$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFD5A/2375B306B94511EEBB818834C4F9AE02/D60B1BCCB9AF11EE97EEDB49C4F9AE02.roa File: D60B1BCCB9AF11EE97EEDB49C4F9AE02.roa (raw, json) Hash identifier: wK1+Edckckm18V5hHREZQkXgnFJR1vbGMuvkctbUg7c= Subject key identifier: FC:99:25:BF:91:27:F0:10:B5:63:DB:9A:B0:8C:16:39:09:F9:1E:19 Certificate issuer: /CN=A91CFD5A/serialNumber=4A8A395E556CC7F19AAE6AB06AFF067944956B46 Certificate serial: 0199 Authority key identifier: 4A:8A:39:5E:55:6C:C7:F1:9A:AE:6A:B0:6A:FF:06:79:44:95:6B:46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Soo5XlVsx_Garmqwav8GeUSVa0Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFD5A/2375B306B94511EEBB818834C4F9AE02/D60B1BCCB9AF11EE97EEDB49C4F9AE02.roa Signing time: Mon 02 Mar 2026 12:45:09 +0000 ROA not before: Thu 19 Feb 2026 03:24:04 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 152342 IP address blocks: 2001:df3:6540::/48 maxlen: 48 2001:df3:6540::/49 maxlen: 49 2001:df3:6540:8000::/49 maxlen: 49 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFD5A/2375B306B94511EEBB818834C4F9AE02/Soo5XlVsx_Garmqwav8GeUSVa0Y.crl rsync://rpki.apnic.net/member_repository/A91CFD5A/2375B306B94511EEBB818834C4F9AE02/Soo5XlVsx_Garmqwav8GeUSVa0Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Soo5XlVsx_Garmqwav8GeUSVa0Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 12:45:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 409 (0x199) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFD5A, serialNumber=4A8A395E556CC7F19AAE6AB06AFF067944956B46 Validity Not Before: Feb 19 03:24:04 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69a58655-c27b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:61:83:5e:cf:d0:c6:8c:36:35:13:d3:a4:f5: 75:c0:c8:62:bf:7e:8c:57:f8:5e:31:4f:b9:80:3d: f6:36:61:65:6d:41:4e:b4:23:37:b7:5a:8c:24:9d: ac:10:8e:93:b6:cc:10:bc:ae:53:7e:a6:63:1c:41: 53:63:40:9c:3b:b5:64:53:12:5e:a6:69:9b:3d:a8: f9:e6:e6:a0:cd:c5:da:b2:fb:ee:82:ec:1e:ba:60: f7:c4:61:67:32:ed:df:3f:9f:34:61:08:62:4e:76: 4b:70:ef:7b:b0:3b:48:45:75:a1:b4:b3:e0:da:df: b5:bc:bb:73:19:41:2f:d3:91:f6:28:c3:38:35:eb: fa:64:c8:07:0e:8a:8e:66:d5:b9:6c:44:ce:3a:b2: eb:57:6a:5b:0d:3e:d7:f4:11:2e:c3:eb:71:5d:3b: 7a:95:2b:f9:04:e9:6c:22:21:22:98:56:4a:d4:1b: 03:99:c1:fd:d1:2d:66:e0:f5:ec:ab:ce:cb:e1:32: de:4b:15:a2:cf:46:e4:d5:3a:18:d4:69:3f:16:2b: ca:39:d7:3d:10:15:4e:00:70:8a:4d:67:ce:17:d1: 05:4d:27:e4:fb:5b:ae:d3:61:56:82:e8:95:2c:95: a1:bd:b3:fa:80:9a:06:11:39:55:da:f5:4c:02:14: 67:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:99:25:BF:91:27:F0:10:B5:63:DB:9A:B0:8C:16:39:09:F9:1E:19 X509v3 Authority Key Identifier: keyid:4A:8A:39:5E:55:6C:C7:F1:9A:AE:6A:B0:6A:FF:06:79:44:95:6B:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFD5A/2375B306B94511EEBB818834C4F9AE02/Soo5XlVsx_Garmqwav8GeUSVa0Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Soo5XlVsx_Garmqwav8GeUSVa0Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFD5A/2375B306B94511EEBB818834C4F9AE02/D60B1BCCB9AF11EE97EEDB49C4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2001:df3:6540::/48 Signature Algorithm: sha256WithRSAEncryption 74:e9:6a:5d:4c:df:84:12:d8:9d:3c:03:cb:b5:67:9d:01:75: 76:05:7a:b5:1f:39:ad:86:18:92:27:12:96:88:0e:cf:a6:45: 76:14:3f:55:aa:0f:7d:f9:72:54:93:5b:21:b5:54:23:84:c8: 32:ac:38:db:0b:ba:c5:0a:e8:1e:6b:4b:d8:1d:95:c4:f3:fc: f0:06:73:6c:2b:ef:df:88:af:51:92:30:9f:6f:c4:62:c4:45: cb:87:4a:75:81:90:82:36:38:5a:5c:42:d8:06:aa:a3:98:9c: e9:4a:6d:a2:b6:cd:10:1e:ff:53:70:b3:20:7a:53:42:8a:64: 69:5e:8f:cf:d5:88:77:4d:68:5c:af:6a:34:02:de:bc:ed:9e: 68:cb:ba:17:04:8e:63:9c:93:c3:3c:86:c8:f3:b1:33:ba:f6: bb:df:42:51:0f:2d:c5:14:45:ad:6a:6b:8e:42:10:e8:0c:1c: 07:35:b9:08:09:3b:33:7d:ea:0e:cf:7a:70:8e:b7:44:fe:42: 5f:9c:67:60:d7:b8:1f:a6:81:5d:3d:16:1c:74:96:ce:d7:45: 7b:c4:5e:08:98:7c:39:e8:7d:99:ee:44:ad:cd:3c:81:72:33: 0a:29:60:ba:9a:9b:55:3e:3b:c9:e0:b8:79:da:15:3f:5b:88: 81:77:b9:c5 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZENUExMTAvBgNVBAUTKDRBOEEzOTVFNTU2Q0M3RjE5QUFFNkFCMDZBRkYwNjc5 NDQ5NTZCNDYwHhcNMjYwMjE5MDMyNDA0WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1ODY1NS1jMjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvGGDXs/Qxow2NRPTpPV1wMhiv36MV/heMU+5gD32NmFlbUFOtCM3t1qMJJ2s EI6TtswQvK5TfqZjHEFTY0CcO7VkUxJepmmbPaj55uagzcXasvvuguweumD3xGFn Mu3fP580YQhiTnZLcO97sDtIRXWhtLPg2t+1vLtzGUEv05H2KMM4Nev6ZMgHDoqO ZtW5bETOOrLrV2pbDT7X9BEuw+txXTt6lSv5BOlsIiEimFZK1BsDmcH90S1m4PXs q87L4TLeSxWiz0bk1ToY1Gk/FivKOdc9EBVOAHCKTWfOF9EFTSfk+1uu02FWguiV LJWhvbP6gJoGETlV2vVMAhRnuwIDAQABo4ICYzCCAl8wHQYDVR0OBBYEFPyZJb+R J/AQtWPbmrCMFjkJ+R4ZMB8GA1UdIwQYMBaAFEqKOV5VbMfxmq5qsGr/BnlElWtG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkQ1QS8yMzc1QjMwNkI5 NDUxMUVFQkI4MTg4MzRDNEY5QUUwMi9Tb281WGxWc3hfR2FybXF3YXY4R2VVU1Zh MFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NvbzVYbFZzeF9HYXJtcXdhdjhHZVVTVmEwWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZENUEvMjM3NUIzMDZCOTQ1MTFFRUJCODE4ODM0QzRGOUFFMDIvRDYwQjFCQ0NC OUFGMTFFRTk3RUVEQjQ5QzRGOUFFMDIucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAIAEN82VAMA0GCSqGSIb3DQEBCwUAA4IBAQB06WpdTN+EEtidPAPL tWedAXV2BXq1HzmthhiSJxKWiA7PpkV2FD9Vqg99+XJUk1shtVQjhMgyrDjbC7rF Cugea0vYHZXE8/zwBnNsK+/fiK9RkjCfb8RixEXLh0p1gZCCNjhaXELYBqqjmJzp Sm2its0QHv9TcLMgelNCimRpXo/P1Yh3TWhcr2o0At687Z5oy7oXBI5jnJPDPIbI 87Ezuva730JRDy3FFEWtamuOQhDoDBwHNbkICTszfeoOz3pwjrdE/kJfnGdg17gf poFdPRYcdJbO10V7xF4ImHw56H2Z7kStzTyBcjMKKWC6mptVPjvJ4Lh52hU/W4iB d7nF -----END CERTIFICATE-----Generated at Mon Mar 2 15:50:23 2026 by rpki-client