$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa File: D0CDFEEA406E11EFA085272AC4F9AE02.roa (raw, json) Hash identifier: w/ol36A2Z1ijZJcK0F3MTKZZDizigtECN0FCYmTu3ig= Subject key identifier: 1C:3C:7A:40:B6:B0:95:05:BC:7A:2B:D5:CA:72:C4:FA:84:97:4C:69 Certificate issuer: /CN=A91F9E0A/serialNumber=3D5946003EEE548AD95D796CB188B751C57CDAC8 Certificate serial: CF Authority key identifier: 3D:59:46:00:3E:EE:54:8A:D9:5D:79:6C:B1:88:B7:51:C5:7C:DA:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa Signing time: Thu 31 Jul 2025 06:43:07 +0000 ROA not before: Thu 31 Jul 2025 06:43:07 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 152900 IP address blocks: 2401:a4a0:1::/48 maxlen: 48 2401:a4a0:2::/48 maxlen: 48 2401:a4a0:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.crl rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 207 (0xcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9E0A, serialNumber=3D5946003EEE548AD95D796CB188B751C57CDAC8 Validity Not Before: Jul 31 06:43:07 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688b107b-4e28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:7a:6a:81:e9:54:eb:e2:10:88:ac:60:5e:01: ad:3e:d4:d3:c9:78:fd:25:16:67:56:a5:ef:f7:ed: 30:54:bb:28:c3:57:78:c3:a0:79:e4:b0:5b:f0:14: e7:df:ff:4e:8c:6a:0c:01:5d:f0:1e:3a:3a:81:24: 32:27:e1:be:70:2a:ab:d7:f4:9d:d9:c4:8d:3e:11: b3:c0:16:e4:c0:6b:ce:86:82:4a:fd:eb:ba:ff:08: f5:3e:50:27:c9:7d:22:07:15:5c:2f:1f:fb:d2:b6: cb:7e:cc:41:8e:32:5f:c4:d7:8a:d6:9e:de:0e:2e: 39:d1:43:d7:02:2d:6a:8a:d3:cc:54:48:b1:32:b3: 41:d7:d3:a4:c3:34:b8:dc:91:05:ce:09:be:36:fb: 48:10:9e:56:d6:b9:ad:8f:6f:9e:43:43:e5:18:0c: 93:4f:9e:f2:e4:21:70:38:13:de:34:15:13:ad:94: c9:5d:e7:58:92:b5:9a:40:7d:4b:80:34:9a:a6:ba: 5e:48:57:d5:8f:79:03:14:be:2a:29:9a:d3:cb:93: 82:d5:9e:70:89:5d:57:9a:c8:3f:18:52:c0:10:df: 07:47:c0:77:5f:4c:3d:63:d9:5b:c8:88:a2:32:6a: c6:d6:3a:70:07:79:00:78:f2:e9:a9:38:4a:1e:33: bd:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:3C:7A:40:B6:B0:95:05:BC:7A:2B:D5:CA:72:C4:FA:84:97:4C:69 X509v3 Authority Key Identifier: keyid:3D:59:46:00:3E:EE:54:8A:D9:5D:79:6C:B1:88:B7:51:C5:7C:DA:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:a4a0:1::-2401:a4a0:3:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 7f:9d:67:7e:40:42:2c:b2:07:3e:17:0e:c0:6c:4e:4e:0d:98: 5a:17:8a:77:ff:25:58:1c:b6:45:1f:20:da:21:a0:29:3c:7b: 31:33:b5:aa:f2:86:e2:d9:e3:61:14:03:39:e9:89:b5:1b:1c: 87:3e:84:8b:d0:00:47:59:1d:1f:2f:02:cf:cd:d6:c5:fa:22: 48:20:8a:94:6c:a5:45:9b:8e:18:9f:6b:61:6a:49:ca:67:43: 24:d6:99:96:36:84:81:c7:8c:bd:52:a3:ea:c0:39:61:1f:ba: f8:2c:58:57:40:5f:a1:5f:69:34:c8:e4:1a:71:8a:b8:9f:d4: 8c:5a:a8:23:08:46:33:8c:fb:64:c3:d6:8a:1e:f2:85:e4:69: f0:6f:6f:ff:ff:39:90:d7:23:99:39:dd:c7:30:ea:57:73:2b: ad:31:9e:2e:de:dd:23:5d:34:24:bd:b6:06:af:c9:fc:e9:e0: 4f:46:d7:53:2e:1b:6e:a2:67:b5:be:1d:7f:63:4e:a0:a2:15: e8:c4:97:04:40:35:b9:25:4d:99:ad:b1:c7:94:18:b9:8b:fd: a1:24:21:6e:6e:12:56:f1:38:fa:20:1e:59:f3:33:6d:4b:0b: fc:ad:50:c5:2e:b1:86:38:65:83:6d:b8:1d:54:dd:82:c6:9f: c1:94:84:6c -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjlFMEExMTAvBgNVBAUTKDNENTk0NjAwM0VFRTU0OEFEOTVENzk2Q0IxODhCNzUx QzU3Q0RBQzgwHhcNMjUwNzMxMDY0MzA3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhiMTA3Yi00ZTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3XpqgelU6+IQiKxgXgGtPtTTyXj9JRZnVqXv9+0wVLsow1d4w6B55LBb8BTn 3/9OjGoMAV3wHjo6gSQyJ+G+cCqr1/Sd2cSNPhGzwBbkwGvOhoJK/eu6/wj1PlAn yX0iBxVcLx/70rbLfsxBjjJfxNeK1p7eDi450UPXAi1qitPMVEixMrNB19OkwzS4 3JEFzgm+NvtIEJ5W1rmtj2+eQ0PlGAyTT57y5CFwOBPeNBUTrZTJXedYkrWaQH1L gDSaprpeSFfVj3kDFL4qKZrTy5OC1Z5wiV1Xmsg/GFLAEN8HR8B3X0w9Y9lbyIii MmrG1jpwB3kAePLpqThKHjO91QIDAQABo4ICozCCAp8wHQYDVR0OBBYEFBw8ekC2 sJUFvHor1cpyxPqEl0xpMB8GA1UdIwQYMBaAFD1ZRgA+7lSK2V15bLGIt1HFfNrI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOUUwQS8wQkQ5ODVFODNF NjkxMUVGQTJDRTY3NkFDNEY5QUUwMi9QVmxHQUQ3dVZJclpYWGxzc1lpM1VjVjgy c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BWbEdBRDd1VklyWlhYbHNzWWkzVWNWODJzZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjlFMEEvMEJEOTg1RTgzRTY5MTFFRkEyQ0U2NzZBQzRGOUFFMDIvRDBDREZFRUE0 MDZFMTFFRkEwODUyNzJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgACMBQwEgMHACQBpKAAAQMHAiQBpKAAADANBgkqhkiG9w0BAQsFAAOC AQEAf51nfkBCLLIHPhcOwGxOTg2YWheKd/8lWBy2RR8g2iGgKTx7MTO1qvKG4tnj YRQDOemJtRschz6Ei9AAR1kdHy8Cz83WxfoiSCCKlGylRZuOGJ9rYWpJymdDJNaZ ljaEgceMvVKj6sA5YR+6+CxYV0BfoV9pNMjkGnGKuJ/UjFqoIwhGM4z7ZMPWih7y heRp8G9v//85kNcjmTndxzDqV3MrrTGeLt7dI100JL22Bq/J/OngT0bXUy4bbqJn tb4df2NOoKIV6MSXBEA1uSVNma2xx5QYuYv9oSQhbm4SVvE4+iAeWfMzbUsL/K1Q xS6xhjhlg224HVTdgsafwZSEbA== -----END CERTIFICATE-----Generated at Sun Aug 10 21:07:50 2025 by rpki-client