$ rpki-client -vvf rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/533DC25E60B511F0AB567568C4F9AE02.roa File: 533DC25E60B511F0AB567568C4F9AE02.roa (raw, json) Hash identifier: 9UZrURL/5cYm+3q79UbhWbJw8l3P1ZGycupb15ORpsw= Subject key identifier: 19:92:1E:96:41:DA:3F:FA:7B:DB:29:25:1A:5F:B6:41:DD:C0:F4:6A Certificate issuer: /CN=A91951DE/serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D Certificate serial: 02 Authority key identifier: 64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/533DC25E60B511F0AB567568C4F9AE02.roa Signing time: Mon 14 Jul 2025 13:20:35 +0000 ROA not before: Mon 14 Jul 2025 13:20:35 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 154047 IP address blocks: 2001:df5:db40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 08:23:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91951DE, serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D Validity Not Before: Jul 14 13:20:35 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68750423-df7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:75:7d:c2:0c:6c:18:a8:4a:3d:56:78:6d:bc: 42:5c:7c:37:72:2f:cf:96:ca:f5:60:97:9c:99:4f: e3:0f:70:85:dc:a0:f6:6e:d3:89:52:a4:58:d4:de: 3d:e9:42:94:39:92:8e:0e:c7:27:fe:28:af:04:5e: a2:0d:7a:53:3e:c3:9a:a8:fc:60:ca:14:26:f7:ff: 47:0b:8d:fa:60:cb:7d:dd:7e:90:4e:eb:f4:48:a4: f5:64:57:b6:46:56:b3:76:fd:92:ef:df:71:29:aa: a4:dd:f8:bc:99:d5:bc:40:8e:2e:b0:5a:ee:01:37: 92:98:12:c5:f9:4e:5b:04:54:ea:d8:4a:f1:69:36: 34:6f:88:9f:07:a3:0e:1d:19:80:b4:77:a3:07:32: 79:61:b1:ed:15:30:84:9b:f3:d4:a5:e8:1d:39:14: 62:45:59:6a:1c:a5:a1:84:fa:3b:c5:1a:04:43:74: 73:a2:b5:d8:e5:13:f2:53:0f:be:ea:09:b7:e9:36: 80:32:7e:d3:30:7b:ee:9a:fe:4f:9f:b6:cd:8e:60: e8:a0:36:08:d8:a9:26:61:8c:9f:d4:19:7c:28:47: 38:80:61:bb:e2:9c:0d:4f:cd:1b:c6:26:53:92:b2: a7:cd:bf:77:9b:cb:8d:bc:c0:6e:07:42:81:b6:18: 3b:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:92:1E:96:41:DA:3F:FA:7B:DB:29:25:1A:5F:B6:41:DD:C0:F4:6A X509v3 Authority Key Identifier: keyid:64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/533DC25E60B511F0AB567568C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df5:db40::/48 Signature Algorithm: sha256WithRSAEncryption 1d:b0:3f:70:9c:b0:ea:0a:e7:df:a5:a7:b7:0a:db:86:52:1e: 5c:78:e5:9a:74:4c:b0:79:7f:42:56:43:9e:b8:b3:a0:34:fc: 31:03:38:90:b2:07:fa:2a:a2:33:0d:2c:be:ee:a5:ac:c4:aa: 70:1d:36:84:fc:de:d1:02:b4:2d:c1:d5:00:bc:36:27:5b:4a: a5:4b:5a:8f:af:c6:b0:b4:0a:8f:8b:23:bc:49:d7:da:45:48: f3:70:ae:42:11:b4:d1:3e:6c:26:2a:b7:6c:63:90:a5:ba:7c: 14:a3:73:d2:86:f7:aa:d7:f8:08:57:31:15:c8:30:32:a8:6e: 2a:c4:50:99:e5:a1:ae:b6:57:bd:fa:1d:47:51:3f:80:14:8d: 48:70:6d:6d:05:95:72:73:e6:f7:8e:df:36:71:87:ab:b1:80: d9:f8:18:85:e1:fe:c5:60:94:10:ce:e1:04:33:33:06:36:bf: 4d:18:54:bf:96:5e:09:b1:da:8e:3e:6f:00:e5:27:c5:2e:e9: f9:23:74:0c:1b:cf:13:8f:c6:37:39:63:07:7d:af:fc:1b:da: 25:75:7b:ca:2b:32:c9:f6:e9:86:44:d9:04:db:96:67:db:dc: cf:ec:24:7c:18:33:1a:b5:14:4d:72:8f:1e:c7:b4:d3:c2:bd: 4f:eb:a1:c7 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 NTFERTExMC8GA1UEBRMoNjQ3RTVDQURDQjFGQkY3RUJCODk5QTcyMTlDM0EwRjAz RDNGN0IwRDAeFw0yNTA3MTQxMzIwMzVaFw0yNjEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NzUwNDIzLWRmN2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDPdX3CDGwYqEo9VnhtvEJcfDdyL8+WyvVgl5yZT+MPcIXcoPZu04lSpFjU3j3p QpQ5ko4Oxyf+KK8EXqINelM+w5qo/GDKFCb3/0cLjfpgy33dfpBO6/RIpPVkV7ZG VrN2/ZLv33EpqqTd+LyZ1bxAji6wWu4BN5KYEsX5TlsEVOrYSvFpNjRviJ8How4d GYC0d6MHMnlhse0VMISb89Sl6B05FGJFWWocpaGE+jvFGgRDdHOitdjlE/JTD77q CbfpNoAyftMwe+6a/k+fts2OYOigNgjYqSZhjJ/UGXwoRziAYbvinA1PzRvGJlOS sqfNv3eby428wG4HQoG2GDsFAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUGZIelkHa P/p72yklGl+2Qd3A9GowHwYDVR0jBBgwFoAUZH5crcsfv367iZpyGcOg8D0/ew0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1MURFLzkwNEY4NzBBNjBC NDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2N2lacHlHY09nOEQwX2V3 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWkg1Y3Jjc2Z2MzY3aVpweUdjT2c4RDBfZXcwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NTFERS85MDRGODcwQTYwQjQxMUYwOEVEN0FFNjNDNEY5QUUwMi81MzNEQzI1RTYw QjUxMUYwQUI1Njc1NjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHACABDfXbQDANBgkqhkiG9w0BAQsFAAOCAQEAHbA/cJyw6grn 36WntwrbhlIeXHjlmnRMsHl/QlZDnrizoDT8MQM4kLIH+iqiMw0svu6lrMSqcB02 hPze0QK0LcHVALw2J1tKpUtaj6/GsLQKj4sjvEnX2kVI83CuQhG00T5sJiq3bGOQ pbp8FKNz0ob3qtf4CFcxFcgwMqhuKsRQmeWhrrZXvfodR1E/gBSNSHBtbQWVcnPm 947fNnGHq7GA2fgYheH+xWCUEM7hBDMzBja/TRhUv5ZeCbHajj5vAOUnxS7p+SN0 DBvPE4/GNzljB32v/BvaJXV7yisyyfbphkTZBNuWZ9vcz+wkfBgzGrUUTXKPHse0 08K9T+uhxw== -----END CERTIFICATE-----Generated at Tue Jul 22 05:10:07 2025 by rpki-client