$ rpki-client -vvf rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/624C3E865DB011F0875D570FC4F9AE02.roa File: 624C3E865DB011F0875D570FC4F9AE02.roa (raw, json) Hash identifier: JGVNpZteQ5T3+mgqyzy1RfZ+6XHn9hRsWK2EBifvsJ8= Subject key identifier: C9:CC:25:4F:97:FB:26:2A:60:4A:B8:89:19:8F:A9:AC:0A:36:44:C1 Certificate issuer: /CN=A91297A2/serialNumber=E3907B48E6987E2FDFCED01ED01D40B3F63DB118 Certificate serial: 014E Authority key identifier: E3:90:7B:48:E6:98:7E:2F:DF:CE:D0:1E:D0:1D:40:B3:F6:3D:B1:18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45B7SOaYfi_fztAe0B1As_Y9sRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/624C3E865DB011F0875D570FC4F9AE02.roa Signing time: Thu 10 Jul 2025 17:07:39 +0000 ROA not before: Thu 10 Jul 2025 17:07:39 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 151964 IP address blocks: 2001:df3:940::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.crl rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45B7SOaYfi_fztAe0B1As_Y9sRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:19:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 334 (0x14e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91297A2, serialNumber=E3907B48E6987E2FDFCED01ED01D40B3F63DB118 Validity Not Before: Jul 10 17:07:39 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=686ff35b-ae38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:3d:61:d9:e3:10:53:ed:58:70:0e:68:db:32: 24:89:3b:2e:78:0c:a1:1f:58:c9:6f:27:12:cb:21: da:50:bb:19:3b:6b:72:51:4d:4b:81:10:82:b9:65: 37:24:95:96:83:10:0d:e5:e1:68:82:66:4e:e1:8b: e8:75:00:14:21:21:5c:a9:98:bc:a6:68:02:b7:6d: e0:6d:79:a7:04:56:27:2e:00:a5:27:10:30:29:30: eb:af:dd:8f:f2:ce:f2:27:36:8e:79:54:b1:a0:6a: d2:81:93:9f:9e:b2:d2:74:e2:65:1f:5b:e9:75:e7: ab:1a:04:53:4e:ca:fc:cf:3a:9e:71:9e:69:31:0c: 83:07:10:02:b1:11:f4:f7:1a:df:8b:54:89:c7:1f: 1f:0e:38:8f:a9:31:f5:23:bd:e4:a0:65:77:77:41: 18:fd:30:e7:e0:16:61:03:15:c3:27:32:b7:15:2f: 48:b1:4d:ed:7b:dc:cb:cd:13:a3:a7:66:53:d4:b9: 99:07:7b:67:7e:28:e2:02:d6:95:37:9e:c2:5e:93: 36:b8:79:42:cf:4c:79:4b:fd:93:79:52:36:fc:24: fb:a2:94:10:a7:08:c6:9e:cf:7e:5c:6c:ea:7e:d2: 2c:3e:ca:33:c1:7c:f4:c1:b2:e9:88:ad:96:c2:98: fc:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:CC:25:4F:97:FB:26:2A:60:4A:B8:89:19:8F:A9:AC:0A:36:44:C1 X509v3 Authority Key Identifier: keyid:E3:90:7B:48:E6:98:7E:2F:DF:CE:D0:1E:D0:1D:40:B3:F6:3D:B1:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45B7SOaYfi_fztAe0B1As_Y9sRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/624C3E865DB011F0875D570FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df3:940::/48 Signature Algorithm: sha256WithRSAEncryption 91:e4:d6:55:09:5f:0b:14:bf:26:51:98:22:3a:e7:ae:37:f8: 45:37:54:e9:3d:e7:db:2f:31:37:3f:9f:60:a2:6a:d6:87:bf: 5a:6e:e3:18:48:c0:63:79:0f:75:6e:f4:49:3a:ae:5e:b8:5f: dd:89:10:fb:45:e7:6e:da:02:e6:0a:ce:85:ae:26:4c:69:97: 4b:e6:a9:77:2e:04:00:57:77:f9:a6:cf:f9:73:45:64:7e:c7: 36:c1:5f:56:6e:f7:37:b2:87:dd:20:b4:3f:af:09:10:db:60: a8:90:a6:f3:5a:ed:16:d9:45:fc:dd:2f:37:86:a6:5e:64:e7: c4:a8:c9:85:cd:02:dd:77:0c:99:fe:12:b7:87:00:c8:34:06: 9d:83:04:15:62:59:4c:65:4d:e7:ca:54:bb:33:b9:98:8f:59: 4e:59:51:ed:36:91:e7:2b:8d:5c:04:56:0c:b5:6a:83:8b:05: 9d:9d:21:ac:6d:93:4b:a5:39:e6:0e:08:0a:e8:84:3d:6b:df: c3:aa:4e:4a:a9:e2:0a:67:17:b7:0d:a5:af:3f:14:6a:6f:04: 1e:66:0c:1b:88:f6:07:8a:c1:78:1f:4a:2c:0f:d3:37:ff:59: ca:d5:af:fd:05:dd:0c:41:17:29:a3:74:f0:d6:71:bb:1d:62: f2:61:22:6e -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICAU4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjk3QTIxMTAvBgNVBAUTKEUzOTA3QjQ4RTY5ODdFMkZERkNFRDAxRUQwMUQ0MEIz RjYzREIxMTgwHhcNMjUwNzEwMTcwNzM5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODZmZjM1Yi1hZTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1z1h2eMQU+1YcA5o2zIkiTsueAyhH1jJbycSyyHaULsZO2tyUU1LgRCCuWU3 JJWWgxAN5eFogmZO4YvodQAUISFcqZi8pmgCt23gbXmnBFYnLgClJxAwKTDrr92P 8s7yJzaOeVSxoGrSgZOfnrLSdOJlH1vpdeerGgRTTsr8zzqecZ5pMQyDBxACsRH0 9xrfi1SJxx8fDjiPqTH1I73koGV3d0EY/TDn4BZhAxXDJzK3FS9IsU3te9zLzROj p2ZT1LmZB3tnfijiAtaVN57CXpM2uHlCz0x5S/2TeVI2/CT7opQQpwjGns9+XGzq ftIsPsozwXz0wbLpiK2Wwpj8vwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFMnMJU+X +yYqYEq4iRmPqawKNkTBMB8GA1UdIwQYMBaAFOOQe0jmmH4v387QHtAdQLP2PbEY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTdBMi9CM0RGQzg4NDZE NjIxMUVFQjMwN0NFMTlDNEY5QUUwMi80NUI3U09hWWZpX2Z6dEFlMEIxQXNfWTlz UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ1QjdTT2FZZmlfZnp0QWUwQjFBc19ZOXNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mjk3QTIvQjNERkM4ODQ2RDYyMTFFRUIzMDdDRTE5QzRGOUFFMDIvNjI0QzNFODY1 REIwMTFGMDg3NUQ1NzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ3zCUAwDQYJKoZIhvcNAQELBQADggEBAJHk1lUJXwsU vyZRmCI65643+EU3VOk959svMTc/n2CiataHv1pu4xhIwGN5D3Vu9Ek6rl64X92J EPtF527aAuYKzoWuJkxpl0vmqXcuBABXd/mmz/lzRWR+xzbBX1Zu9zeyh90gtD+v CRDbYKiQpvNa7RbZRfzdLzeGpl5k58SoyYXNAt13DJn+EreHAMg0Bp2DBBViWUxl TefKVLszuZiPWU5ZUe02kecrjVwEVgy1aoOLBZ2dIaxtk0ulOeYOCArohD1r38Oq Tkqp4gpnF7cNpa8/FGpvBB5mDBuI9geKwXgfSiwP0zf/WcrVr/0F3QxBFymjdPDW cbsdYvJhIm4= -----END CERTIFICATE-----Generated at Mon Jul 21 12:40:57 2025 by rpki-client