$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/CDCC902E170811EFB6DE866CC4F9AE02.roa File: CDCC902E170811EFB6DE866CC4F9AE02.roa (raw, json) Hash identifier: Ffh0Llbu+aifsZ/PhUzKVAABbwr/NW6qzAkEIXJ6/7A= Subject key identifier: 01:02:B1:50:01:C5:01:7A:4E:B2:B0:B0:22:60:69:BF:A8:6C:CF:28 Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Certificate serial: 391F Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/CDCC902E170811EFB6DE866CC4F9AE02.roa Signing time: Fri 04 Jul 2025 14:50:40 +0000 ROA not before: Fri 04 Jul 2025 14:50:40 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 2914 IP address blocks: 2001:d38::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 14:22:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14623 (0x391f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9149F3E, serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B Validity Not Before: Jul 4 14:50:40 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6867ea40-7046 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ed:8f:89:31:d4:60:d3:11:07:f2:e6:f0:d9: 29:f4:b9:6b:13:0c:3f:77:82:22:1c:73:f0:70:f8: 2a:e8:6f:ca:9f:dc:42:c8:26:ac:fa:df:98:01:f4: 76:8e:45:71:cd:de:ed:e6:8e:21:76:89:c8:57:4a: 25:d4:33:9b:88:a0:b7:76:c8:c7:e9:75:34:f3:03: e3:44:7d:41:4c:f4:51:3d:50:15:4d:7a:35:cd:f3: 71:36:ff:82:a4:1f:2a:31:d9:87:61:4f:40:a4:93: 32:99:f4:89:6e:d6:9c:97:d6:72:77:c7:c0:80:08: 4e:5c:4f:c8:0c:19:18:aa:3b:ec:58:da:cb:98:71: d7:c0:48:fa:84:58:97:99:34:b4:57:f9:6e:4a:93: 31:b8:e0:96:9f:e9:61:ff:2b:d6:1f:d1:e2:39:fd: 89:9c:dd:c6:0f:fc:4c:23:a8:ec:70:48:bc:fb:a3: 28:f5:09:10:fe:b7:8d:80:5d:c3:b9:11:2a:c6:73: e0:2d:a5:96:15:a5:70:55:df:9e:96:ba:51:6a:f9: 4c:4f:23:21:7e:25:c8:23:6d:29:9d:c9:f6:8f:c5: 98:23:13:da:3d:ad:36:e4:26:30:b5:fa:02:5f:cb: ae:47:36:e0:2c:e2:d2:df:4c:fc:1c:0d:95:18:03: 10:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:02:B1:50:01:C5:01:7A:4E:B2:B0:B0:22:60:69:BF:A8:6C:CF:28 X509v3 Authority Key Identifier: keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/CDCC902E170811EFB6DE866CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:d38::/32 Signature Algorithm: sha256WithRSAEncryption 6a:d9:a8:a8:1f:83:9c:a7:b7:2d:cc:b6:16:51:fe:56:10:fe: 60:36:52:87:24:d3:49:3e:37:21:1b:c4:21:48:5a:b8:1a:11: 46:1e:1e:01:7c:c4:15:7c:c0:f0:4e:a6:b0:e6:0a:cb:22:cb: 37:3a:c1:f9:f9:5c:0e:3a:f2:aa:eb:22:b1:b3:89:37:28:97: e7:c3:66:65:c3:a5:a8:e8:a5:95:0e:72:9d:6f:22:53:10:4e: 37:30:c3:05:7e:66:2f:e8:1b:11:21:89:07:65:cd:bd:e7:50: 18:d4:2c:54:c4:d4:e4:cf:bb:11:10:5b:71:6f:4b:96:5b:37: 1c:4e:c7:51:89:0e:5b:26:86:08:9b:80:4e:62:60:80:bc:26: 75:67:58:24:62:ab:39:0a:9e:ca:cd:14:42:f6:cf:4b:c6:fb: 8c:d7:8a:7f:ab:59:aa:3f:a9:d2:b2:bd:0e:b0:8c:ae:e9:51: 26:4a:4a:c9:fe:8a:d4:ad:16:7b:f8:e8:5b:f6:2e:a7:91:28: 3f:47:06:bd:89:cc:b2:97:ec:b7:98:94:da:15:a7:e2:cb:97: 6a:8e:a3:89:04:b7:84:bd:c3:98:54:25:a5:2b:fd:fe:e3:c9: 15:81:dc:24:c9:17:d1:92:87:5f:94:15:21:4f:55:4e:7d:16: 98:a1:1d:5a -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICOR8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG OURGN0M1NEIwHhcNMjUwNzA0MTQ1MDQwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODY3ZWE0MC03MDQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0e2PiTHUYNMRB/Lm8Nkp9LlrEww/d4IiHHPwcPgq6G/Kn9xCyCas+t+YAfR2 jkVxzd7t5o4hdonIV0ol1DObiKC3dsjH6XU08wPjRH1BTPRRPVAVTXo1zfNxNv+C pB8qMdmHYU9ApJMymfSJbtacl9Zyd8fAgAhOXE/IDBkYqjvsWNrLmHHXwEj6hFiX mTS0V/luSpMxuOCWn+lh/yvWH9HiOf2JnN3GD/xMI6jscEi8+6Mo9QkQ/reNgF3D uREqxnPgLaWWFaVwVd+elrpRavlMTyMhfiXII20pncn2j8WYIxPaPa025CYwtfoC X8uuRzbgLOLS30z8HA2VGAMQ3QIDAQABo4ICljCCApIwHQYDVR0OBBYEFAECsVAB xQF6TrKwsCJgab+obM8oMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4 VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvQ0RDQzkwMkUx NzA4MTFFRkI2REU4NjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAgAQ04MA0GCSqGSIb3DQEBCwUAA4IBAQBq2aioH4Ocp7ct zLYWUf5WEP5gNlKHJNNJPjchG8QhSFq4GhFGHh4BfMQVfMDwTqaw5grLIss3OsH5 +VwOOvKq6yKxs4k3KJfnw2Zlw6Wo6KWVDnKdbyJTEE43MMMFfmYv6BsRIYkHZc29 51AY1CxUxNTkz7sREFtxb0uWWzccTsdRiQ5bJoYIm4BOYmCAvCZ1Z1gkYqs5Cp7K zRRC9s9LxvuM14p/q1mqP6nSsr0OsIyu6VEmSkrJ/orUrRZ7+Ohb9i6nkSg/Rwa9 icyyl+y3mJTaFafiy5dqjqOJBLeEvcOYVCWlK/3+48kVgdwkyRfRkodflBUhT1VO fRaYoR1a -----END CERTIFICATE-----Generated at Tue Jul 22 11:57:00 2025 by rpki-client