$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/595774341B6211F0B9733473C4F9AE02.roa File: 595774341B6211F0B9733473C4F9AE02.roa (raw, json) Hash identifier: fCGAh+NV34Fm7tXluDoAMGdOhEPBkhmc1GlEXxTjAMA= Subject key identifier: F4:7D:15:F2:07:3D:AB:F7:D5:B4:0E:9E:79:79:2B:DE:4C:5F:80:CD Certificate issuer: /CN=A91EB4AF/serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Certificate serial: 03B1 Authority key identifier: A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/595774341B6211F0B9733473C4F9AE02.roa Signing time: Sun 01 Mar 2026 12:53:36 +0000 ROA not before: Tue 26 Aug 2025 08:49:55 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 21433 IP address blocks: 2404:3d00:41c4::/47 maxlen: 47 2404:3d00:41c4::/48 maxlen: 48 2404:3d00:41c5::/48 maxlen: 48 2404:3d00:41ce::/47 maxlen: 47 2404:3d00:41ce::/48 maxlen: 48 2404:3d00:41cf::/48 maxlen: 48 2404:3d00:41d0::/47 maxlen: 47 2404:3d00:41d0::/48 maxlen: 48 2404:3d00:41d1::/48 maxlen: 48 2404:3d00:41d2::/47 maxlen: 47 2404:3d00:41d4::/47 maxlen: 47 2404:3d00:41d6::/47 maxlen: 47 2404:3d00:41e2::/47 maxlen: 47 2404:3d00:41e2::/48 maxlen: 48 2404:3d00:41e3::/48 maxlen: 48 2404:3d00:41e6::/47 maxlen: 47 2404:3d00:41e6::/48 maxlen: 48 2404:3d00:41e7::/48 maxlen: 48 2404:3d00:41ee::/47 maxlen: 47 2404:3d00:41ee::/48 maxlen: 48 2404:3d00:41ef::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:34:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 945 (0x3b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB4AF, serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Validity Not Before: Aug 26 08:49:55 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a436d0-5d71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:0e:15:67:7f:85:91:64:36:79:1c:c7:df:0d: 71:d6:13:ca:9b:63:e5:4f:c5:48:57:ab:3b:9d:b0: ed:09:d7:19:2a:59:4f:73:d4:64:dd:b5:4b:63:bb: 56:54:05:2e:fb:58:7a:d9:f9:03:9c:d1:b4:2f:fc: db:75:b5:7c:bd:9a:31:24:63:a0:74:8a:dd:e4:cc: c6:02:7a:83:bb:1f:ed:0c:06:6f:de:2f:e6:65:af: 1c:e5:17:6f:31:88:94:7c:a3:b3:17:9d:40:79:01: c2:5f:c9:56:04:4f:1c:1f:84:5d:5b:7d:a3:9e:ac: f6:ec:4a:a5:68:13:78:98:c1:64:80:1a:7e:e1:0d: c6:fc:99:8c:0c:a7:10:9c:bb:70:bb:2d:d1:ec:ab: e2:af:f9:1a:73:93:71:7b:95:de:bf:39:fa:e5:a6: 45:81:89:c0:bc:fc:25:13:39:3c:b4:b5:d3:07:1f: c8:2c:14:e8:02:28:5f:0b:b6:a6:c2:b6:6a:b1:53: 9f:ef:de:75:b0:59:3b:7c:d7:33:5e:84:a7:a5:19: 7e:49:d0:69:af:fd:40:51:b3:54:ee:e6:02:16:e6: 25:e3:33:d5:b5:22:05:d0:ac:db:ca:07:ed:da:c3: b6:01:a4:2e:08:68:3f:c0:74:1d:5a:e1:1c:79:e8: bc:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:7D:15:F2:07:3D:AB:F7:D5:B4:0E:9E:79:79:2B:DE:4C:5F:80:CD X509v3 Authority Key Identifier: keyid:A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/595774341B6211F0B9733473C4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2404:3d00:41c4::/47 2404:3d00:41ce::-2404:3d00:41d7:ffff:ffff:ffff:ffff:ffff 2404:3d00:41e2::/47 2404:3d00:41e6::/47 2404:3d00:41ee::/47 Signature Algorithm: sha256WithRSAEncryption 7c:6d:29:ee:83:83:ba:cc:c4:74:24:2a:64:47:04:a9:a9:67: 1e:9f:e3:32:04:9c:7e:bc:1d:2d:dc:73:90:52:99:6a:1d:18: 9e:6e:fb:ce:3a:5f:4c:5e:19:31:20:fb:69:77:2c:9a:5f:22: 4b:69:c5:d5:a7:c1:1d:90:3a:3d:54:a1:23:59:23:f1:2f:22: 60:6a:ce:49:bc:28:b9:4b:9e:60:f8:1e:ba:78:f3:47:11:c5: ef:6c:9b:65:42:f3:73:a1:e3:15:75:45:7c:18:6f:4a:79:c8: 54:a9:48:1c:2a:92:f6:03:02:d8:1f:ff:1f:ea:e7:29:eb:65: 46:bc:00:cb:fa:b0:c4:fd:80:7f:b7:2b:b9:a9:2d:1c:15:26: 10:31:78:c3:a7:14:b8:7b:e6:54:c2:e1:84:72:34:c1:2e:3c: f0:21:d7:d4:38:55:eb:9c:2f:7e:74:55:3e:0e:0e:f5:3e:2a: 06:3f:10:3e:10:e9:b9:c0:cf:e7:a8:81:13:08:1a:c1:2a:6b: 52:89:b3:5c:67:98:11:d1:18:09:cf:e9:fb:fc:b7:60:ef:02: b4:54:e1:d2:f2:52:4b:b1:83:8a:62:6a:d2:b3:94:88:cd:4a: a8:34:26:7c:16:16:de:00:22:9b:2a:1c:f3:f8:47:12:56:66: 51:84:ad:d5 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgICA7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI0QUYxMTAvBgNVBAUTKEE5N0VBQTRENkYxNTVCOEQyN0M0MEFFOEUzMjdEOUJB NTJDMzRCNDIwHhcNMjUwODI2MDg0OTU1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MzZkMC01ZDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvw4VZ3+FkWQ2eRzH3w1x1hPKm2PlT8VIV6s7nbDtCdcZKllPc9Rk3bVLY7tW VAUu+1h62fkDnNG0L/zbdbV8vZoxJGOgdIrd5MzGAnqDux/tDAZv3i/mZa8c5Rdv MYiUfKOzF51AeQHCX8lWBE8cH4RdW32jnqz27EqlaBN4mMFkgBp+4Q3G/JmMDKcQ nLtwuy3R7Kvir/kac5Nxe5Xevzn65aZFgYnAvPwlEzk8tLXTBx/ILBToAihfC7am wrZqsVOf7951sFk7fNczXoSnpRl+SdBpr/1AUbNU7uYCFuYl4zPVtSIF0Kzbygft 2sO2AaQuCGg/wHQdWuEceei89wIDAQABo4ICkjCCAo4wHQYDVR0OBBYEFPR9FfIH Pav31bQOnnl5K95MX4DNMB8GA1UdIwQYMBaAFKl+qk1vFVuNJ8QK6OMn2bpSw0tC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjRBRi9DQzdCMjU1QURD QTkxMUVDOTRFM0UwMjlDNEY5QUUwMi9xWDZxVFc4Vlc0MG54QXJvNHlmWnVsTERT MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYNnFUVzhWVzQwbnhBcm80eWZadWxMRFMwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI0QUYvQ0M3QjI1NUFEQ0E5MTFFQzk0RTNFMDI5QzRGOUFFMDIvNTk1Nzc0MzQx QjYyMTFGMEI5NzMzNDczQzRGOUFFMDIucm9hMFEGCCsGAQUFBwEHAQH/BEIwQDA+ BAIAAjA4AwcBJAQ9AEHEMBIDBwEkBD0AQc4DBwMkBD0AQdADBwEkBD0AQeIDBwEk BD0AQeYDBwEkBD0AQe4wDQYJKoZIhvcNAQELBQADggEBAHxtKe6Dg7rMxHQkKmRH BKmpZx6f4zIEnH68HS3cc5BSmWodGJ5u+846X0xeGTEg+2l3LJpfIktpxdWnwR2Q Oj1UoSNZI/EvImBqzkm8KLlLnmD4Hrp480cRxe9sm2VC83Oh4xV1RXwYb0p5yFSp SBwqkvYDAtgf/x/q5ynrZUa8AMv6sMT9gH+3K7mpLRwVJhAxeMOnFLh75lTC4YRy NMEuPPAh19Q4VeucL350VT4ODvU+KgY/ED4Q6bnAz+eogRMIGsEqa1KJs1xnmBHR GAnP6fv8t2DvArRU4dLyUkuxg4piatKzlIjNSqg0JnwWFt4AIpsqHPP4RxJWZlGE rdU= -----END CERTIFICATE-----Generated at Mon Mar 2 08:12:48 2026 by rpki-client