$ rpki-client -vvf rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/42C6F6041E6F11EF898C1E38C4F9AE02.roa File: 42C6F6041E6F11EF898C1E38C4F9AE02.roa (raw, json) Hash identifier: /XzOLWqtY/XmoLf5xT6dcK9H0RMrrYFaf352aac8WDE= Subject key identifier: EC:72:A5:5E:51:61:C3:39:25:13:B2:DE:A0:49:92:CB:D0:C7:5E:32 Certificate issuer: /CN=A91C31B7/serialNumber=A81D155CA404AE4145781AF05EB53A1219E2E065 Certificate serial: DF Authority key identifier: A8:1D:15:5C:A4:04:AE:41:45:78:1A:F0:5E:B5:3A:12:19:E2:E0:65 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0VXKQErkFFeBrwXrU6Ehni4GU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/42C6F6041E6F11EF898C1E38C4F9AE02.roa Signing time: Fri 01 Aug 2025 07:12:01 +0000 ROA not before: Fri 01 Aug 2025 07:12:01 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 152886 IP address blocks: 2001:df3:dbc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/qB0VXKQErkFFeBrwXrU6Ehni4GU.crl rsync://rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/qB0VXKQErkFFeBrwXrU6Ehni4GU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0VXKQErkFFeBrwXrU6Ehni4GU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 223 (0xdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C31B7, serialNumber=A81D155CA404AE4145781AF05EB53A1219E2E065 Validity Not Before: Aug 1 07:12:01 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=688c68c1-528b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:cc:89:8d:e9:22:3d:3d:ef:0f:a2:f3:b5:2a: 7d:d5:44:24:62:98:70:b4:ef:ce:56:16:bc:1e:7d: 41:54:70:ed:cf:37:2a:79:55:13:7b:36:38:8a:7a: fa:b9:b1:f6:cb:da:ae:aa:03:45:86:69:da:39:f1: 76:c9:04:a4:02:68:a2:d1:30:65:78:3e:55:3d:de: 75:83:a5:77:46:e6:91:32:61:1c:88:da:76:13:8b: 6b:7b:72:f5:6d:18:ec:cd:a5:c6:66:3f:34:fc:b5: 21:f3:11:19:52:7d:f9:fd:b7:d0:6c:d6:93:1c:0d: 1f:44:dc:55:49:22:a2:80:30:6b:20:eb:ee:a6:09: 30:ba:27:0c:e1:4e:45:d2:0c:6e:1a:33:e7:a2:0f: ea:01:6e:b8:19:90:0b:dd:b3:59:db:30:fc:e9:36: 05:f6:3b:79:b9:5e:f5:56:e8:fa:d3:7d:3e:3f:6a: eb:f5:a7:c5:d6:79:d6:37:4f:47:d9:7f:f1:05:5c: 1b:56:35:23:b5:5c:ef:d5:92:17:32:0b:85:15:fd: 33:5d:10:01:6d:b8:b5:7b:c2:22:d1:9e:89:ee:4b: 7e:e1:89:14:b6:af:6b:e4:ec:56:9b:80:6b:6c:3c: 97:d9:11:3b:f3:5b:10:2e:04:47:b1:6d:90:8d:bd: 9c:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:72:A5:5E:51:61:C3:39:25:13:B2:DE:A0:49:92:CB:D0:C7:5E:32 X509v3 Authority Key Identifier: keyid:A8:1D:15:5C:A4:04:AE:41:45:78:1A:F0:5E:B5:3A:12:19:E2:E0:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/qB0VXKQErkFFeBrwXrU6Ehni4GU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qB0VXKQErkFFeBrwXrU6Ehni4GU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C31B7/FCC334CC1E6B11EFAC0E914EC4F9AE02/42C6F6041E6F11EF898C1E38C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df3:dbc0::/48 Signature Algorithm: sha256WithRSAEncryption 6e:4f:20:8c:78:fc:9b:62:61:1b:97:0f:20:9f:28:12:31:8d: 44:c3:f8:4c:b2:f0:cc:03:fc:55:f8:f1:e0:18:83:75:f5:6c: 96:2e:51:df:09:c8:49:3f:b1:10:84:c7:54:d2:33:7d:c3:69: 4f:78:a8:a7:6a:56:18:ca:fe:c3:6a:aa:2e:75:13:61:53:5a: e9:21:24:64:c7:db:17:9f:3e:86:00:36:70:f3:bb:24:44:5d: 51:f2:60:ab:a9:90:97:24:27:a1:79:d8:9f:a1:b2:48:c6:5c: 8c:7f:f3:6a:94:c5:f3:a9:84:d3:25:21:c9:df:45:26:bf:34: 51:08:1b:74:e4:93:9e:e1:1a:c7:1b:b2:f2:aa:40:df:39:3c: 63:de:ba:66:48:05:b8:da:86:71:be:ef:ef:9f:a5:84:f6:c0: 6b:15:d1:0b:f0:3c:bc:7f:8f:f4:7d:5e:ce:b8:2f:08:e0:dd: 26:ec:07:31:96:5b:c9:22:5c:bc:4c:29:15:2a:06:1e:aa:53: 4c:4f:f3:6e:7f:49:f6:fb:68:97:ef:1b:23:c3:bd:60:2a:34: 77:de:d4:fd:80:98:02:ce:4c:d5:67:1b:5a:f3:47:67:dc:64: 86:7b:a2:04:aa:69:e6:03:41:53:25:ae:13:91:c3:d1:ee:c9: 6e:fe:71:ab -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzMxQjcxMTAvBgNVBAUTKEE4MUQxNTVDQTQwNEFFNDE0NTc4MUFGMDVFQjUzQTEy MTlFMkUwNjUwHhcNMjUwODAxMDcxMjAxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhjNjhjMS01MjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArMyJjekiPT3vD6LztSp91UQkYphwtO/OVha8Hn1BVHDtzzcqeVUTezY4inr6 ubH2y9quqgNFhmnaOfF2yQSkAmii0TBleD5VPd51g6V3RuaRMmEciNp2E4tre3L1 bRjszaXGZj80/LUh8xEZUn35/bfQbNaTHA0fRNxVSSKigDBrIOvupgkwuicM4U5F 0gxuGjPnog/qAW64GZAL3bNZ2zD86TYF9jt5uV71Vuj6030+P2rr9afF1nnWN09H 2X/xBVwbVjUjtVzv1ZIXMguFFf0zXRABbbi1e8Ii0Z6J7kt+4YkUtq9r5OxWm4Br bDyX2RE781sQLgRHsW2Qjb2cuwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFOxypV5R YcM5JROy3qBJksvQx14yMB8GA1UdIwQYMBaAFKgdFVykBK5BRXga8F61OhIZ4uBl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzFCNy9GQ0MzMzRDQzFF NkIxMUVGQUMwRTkxNEVDNEY5QUUwMi9xQjBWWEtRRXJrRkZlQnJ3WHJVNkVobmk0 R1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FCMFZYS1FFcmtGRmVCcndYclU2RWhuaTRHVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzMxQjcvRkNDMzM0Q0MxRTZCMTFFRkFDMEU5MTRFQzRGOUFFMDIvNDJDNkY2MDQx RTZGMTFFRjg5OEMxRTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ3z28AwDQYJKoZIhvcNAQELBQADggEBAG5PIIx4/Jti YRuXDyCfKBIxjUTD+Eyy8MwD/FX48eAYg3X1bJYuUd8JyEk/sRCEx1TSM33DaU94 qKdqVhjK/sNqqi51E2FTWukhJGTH2xefPoYANnDzuyREXVHyYKupkJckJ6F52J+h skjGXIx/82qUxfOphNMlIcnfRSa/NFEIG3Tkk57hGscbsvKqQN85PGPeumZIBbja hnG+7++fpYT2wGsV0QvwPLx/j/R9Xs64Lwjg3SbsBzGWW8kiXLxMKRUqBh6qU0xP 825/Sfb7aJfvGyPDvWAqNHfe1P2AmALOTNVnG1rzR2fcZIZ7ogSqaeYDQVMlrhOR w9HuyW7+cas= -----END CERTIFICATE-----Generated at Sun Aug 10 13:52:19 2025 by rpki-client