$ rpki-client -vvf rpki.apnic.net/member_repository/A917E7C7/1A59F78E16B311EF89CFE30EC4F9AE02/031A090A5C2C11F0A1180E20C4F9AE02.roa File: 031A090A5C2C11F0A1180E20C4F9AE02.roa (raw, json) Hash identifier: 1KiFLWub5BHrSO0tUJ2uOHpJ+a6PoNSbEd3Z8qezbIg= Subject key identifier: 64:35:CD:72:51:AB:85:8E:89:E2:95:41:2A:A2:6E:7F:61:50:B9:FC Certificate issuer: /CN=A917E7C7/serialNumber=B2AD50F3571BDA1EEC07CC48DA01D3F375458D24 Certificate serial: DC Authority key identifier: B2:AD:50:F3:57:1B:DA:1E:EC:07:CC:48:DA:01:D3:F3:75:45:8D:24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sq1Q81cb2h7sB8xI2gHT83VFjSQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E7C7/1A59F78E16B311EF89CFE30EC4F9AE02/031A090A5C2C11F0A1180E20C4F9AE02.roa Signing time: Tue 08 Jul 2025 18:47:35 +0000 ROA not before: Tue 08 Jul 2025 18:47:35 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 141172 IP address blocks: 2001:df3:d0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E7C7/1A59F78E16B311EF89CFE30EC4F9AE02/sq1Q81cb2h7sB8xI2gHT83VFjSQ.crl rsync://rpki.apnic.net/member_repository/A917E7C7/1A59F78E16B311EF89CFE30EC4F9AE02/sq1Q81cb2h7sB8xI2gHT83VFjSQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sq1Q81cb2h7sB8xI2gHT83VFjSQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 220 (0xdc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E7C7, serialNumber=B2AD50F3571BDA1EEC07CC48DA01D3F375458D24 Validity Not Before: Jul 8 18:47:35 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=686d67c7-f463 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ff:cd:0f:6e:bb:cb:4d:9e:4f:f3:ac:4a:a2: c4:75:7f:07:fd:74:10:7c:6e:74:b6:df:9a:d9:03: d9:aa:cf:ca:85:91:30:95:76:76:42:64:12:83:8e: 2c:00:ac:cd:d1:0c:ae:dc:ae:dd:3d:ec:0b:dc:0a: 25:cb:8c:39:25:f1:60:65:6d:b6:70:d0:78:b7:3e: 06:5e:c8:01:61:f3:30:06:5f:c6:1c:41:69:73:f9: e2:49:d4:84:01:a2:39:68:20:29:e6:9a:96:2f:eb: f4:ce:5c:50:6b:54:50:7c:2a:cb:c1:f7:fc:a4:20: 88:a6:c1:cc:cf:48:56:c4:24:f5:e8:8d:28:8c:b5: da:3a:8d:01:28:6b:d2:9d:f8:57:60:f1:1d:7f:fd: 2a:3f:67:ff:fe:74:48:3d:88:21:00:44:b1:c3:84: 8c:4c:23:3a:93:ca:a8:f3:c5:fb:05:4a:0a:ff:21: 50:d2:5b:9a:2a:8d:53:a1:a8:8f:c4:b1:7d:8d:93: 7e:d1:0a:03:ad:1a:02:4b:c7:4b:ed:35:33:b1:03: ab:2d:0f:3d:bd:68:a0:c0:0c:b3:a1:c6:d4:e4:29: d2:40:ab:ef:12:de:33:26:08:71:9a:b9:0b:f0:09: bb:cb:9d:b0:63:91:fc:05:b9:ef:c2:b0:9e:20:11: a9:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:35:CD:72:51:AB:85:8E:89:E2:95:41:2A:A2:6E:7F:61:50:B9:FC X509v3 Authority Key Identifier: keyid:B2:AD:50:F3:57:1B:DA:1E:EC:07:CC:48:DA:01:D3:F3:75:45:8D:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E7C7/1A59F78E16B311EF89CFE30EC4F9AE02/sq1Q81cb2h7sB8xI2gHT83VFjSQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sq1Q81cb2h7sB8xI2gHT83VFjSQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E7C7/1A59F78E16B311EF89CFE30EC4F9AE02/031A090A5C2C11F0A1180E20C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df3:d0c0::/48 Signature Algorithm: sha256WithRSAEncryption 11:fa:28:7a:e6:99:17:f7:b1:52:e7:4e:d1:82:c1:29:fb:ba: 94:bc:95:f6:3d:68:95:34:a8:9d:f2:a8:39:f6:73:dd:59:e0: 34:29:d4:a7:29:bf:a5:2b:cc:34:40:40:02:e8:a4:17:9e:91: 76:c4:27:88:0d:93:f0:67:50:ce:c6:63:d7:44:f0:3d:c4:99: 8e:09:80:fd:18:88:64:12:19:15:8c:70:4c:a0:9e:b8:d5:41: bb:d0:6e:e4:0f:87:33:6d:ec:36:1b:b8:b1:5b:ef:04:dd:51: 5e:7f:af:b9:f9:20:c3:79:ce:ef:04:79:5e:7b:87:70:6a:d2: 4b:d4:47:68:25:80:26:cb:8d:05:1c:5e:b0:95:02:11:16:f7: a5:81:70:a6:77:c9:98:42:42:26:f2:26:bc:c7:9d:a2:a0:ff: 1e:0d:c0:0b:d4:56:d0:62:be:57:e5:1c:37:3b:0b:74:b4:20: be:d3:c5:6d:e3:23:02:f4:06:84:ce:83:b4:65:3f:c0:ae:13: 74:6b:d6:83:34:18:2a:0b:e9:3f:eb:33:4f:52:f2:6b:78:b6: 80:34:ac:cf:2f:6b:68:94:67:b5:32:d9:8d:c5:19:74:ec:49: 9e:f7:f9:84:a5:ce:e0:3b:37:88:43:4c:a5:4e:33:2c:8c:67: 3d:75:36:45 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U3QzcxMTAvBgNVBAUTKEIyQUQ1MEYzNTcxQkRBMUVFQzA3Q0M0OERBMDFEM0Yz NzU0NThEMjQwHhcNMjUwNzA4MTg0NzM1WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODZkNjdjNy1mNDYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0P/ND267y02eT/OsSqLEdX8H/XQQfG50tt+a2QPZqs/KhZEwlXZ2QmQSg44s AKzN0Qyu3K7dPewL3Aoly4w5JfFgZW22cNB4tz4GXsgBYfMwBl/GHEFpc/niSdSE AaI5aCAp5pqWL+v0zlxQa1RQfCrLwff8pCCIpsHMz0hWxCT16I0ojLXaOo0BKGvS nfhXYPEdf/0qP2f//nRIPYghAESxw4SMTCM6k8qo88X7BUoK/yFQ0luaKo1ToaiP xLF9jZN+0QoDrRoCS8dL7TUzsQOrLQ89vWigwAyzocbU5CnSQKvvEt4zJghxmrkL 8Am7y52wY5H8BbnvwrCeIBGp3QIDAQABo4ICmDCCApQwHQYDVR0OBBYEFGQ1zXJR q4WOieKVQSqibn9hULn8MB8GA1UdIwQYMBaAFLKtUPNXG9oe7AfMSNoB0/N1RY0k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTdDNy8xQTU5Rjc4RTE2 QjMxMUVGODlDRkUzMEVDNEY5QUUwMi9zcTFRODFjYjJoN3NCOHhJMmdIVDgzVkZq U1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NxMVE4MWNiMmg3c0I4eEkyZ0hUODNWRmpTUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U3QzcvMUE1OUY3OEUxNkIzMTFFRjg5Q0ZFMzBFQzRGOUFFMDIvMDMxQTA5MEE1 QzJDMTFGMEExMTgwRTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ3z0MAwDQYJKoZIhvcNAQELBQADggEBABH6KHrmmRf3 sVLnTtGCwSn7upS8lfY9aJU0qJ3yqDn2c91Z4DQp1Kcpv6UrzDRAQALopBeekXbE J4gNk/BnUM7GY9dE8D3EmY4JgP0YiGQSGRWMcEygnrjVQbvQbuQPhzNt7DYbuLFb 7wTdUV5/r7n5IMN5zu8EeV57h3Bq0kvUR2glgCbLjQUcXrCVAhEW96WBcKZ3yZhC QibyJrzHnaKg/x4NwAvUVtBivlflHDc7C3S0IL7TxW3jIwL0BoTOg7RlP8CuE3Rr 1oM0GCoL6T/rM09S8mt4toA0rM8va2iUZ7Uy2Y3FGXTsSZ73+YSlzuA7N4hDTKVO MyyMZz11NkU= -----END CERTIFICATE-----Generated at Mon Aug 11 07:31:24 2025 by rpki-client