$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/2FD7D72EBB7E11E9AFB49C42C4F9AE02.roa File: 2FD7D72EBB7E11E9AFB49C42C4F9AE02.roa (raw, json) Hash identifier: pC+fVhWZhAlHI54GzrYegWShgGirXMUII/btkAhefI4= Subject key identifier: 13:4E:A2:A7:20:59:F0:2B:56:04:65:38:B7:A0:16:D2:3B:E4:61:CD Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F Certificate serial: 362C Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/2FD7D72EBB7E11E9AFB49C42C4F9AE02.roa Signing time: Tue 02 Sep 2025 15:01:25 +0000 ROA not before: Tue 02 Sep 2025 15:01:25 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 23033 IP address blocks: 2403:cc00:1000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:52:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13868 (0x362c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8C90, serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F Validity Not Before: Sep 2 15:01:25 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b706c4-6606 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:51:b5:85:d4:dd:2b:ad:17:08:0d:9a:0c:fe: 52:66:d8:de:a4:81:0a:e2:ee:dc:43:ed:1f:5b:d8: 13:c7:e3:e7:bc:18:27:7e:30:eb:a0:00:f1:51:a8: 54:68:93:4d:a8:33:35:ca:78:09:78:26:84:f4:67: 1e:e0:c4:a9:43:0a:05:ce:f1:cd:7b:05:7d:c1:35: 07:9d:52:28:ad:71:5f:59:13:37:92:3f:8c:27:99: 78:f1:38:70:f9:5c:9d:b5:e9:98:d8:30:43:16:d7: b9:36:dd:11:78:b6:b8:7b:d9:29:b6:24:05:4d:d8: 82:0b:05:9c:fd:06:6d:4c:55:39:93:6a:da:61:0c: 94:6c:e7:4b:9d:a7:55:64:a4:23:07:cd:00:73:54: 4b:b8:ad:00:d1:a4:a0:99:65:b2:0b:1f:e4:e3:e8: b6:a4:ea:fc:e2:33:f9:0b:ab:f8:34:b9:28:49:b6: 7e:30:9b:b4:6a:b8:7b:90:c7:5f:05:c2:2b:d2:5c: eb:82:ec:91:1e:d4:04:db:98:8f:a2:9a:fb:4e:78: 1a:e1:4b:d6:19:f3:a7:68:11:7d:99:5e:fa:db:5e: bc:e2:c0:c3:d3:0d:61:9b:03:dc:4e:9d:4e:b7:a5: b7:bb:9c:c4:4c:1e:62:03:1e:0a:a7:ac:fc:82:94: 5b:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:4E:A2:A7:20:59:F0:2B:56:04:65:38:B7:A0:16:D2:3B:E4:61:CD X509v3 Authority Key Identifier: keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/2FD7D72EBB7E11E9AFB49C42C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2403:cc00:1000::/36 Signature Algorithm: sha256WithRSAEncryption 6a:b6:43:f0:a7:4e:32:60:85:21:bf:d0:57:ec:95:2a:55:6d: 2c:a2:52:35:f2:db:be:0e:a1:2c:8c:b3:45:10:a6:ff:36:86: 2b:24:54:54:bb:b6:cb:5a:25:73:0a:ab:4d:03:3e:03:a2:49: 02:a6:99:90:ef:bb:a8:20:de:a9:4f:de:f6:0b:35:89:97:68: 5f:6a:8c:10:b2:9d:80:5f:6e:bc:ee:b3:99:0f:ef:96:f4:48: 62:cf:a0:16:5a:51:17:52:8a:22:94:10:5a:29:96:fa:fc:27: 2f:b0:b2:16:f9:5a:9a:56:ff:9b:c6:a4:92:d1:d5:9a:ef:2d: 76:ab:76:9d:b7:87:c9:bd:68:48:c8:37:c3:60:25:2e:87:7b: cb:99:21:49:9d:5a:04:3b:92:c4:63:a3:55:e7:01:3c:00:3b: bd:63:70:ee:76:b5:cc:7e:29:7e:38:11:b0:2c:24:ce:16:c0: 66:49:d2:97:a6:8a:4c:6a:51:9c:d1:93:6e:5e:ea:17:ae:55: 05:c7:03:6b:91:4e:51:13:36:65:19:61:9c:55:21:a9:ca:68: 7f:47:73:23:89:24:2c:45:13:9f:c9:f2:2e:76:9c:45:77:d1: 5b:d4:51:2f:25:d2:93:3c:a0:80:d4:cb:c0:0a:58:95:31:76: 54:a2:f6:f3 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgICNiwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0 OTExRjFGNEYwHhcNMjUwOTAyMTUwMTI1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3MDZjNC02NjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtVG1hdTdK60XCA2aDP5SZtjepIEK4u7cQ+0fW9gTx+PnvBgnfjDroADxUahU aJNNqDM1yngJeCaE9Gce4MSpQwoFzvHNewV9wTUHnVIorXFfWRM3kj+MJ5l48Thw +VydtemY2DBDFte5Nt0ReLa4e9kptiQFTdiCCwWc/QZtTFU5k2raYQyUbOdLnadV ZKQjB80Ac1RLuK0A0aSgmWWyCx/k4+i2pOr84jP5C6v4NLkoSbZ+MJu0arh7kMdf BcIr0lzrguyRHtQE25iPopr7Tnga4UvWGfOnaBF9mV7621684sDD0w1hmwPcTp1O t6W3u5zETB5iAx4Kp6z8gpRbewIDAQABo4IClzCCApMwHQYDVR0OBBYEFBNOoqcg WfArVgRlOLegFtI75GHNMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvMkZEN0Q3MkVC QjdFMTFFOUFGQjQ5QzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E EjAQMA4EAgACMAgDBgQkA8wAEDANBgkqhkiG9w0BAQsFAAOCAQEAarZD8KdOMmCF Ib/QV+yVKlVtLKJSNfLbvg6hLIyzRRCm/zaGKyRUVLu2y1olcwqrTQM+A6JJAqaZ kO+7qCDeqU/e9gs1iZdoX2qMELKdgF9uvO6zmQ/vlvRIYs+gFlpRF1KKIpQQWimW +vwnL7CyFvlamlb/m8akktHVmu8tdqt2nbeHyb1oSMg3w2AlLod7y5khSZ1aBDuS xGOjVecBPAA7vWNw7na1zH4pfjgRsCwkzhbAZknSl6aKTGpRnNGTbl7qF65VBccD a5FOURM2ZRlhnFUhqcpof0dzI4kkLEUTn8nyLnacRXfRW9RRLyXSkzyggNTLwApY lTF2VKL28w== -----END CERTIFICATE-----Generated at Wed Nov 5 11:54:49 2025 by rpki-client