$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/A13BE9EE8EE911EE8698A64FC4F9AE02.roa File: A13BE9EE8EE911EE8698A64FC4F9AE02.roa (raw, json) Hash identifier: OB+tYh+ezOhErKjf4UNGv3Lw8UDs7ihuZFiU7SbyVcg= Subject key identifier: 66:68:C9:3D:7D:9C:2A:7C:3B:EF:89:7B:82:05:88:69:F2:4D:75:A3 Certificate issuer: /CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4 Certificate serial: 021C Authority key identifier: B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/A13BE9EE8EE911EE8698A64FC4F9AE02.roa Signing time: Thu 31 Jul 2025 04:10:53 +0000 ROA not before: Thu 31 Jul 2025 04:10:53 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 61112 IP address blocks: 2401:b60:5::/48 maxlen: 48 2401:b60:7::/48 maxlen: 48 2401:b60:2a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 03:56:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 540 (0x21c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE03B, serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4 Validity Not Before: Jul 31 04:10:53 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688aeccc-3d78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c8:87:e6:4f:54:68:03:1f:2b:6f:8e:e8:77: e3:af:63:96:3e:17:50:de:d2:6b:b8:4d:ee:17:58: 6d:9b:dd:3b:96:8c:b9:ec:b7:46:3e:86:56:4f:d5: e3:f7:29:20:da:5d:4b:1e:0f:a4:7b:2c:7b:c6:5b: 2d:50:7d:0f:e8:96:cd:9e:2a:6f:c9:2a:81:6e:68: 25:97:b7:95:27:55:e3:29:d1:a6:5b:b7:ea:e9:66: f8:85:a6:46:9e:b3:1d:51:cb:a5:e5:a2:03:3f:4a: 0e:0c:0c:f4:56:21:d3:69:dd:30:54:41:2f:3e:9b: c7:5a:fb:01:5b:8b:e7:4d:63:4c:3a:d1:56:11:ea: 1e:ca:84:e3:14:d2:c8:95:f1:9f:ec:a9:91:07:21: 3c:1c:68:58:af:b5:ec:0c:0c:38:a2:4d:e1:1f:32: 36:15:03:a8:53:4b:4f:66:bd:67:87:fe:3e:a9:9f: 21:08:49:22:fc:92:80:19:04:2e:9b:06:af:7a:98: 54:a0:79:44:27:d3:47:f7:9a:3d:92:9e:55:7f:13: 0d:f8:29:23:2a:f3:61:4b:0f:c8:74:f2:00:43:b2: 9d:ab:c8:fc:46:df:0b:6a:a6:56:49:ff:0c:47:83: 9f:7e:c9:5a:5e:08:ef:47:fd:66:61:c8:9f:7d:e3: 67:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:68:C9:3D:7D:9C:2A:7C:3B:EF:89:7B:82:05:88:69:F2:4D:75:A3 X509v3 Authority Key Identifier: keyid:B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/A13BE9EE8EE911EE8698A64FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:b60:5::/48 2401:b60:7::/48 2401:b60:2a::/48 Signature Algorithm: sha256WithRSAEncryption 9f:24:53:97:22:19:dd:b5:34:6a:41:07:06:57:88:01:9e:f6: 5e:cc:d5:ea:91:61:85:31:2a:3d:96:64:a3:b4:8b:a0:66:8e: c6:e6:1b:51:af:fe:f6:18:37:e5:47:1b:70:c1:55:58:95:8f: ea:dd:20:f6:4c:49:04:3f:50:e9:a8:fe:a6:97:37:44:b1:09: 0b:a5:56:d6:9f:4d:e2:02:17:ee:b3:0a:89:3f:52:b8:72:27: 28:02:4a:c4:94:b2:74:b4:26:1e:0d:6f:f7:df:f4:12:ae:05: cc:bf:83:6a:77:92:41:70:02:23:f6:23:ce:90:ff:ad:b5:3f: f7:4d:cd:96:42:1d:8f:23:23:96:e2:ba:71:6d:eb:f9:3d:d0: 1b:d5:71:2c:aa:44:e1:d0:41:e5:e5:2a:f0:7b:ed:0e:ce:ec: 1a:47:b6:78:e7:5f:1d:ef:97:6d:86:de:e7:de:54:02:e6:65: 64:d7:41:9f:0f:73:e0:0d:ad:2d:5b:74:34:92:39:06:ec:da: 2a:55:42:52:67:85:d8:36:96:19:da:bc:fd:91:48:ec:18:77: 9b:32:7a:a2:6b:2a:d0:e9:71:62:f9:31:ca:3e:e7:0d:98:89: 55:63:e3:a5:19:e3:c2:6c:6d:e5:b7:36:21:4c:74:e7:85:8b: 73:fe:1f:6c -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICAhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUUwM0IxMTAvBgNVBAUTKEI5RTYwQ0YxNzlGNEVBQ0JEQjk0OTJCQTVGN0NBQ0Y0 NTIzOUNDRjQwHhcNMjUwNzMxMDQxMDUzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhhZWNjYy0zZDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1MiH5k9UaAMfK2+O6Hfjr2OWPhdQ3tJruE3uF1htm907loy57LdGPoZWT9Xj 9ykg2l1LHg+keyx7xlstUH0P6JbNnipvySqBbmgll7eVJ1XjKdGmW7fq6Wb4haZG nrMdUcul5aIDP0oODAz0ViHTad0wVEEvPpvHWvsBW4vnTWNMOtFWEeoeyoTjFNLI lfGf7KmRByE8HGhYr7XsDAw4ok3hHzI2FQOoU0tPZr1nh/4+qZ8hCEki/JKAGQQu mwavephUoHlEJ9NH95o9kp5VfxMN+CkjKvNhSw/IdPIAQ7Kdq8j8Rt8LaqZWSf8M R4OffslaXgjvR/1mYciffeNnCQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGZoyT19 nCp8O++Je4IFiGnyTXWjMB8GA1UdIwQYMBaAFLnmDPF59OrL25SSul98rPRSOcz0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTAzQi9BRjk2NzE2NjBC NkUxMUVFQjI5QkIxNzBDNEY5QUUwMi91ZVlNOFhuMDZzdmJsSks2WDN5czlGSTV6 UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VlWU04WG4wNnN2YmxKSzZYM3lzOUZJNXpQUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUUwM0IvQUY5NjcxNjYwQjZFMTFFRUIyOUJCMTcwQzRGOUFFMDIvQTEzQkU5RUU4 RUU5MTFFRTg2OThBNjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMCEEAgACMBsDBwAkAQtgAAUDBwAkAQtgAAcDBwAkAQtgACowDQYJKoZIhvcN AQELBQADggEBAJ8kU5ciGd21NGpBBwZXiAGe9l7M1eqRYYUxKj2WZKO0i6Bmjsbm G1Gv/vYYN+VHG3DBVViVj+rdIPZMSQQ/UOmo/qaXN0SxCQulVtafTeICF+6zCok/ UrhyJygCSsSUsnS0Jh4Nb/ff9BKuBcy/g2p3kkFwAiP2I86Q/621P/dNzZZCHY8j I5biunFt6/k90BvVcSyqROHQQeXlKvB77Q7O7BpHtnjnXx3vl22G3ufeVALmZWTX QZ8Pc+ANrS1bdDSSOQbs2ipVQlJnhdg2lhnavP2RSOwYd5syeqJrKtDpcWL5Mco+ 5w2YiVVj46UZ48JsbeW3NiFMdOeFi3P+H2w= -----END CERTIFICATE-----Generated at Sat Aug 9 02:58:52 2025 by rpki-client