$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/41669A1AFA7111EFBBC5374BC4F9AE02.roa File: 41669A1AFA7111EFBBC5374BC4F9AE02.roa (raw, json) Hash identifier: haSQEcZvu+LWzkOvZzc7LOJTAEDY5W895cu5rNdoU9Q= Subject key identifier: E5:AF:8A:75:6C:34:1B:3F:CD:5F:DB:58:19:A0:FF:B4:56:E5:2B:29 Certificate issuer: /CN=A91AE3F2/serialNumber=FFE1B7A8729A0ECBBEC8B2FD9A97B74826CCDBC5 Certificate serial: 024F Authority key identifier: FF:E1:B7:A8:72:9A:0E:CB:BE:C8:B2:FD:9A:97:B7:48:26:CC:DB:C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-G3qHKaDsu-yLL9mpe3SCbM28U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/41669A1AFA7111EFBBC5374BC4F9AE02.roa Signing time: Mon 03 Nov 2025 01:46:52 +0000 ROA not before: Mon 03 Nov 2025 01:46:52 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 212147 IP address blocks: 2400:b3a0:e1::/48 maxlen: 48 2400:b3a0:e2::/48 maxlen: 48 2400:b3a0:e3::/48 maxlen: 48 2400:b3a0:e4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/_-G3qHKaDsu-yLL9mpe3SCbM28U.crl rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/_-G3qHKaDsu-yLL9mpe3SCbM28U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-G3qHKaDsu-yLL9mpe3SCbM28U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:53:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 591 (0x24f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE3F2, serialNumber=FFE1B7A8729A0ECBBEC8B2FD9A97B74826CCDBC5 Validity Not Before: Nov 3 01:46:52 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=6908098b-1ce7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ae:cb:fb:96:69:23:fa:29:5d:b1:8d:d3:1e: 22:c8:6d:bf:65:b8:81:58:1b:a4:1e:ae:93:6c:80: a4:de:91:e6:fc:07:43:c0:5a:65:a0:6f:ce:af:85: 74:6f:86:5d:b5:da:06:56:81:b3:00:87:2c:62:0e: d6:48:26:58:df:a9:ca:3b:e0:02:8c:f1:c9:c3:32: 25:cf:64:c0:7e:03:8f:ad:4d:c2:87:1f:0b:a5:c0: af:9f:af:8c:45:f1:c2:59:e6:7c:e6:7d:4c:66:53: 94:fe:e7:9b:38:40:be:36:20:42:1e:dc:14:f8:21: 6f:ef:2e:81:5d:28:5f:38:11:55:1b:20:ee:1d:27: 4e:e4:51:00:c3:67:9d:9e:76:0c:3f:48:aa:bc:bb: c6:07:c6:6f:da:70:5a:c3:d2:64:11:c7:2d:8d:30: a2:d4:81:92:54:cc:09:63:05:f2:b1:58:8f:36:02: 9e:f8:ac:c0:8e:7a:cf:cf:87:eb:e8:9b:bf:65:47: 0d:a6:00:07:f5:69:3c:0f:ff:21:f1:ff:b1:f3:62: d4:7f:08:bc:84:94:65:10:3b:c9:0e:68:b9:3c:3f: 41:3f:68:3a:b8:7b:cf:ab:b2:bd:d0:0a:7a:59:1c: 74:70:2d:ae:da:1e:ac:35:ee:22:bd:a6:2b:f5:b2: 7a:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:AF:8A:75:6C:34:1B:3F:CD:5F:DB:58:19:A0:FF:B4:56:E5:2B:29 X509v3 Authority Key Identifier: keyid:FF:E1:B7:A8:72:9A:0E:CB:BE:C8:B2:FD:9A:97:B7:48:26:CC:DB:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/_-G3qHKaDsu-yLL9mpe3SCbM28U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-G3qHKaDsu-yLL9mpe3SCbM28U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE3F2/86A0FB28461611ED92EAAD20C4F9AE02/41669A1AFA7111EFBBC5374BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2400:b3a0:e1::-2400:b3a0:e4:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption d5:bc:94:00:d3:2d:18:82:5a:16:38:99:ef:0a:28:e0:07:c4: ce:3b:51:98:5d:d0:7d:e3:c0:93:f8:4c:e9:fb:4b:3d:19:51: 53:ee:a9:42:2c:2b:c5:ef:ad:94:98:33:fa:6b:f6:85:d9:a3: dd:d8:1e:ea:4d:3c:a5:07:73:d2:4d:f2:a8:63:4f:c1:c9:fa: a5:b5:8f:ac:16:fa:a1:55:72:bb:30:8e:dd:90:b4:db:b6:ea: fd:8c:bf:c6:39:9d:be:14:dc:ed:4b:35:5d:8b:8b:33:01:a6: af:4c:6e:e0:ce:f6:b9:62:6e:c2:da:0c:4f:4d:ef:37:6d:a2: 2e:29:1d:f2:0f:f5:41:cf:9b:2d:7b:85:d0:7e:dd:cf:3c:02: c7:98:23:33:d2:01:be:c7:42:d7:e6:fc:10:09:5e:d0:1c:a1: 94:f6:a7:14:60:6b:98:c7:d2:be:3b:8e:de:96:8e:ab:5e:82: 37:54:44:d3:71:c4:eb:e3:60:ab:e5:a4:db:ec:2f:73:63:55: d8:cc:5f:ba:c0:e7:87:eb:4c:80:87:04:05:e0:a6:14:9e:95: 19:b5:ec:02:3b:9d:31:8c:d8:c5:3a:17:1e:b2:e4:41:08:cc: 46:e1:1e:a0:02:a9:eb:8c:bf:d9:2b:cb:6e:94:e4:ce:e9:df: f6:46:f8:e9 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICAk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUUzRjIxMTAvBgNVBAUTKEZGRTFCN0E4NzI5QTBFQ0JCRUM4QjJGRDlBOTdCNzQ4 MjZDQ0RCQzUwHhcNMjUxMTAzMDE0NjUyWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTA4MDk4Yi0xY2U3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx67L+5ZpI/opXbGN0x4iyG2/ZbiBWBukHq6TbICk3pHm/AdDwFploG/Or4V0 b4ZdtdoGVoGzAIcsYg7WSCZY36nKO+ACjPHJwzIlz2TAfgOPrU3Chx8LpcCvn6+M RfHCWeZ85n1MZlOU/uebOEC+NiBCHtwU+CFv7y6BXShfOBFVGyDuHSdO5FEAw2ed nnYMP0iqvLvGB8Zv2nBaw9JkEcctjTCi1IGSVMwJYwXysViPNgKe+KzAjnrPz4fr 6Ju/ZUcNpgAH9Wk8D/8h8f+x82LUfwi8hJRlEDvJDmi5PD9BP2g6uHvPq7K90Ap6 WRx0cC2u2h6sNe4ivaYr9bJ69QIDAQABo4ICozCCAp8wHQYDVR0OBBYEFOWvinVs NBs/zV/bWBmg/7RW5SspMB8GA1UdIwQYMBaAFP/ht6hymg7Lvsiy/ZqXt0gmzNvF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTNGMi84NkEwRkIyODQ2 MTYxMUVEOTJFQUFEMjBDNEY5QUUwMi9fLUczcUhLYURzdS15TEw5bXBlM1NDYk0y OFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18tRzNxSEthRHN1LXlMTDltcGUzU0NiTTI4VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUUzRjIvODZBMEZCMjg0NjE2MTFFRDkyRUFBRDIwQzRGOUFFMDIvNDE2NjlBMUFG QTcxMTFFRkJCQzUzNzRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgACMBQwEgMHACQAs6AA4QMHACQAs6AA5DANBgkqhkiG9w0BAQsFAAOC AQEA1byUANMtGIJaFjiZ7woo4AfEzjtRmF3QfePAk/hM6ftLPRlRU+6pQiwrxe+t lJgz+mv2hdmj3dge6k08pQdz0k3yqGNPwcn6pbWPrBb6oVVyuzCO3ZC027bq/Yy/ xjmdvhTc7Us1XYuLMwGmr0xu4M72uWJuwtoMT03vN22iLikd8g/1Qc+bLXuF0H7d zzwCx5gjM9IBvsdC1+b8EAle0ByhlPanFGBrmMfSvjuO3paOq16CN1RE03HE6+Ng q+Wk2+wvc2NV2MxfusDnh+tMgIcEBeCmFJ6VGbXsAjudMYzYxToXHrLkQQjMRuEe oAKp64y/2SvLbpTkzunf9kb46Q== -----END CERTIFICATE-----Generated at Wed Nov 5 17:03:07 2025 by rpki-client