$ rpki-client -vvf rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/DC76F25EBCFD11EFAF51D253C4F9AE02.roa File: DC76F25EBCFD11EFAF51D253C4F9AE02.roa (raw, json) Hash identifier: C8NuyzBs3UmSDZIg9iKH9kFYPl+i5KIJP5qS3W6HBKs= Subject key identifier: 3E:E3:64:84:F3:B1:90:EF:18:63:57:A9:09:16:57:2A:6F:BD:F7:10 Certificate issuer: /CN=A91921AE/serialNumber=82A769DD746C831F4C4DB29D6A65DE08D6AD95ED Certificate serial: 4D Authority key identifier: 82:A7:69:DD:74:6C:83:1F:4C:4D:B2:9D:6A:65:DE:08:D6:AD:95:ED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gqdp3XRsgx9MTbKdamXeCNatle0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/DC76F25EBCFD11EFAF51D253C4F9AE02.roa Signing time: Mon 14 Apr 2025 04:17:17 +0000 ROA not before: Mon 14 Apr 2025 04:17:17 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 136396 IP address blocks: 2001:df4:adc0::/48 maxlen: 48 2001:df4:adc1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/gqdp3XRsgx9MTbKdamXeCNatle0.crl rsync://rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/gqdp3XRsgx9MTbKdamXeCNatle0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gqdp3XRsgx9MTbKdamXeCNatle0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:17:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77 (0x4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91921AE, serialNumber=82A769DD746C831F4C4DB29D6A65DE08D6AD95ED Validity Not Before: Apr 14 04:17:17 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=67fc8c4c-5b4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:5c:69:62:f7:bf:ac:8b:5f:5d:d8:a1:1a:9b: a8:e8:f5:77:57:61:57:e4:6c:0c:ef:29:88:a8:ff: e3:4c:d9:1a:25:9f:a9:aa:e7:d3:d1:ba:4b:5a:3e: 12:da:6b:8c:b6:dd:3f:40:52:7d:10:ba:44:45:b4: e3:79:35:f0:e0:f5:3c:80:28:ba:41:c3:0b:c0:23: c6:4f:70:2c:9a:bb:e1:d0:b6:e3:ea:4a:40:50:b1: e0:56:b3:df:23:43:d3:ab:de:d2:8c:67:71:b5:7b: 59:85:b0:ec:b7:05:0a:9f:b9:ff:6c:10:d7:c9:e1: a9:c9:b3:ff:6d:ee:ee:94:cd:72:13:cc:19:2d:54: 72:1d:6b:92:b6:e0:ab:32:f1:41:ec:47:53:91:70: 8a:b7:fe:7f:a0:6f:30:eb:fb:d9:54:a2:ac:47:fc: 8b:9c:23:b2:14:84:72:89:52:b1:fd:44:ff:84:ec: 3d:df:60:47:4d:92:ad:2c:aa:14:30:ce:7a:8e:28: 77:87:cc:70:34:b2:53:de:5d:a0:73:90:ea:4d:f5: 1e:94:27:17:f4:e2:54:9c:99:4c:73:9a:22:89:32: 2e:7d:27:d1:9c:81:db:c7:fb:a1:5a:55:5f:56:32: c1:af:fc:1e:9d:88:78:d9:75:fb:04:3d:a5:39:7a: 68:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:E3:64:84:F3:B1:90:EF:18:63:57:A9:09:16:57:2A:6F:BD:F7:10 X509v3 Authority Key Identifier: keyid:82:A7:69:DD:74:6C:83:1F:4C:4D:B2:9D:6A:65:DE:08:D6:AD:95:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/gqdp3XRsgx9MTbKdamXeCNatle0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gqdp3XRsgx9MTbKdamXeCNatle0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91921AE/74912B2CAC7311EFA3CBD14AC4F9AE02/DC76F25EBCFD11EFAF51D253C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df4:adc0::/47 Signature Algorithm: sha256WithRSAEncryption 9e:6f:10:f0:e1:6d:21:d4:a8:7a:ac:f0:78:13:56:a4:23:44: 9e:bb:90:d2:71:d0:15:b0:72:6f:7c:30:9d:01:da:db:25:85: 87:3f:ff:be:05:a1:2d:e7:48:bb:b8:0b:ad:dc:1f:86:c9:ce: 50:60:d6:d3:fd:2e:51:3f:59:0a:88:7d:36:e8:f1:56:e2:91: f2:fc:26:33:a9:65:56:ed:80:37:49:96:4b:92:0a:6d:15:e7: 8a:c6:84:bd:e2:b3:bf:ea:87:15:26:66:90:c6:d2:99:d4:1c: 64:a6:a8:a5:4c:e6:8e:e1:cc:60:0b:3d:f1:8b:a0:ff:29:66: 39:73:73:ba:53:9a:12:17:96:3c:11:ef:2b:6b:4e:02:2b:82: 00:9f:d8:7d:67:62:f9:a6:4d:e0:ef:24:81:bb:03:99:0a:9d: 80:46:26:39:53:2b:72:c6:c0:23:f7:e1:3d:49:1c:73:dd:78: 22:9f:4a:17:b0:32:c4:b9:9b:fd:08:88:3d:7e:42:ce:84:fa: 0e:67:0a:b4:8c:7c:ea:08:29:e4:28:28:0b:19:69:01:2b:9b: 0f:e6:80:17:4c:0b:ec:d6:a7:e2:ae:58:fe:fd:32:29:37:ff: 55:df:ea:68:b9:b4:b3:3d:c5:e9:26:db:37:b6:37:0c:ca:26: a8:dc:2e:ca -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 MjFBRTExMC8GA1UEBRMoODJBNzY5REQ3NDZDODMxRjRDNERCMjlENkE2NURFMDhE NkFEOTVFRDAeFw0yNTA0MTQwNDE3MTdaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY3ZmM4YzRjLTViNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCVXGli97+si19d2KEam6jo9XdXYVfkbAzvKYio/+NM2Roln6mq59PRuktaPhLa a4y23T9AUn0QukRFtON5NfDg9TyAKLpBwwvAI8ZPcCyau+HQtuPqSkBQseBWs98j Q9Or3tKMZ3G1e1mFsOy3BQqfuf9sENfJ4anJs/9t7u6UzXITzBktVHIda5K24Ksy 8UHsR1ORcIq3/n+gbzDr+9lUoqxH/IucI7IUhHKJUrH9RP+E7D3fYEdNkq0sqhQw znqOKHeHzHA0slPeXaBzkOpN9R6UJxf04lScmUxzmiKJMi59J9GcgdvH+6FaVV9W MsGv/B6diHjZdfsEPaU5emidAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUPuNkhPOx kO8YY1epCRZXKm+99xAwHwYDVR0jBBgwFoAUgqdp3XRsgx9MTbKdamXeCNatle0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkyMUFFLzc0OTEyQjJDQUM3 MzExRUZBM0NCRDE0QUM0RjlBRTAyL2dxZHAzWFJzZ3g5TVRiS2RhbVhlQ05hdGxl MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZ3FkcDNYUnNneDlNVGJLZGFtWGVDTmF0bGUwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MjFBRS83NDkxMkIyQ0FDNzMxMUVGQTNDQkQxNEFDNEY5QUUwMi9EQzc2RjI1RUJD RkQxMUVGQUY1MUQyNTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHASABDfStwDANBgkqhkiG9w0BAQsFAAOCAQEAnm8Q8OFtIdSo eqzweBNWpCNEnruQ0nHQFbByb3wwnQHa2yWFhz//vgWhLedIu7gLrdwfhsnOUGDW 0/0uUT9ZCoh9NujxVuKR8vwmM6llVu2AN0mWS5IKbRXnisaEveKzv+qHFSZmkMbS mdQcZKaopUzmjuHMYAs98Yug/ylmOXNzulOaEheWPBHvK2tOAiuCAJ/YfWdi+aZN 4O8kgbsDmQqdgEYmOVMrcsbAI/fhPUkcc914Ip9KF7AyxLmb/QiIPX5CzoT6DmcK tIx86ggp5CgoCxlpASubD+aAF0wL7Nan4q5Y/v0yKTf/Vd/qaLm0sz3F6SbbN7Y3 DMomqNwuyg== -----END CERTIFICATE-----Generated at Sat Apr 26 08:07:47 2025 by rpki-client