$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa File: DCE70C6EF9B911ED8314C10EC4F9AE02.roa (raw, json) Hash identifier: DuvU4zgJuSyZmS+94q7zkDkmRIKeEBw97mB/xbOT1lc= Subject key identifier: 66:B5:26:3F:B9:9D:9F:A5:8F:0C:17:C8:0A:CC:EE:09:D8:1E:3F:96 Certificate issuer: /CN=A91EB4AF/serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Certificate serial: 03B0 Authority key identifier: A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa Signing time: Sun 01 Mar 2026 12:53:35 +0000 ROA not before: Mon 18 Aug 2025 06:50:58 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 3573 IP address blocks: 2404:3d00:41a8::/47 maxlen: 47 2404:3d00:41c2::/47 maxlen: 47 2404:3d00:41c2::/48 maxlen: 48 2404:3d00:41c3::/48 maxlen: 48 2404:3d00:41dc::/47 maxlen: 47 2404:3d00:41dc::/48 maxlen: 48 2404:3d00:41dd::/48 maxlen: 48 2404:3d00:41e4::/47 maxlen: 47 2404:3d00:41e4::/48 maxlen: 48 2404:3d00:41e5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:34:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 944 (0x3b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB4AF, serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Validity Not Before: Aug 18 06:50:58 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a436cf-9bee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:95:1d:1b:8e:b2:16:af:0a:d6:42:8f:6e:40: 1b:50:71:7e:87:56:ea:2b:dd:3e:1f:17:b4:09:63: 94:51:cf:2a:42:f6:65:96:7d:3d:17:f0:18:68:c2: 5a:36:79:8e:8d:15:7b:7a:88:b6:87:aa:d8:10:8e: cc:a8:f3:a0:4c:3c:ec:d8:05:cd:d4:09:c3:62:2c: a9:47:fa:2b:a6:19:bb:a5:73:7d:8d:43:56:4d:bc: 22:dc:f7:f6:04:6d:ca:d1:96:5e:fc:8b:e3:25:26: c5:a9:84:48:48:bb:77:a9:b1:c2:87:d0:a1:08:4a: 1d:83:9a:2d:9f:21:8f:4a:cc:b2:ad:89:ad:39:00: ba:bf:31:e7:5e:54:c4:5c:66:2f:8a:87:c4:be:63: 3e:96:25:e0:bc:2d:41:6e:da:9b:60:d2:e8:da:c0: 93:9a:6a:47:08:79:d1:82:a0:f0:6b:dd:02:1f:0d: a4:18:dc:18:63:39:a0:58:0e:de:e4:a3:5f:d3:5b: b5:c4:1a:24:a4:0d:79:5e:ce:7e:16:5b:0f:96:33: 91:88:23:ce:69:fd:01:f2:02:c4:d9:02:e0:77:7a: fa:89:19:d2:be:05:52:69:89:fe:b0:7c:8f:ea:5b: 02:6b:70:c6:26:91:88:11:5a:bb:1c:64:44:7e:93: 80:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:B5:26:3F:B9:9D:9F:A5:8F:0C:17:C8:0A:CC:EE:09:D8:1E:3F:96 X509v3 Authority Key Identifier: keyid:A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2404:3d00:41a8::/47 2404:3d00:41c2::/47 2404:3d00:41dc::/47 2404:3d00:41e4::/47 Signature Algorithm: sha256WithRSAEncryption 8e:19:4b:99:6d:a6:82:13:d6:a7:7e:0e:19:c2:eb:f4:7f:e9: 04:66:b9:7e:54:b1:e0:4b:ee:3d:3f:a1:77:f7:27:9f:f6:1e: 99:00:ab:cb:59:ec:2e:40:e0:2f:60:70:14:ad:b6:13:29:9e: de:ae:e0:d1:80:0c:08:43:e4:70:05:7c:38:8b:99:6f:c4:c9: 81:4d:b2:20:7a:4b:dc:c0:8c:7d:e9:f2:4a:b5:5f:ec:98:b8: 77:de:e4:19:86:80:89:8c:01:5a:cd:fb:ac:93:de:86:84:08: 55:69:61:28:2d:8d:8c:8d:7c:30:46:61:29:e0:20:db:32:cd: f2:5b:2e:8c:8e:c0:7a:e2:f6:11:88:7e:9a:f0:c6:8a:6b:21: 22:48:c2:9b:75:45:af:c4:21:56:33:18:1c:48:b0:c1:59:1a: c1:52:33:f1:92:a1:53:e7:49:3a:ec:e6:c6:77:81:71:7e:2f: 09:6d:83:53:23:c5:bc:dd:7a:d6:6a:7e:f7:68:c3:a1:4b:7c: 11:ca:e4:5f:0b:37:3a:f2:7d:5e:3c:c4:77:63:9f:e0:6d:6e: 48:99:e0:b5:fa:d5:45:c1:dc:ed:17:8c:4d:c1:1c:e9:aa:50: cb:28:9c:ce:7a:77:29:0e:f3:be:a7:94:5b:84:3a:68:8e:84: 55:8b:62:55 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgICA7AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI0QUYxMTAvBgNVBAUTKEE5N0VBQTRENkYxNTVCOEQyN0M0MEFFOEUzMjdEOUJB NTJDMzRCNDIwHhcNMjUwODE4MDY1MDU4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MzZjZi05YmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqJUdG46yFq8K1kKPbkAbUHF+h1bqK90+Hxe0CWOUUc8qQvZlln09F/AYaMJa NnmOjRV7eoi2h6rYEI7MqPOgTDzs2AXN1AnDYiypR/orphm7pXN9jUNWTbwi3Pf2 BG3K0ZZe/IvjJSbFqYRISLt3qbHCh9ChCEodg5otnyGPSsyyrYmtOQC6vzHnXlTE XGYviofEvmM+liXgvC1BbtqbYNLo2sCTmmpHCHnRgqDwa90CHw2kGNwYYzmgWA7e 5KNf01u1xBokpA15Xs5+FlsPljORiCPOaf0B8gLE2QLgd3r6iRnSvgVSaYn+sHyP 6lsCa3DGJpGIEVq7HGREfpOA0wIDAQABo4ICfjCCAnowHQYDVR0OBBYEFGa1Jj+5 nZ+ljwwXyArM7gnYHj+WMB8GA1UdIwQYMBaAFKl+qk1vFVuNJ8QK6OMn2bpSw0tC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjRBRi9DQzdCMjU1QURD QTkxMUVDOTRFM0UwMjlDNEY5QUUwMi9xWDZxVFc4Vlc0MG54QXJvNHlmWnVsTERT MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYNnFUVzhWVzQwbnhBcm80eWZadWxMRFMwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI0QUYvQ0M3QjI1NUFEQ0E5MTFFQzk0RTNFMDI5QzRGOUFFMDIvRENFNzBDNkVG OUI5MTFFRDgzMTRDMTBFQzRGOUFFMDIucm9hMD0GCCsGAQUFBwEHAQH/BC4wLDAq BAIAAjAkAwcBJAQ9AEGoAwcBJAQ9AEHCAwcBJAQ9AEHcAwcBJAQ9AEHkMA0GCSqG SIb3DQEBCwUAA4IBAQCOGUuZbaaCE9anfg4Zwuv0f+kEZrl+VLHgS+49P6F39yef 9h6ZAKvLWewuQOAvYHAUrbYTKZ7eruDRgAwIQ+RwBXw4i5lvxMmBTbIgekvcwIx9 6fJKtV/smLh33uQZhoCJjAFazfusk96GhAhVaWEoLY2MjXwwRmEp4CDbMs3yWy6M jsB64vYRiH6a8MaKayEiSMKbdUWvxCFWMxgcSLDBWRrBUjPxkqFT50k67ObGd4Fx fi8JbYNTI8W83XrWan73aMOhS3wRyuRfCzc68n1ePMR3Y5/gbW5ImeC1+tVFwdzt F4xNwRzpqlDLKJzOencpDvO+p5RbhDpojoRVi2JV -----END CERTIFICATE-----Generated at Mon Mar 2 04:39:03 2026 by rpki-client