NGIwLTcwNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCqA4onOykhMVAzpkZMHB4UYz1n7brDcayCz9/BIw2yHBXA6xlStO82o47Koy6F VkwDbaksGPzx8plJMoM3IW37yO7tkHSTKzPGxDDs5KJ3rDZnSYs+lRhpSLPXFOpd /Wdcgkp4J0R3JmxKsiTT60G7cxFIHmEs7iB8syDGwGfclwuvv5FJW+LHYxOng7zV XqZKdXwJ8tgjNL6yo9EeGIlEFId2hSJ8ZHCTSGTQXF1T933W/v/A2im4M4o61uxj hes14536gqrQAco2jmHXP3sBBiI0Y5ndjLCe6Gu+q3n/nFe1s5ZDc6Jaelqyktbk Be8Xf4L4ZG845HB9BwoyMN6/AgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUKqSf3KTD hAYfpflhd4WhukW5YfgwHwYDVR0jBBgwFoAU/Yje+aa92+pZOJ7cYXGq3KEGtQkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyRkM1L0VEQUJEMjMwQUIz RjExRUZCRTAyQ0YxNEM0RjlBRTAyL19ZamUtYWE5Mi1wWk9KN2NZWEdxM0tFR3RR ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvX1lqZS1hYTkyLXBaT0o3Y1lYR3EzS0VHdFFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkZDNS9FREFCRDIzMEFCM0YxMUVGQkUwMkNGMTRDNEY5QUUwMi8yRDgxMEE4OEFC NDAxMUVGODQ5RDk1MTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR MA8wDQQCAAIwBwMFACQB2CAwDQYJKoZIhvcNAQELBQADggEBAJ9xhzoR0d+AbZCR RRtMzpKcSrocWoY956G1c8CEDelJUrlOBW0J7N0uLLoThyJqOhgFoetM9C7Qjh4Z yo4jBDYFmfHPSl1QBmvhxrMtwgLck7KxaOxLTUgYuBzrEJDAooI4ObhUfJ2EgUJs AT1NgSZey8dj+4Wzi49WpECfGg7Z6RJXuqXHPaOmwNkXo/b+HaeVdPN7iTo1zjPK +OLFLqNjYAzY1awpn5AkVs7NzU9iJJy2d7iJHXNIJfOOzvD71GTZ4kW9l/NOxnDr d5YQuPNtgjO/6s7//Ml6xpn/SKilabJb8gN/u4M29+V9MI6/lHl9hZq/NHkXwbs9 xFYEquI= -----END CERTIFICATE-----Generated at Wed Nov 5 20:55:17 2025 by rpki-client