$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/0D90C6C899BC11EEBF0F7411C4F9AE02.roa File: 0D90C6C899BC11EEBF0F7411C4F9AE02.roa (raw, json) Hash identifier: eadxsvzaSxzw44MbzuzI+Oul4FdP5+6OIV0GTLKz4ko= Subject key identifier: 90:75:BF:F3:7F:26:F5:EC:79:95:0F:A9:EC:E1:7F:A7:1F:5F:F6:63 Certificate issuer: /CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Certificate serial: 0E96 Authority key identifier: 9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/0D90C6C899BC11EEBF0F7411C4F9AE02.roa Signing time: Tue 02 Sep 2025 18:37:56 +0000 ROA not before: Tue 02 Sep 2025 18:37:56 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 209554 IP address blocks: 2001:df1:4580::/48 maxlen: 48 2405:84c0::/48 maxlen: 48 2405:84c0:2000::/36 maxlen: 40 2405:84c0:4000::/36 maxlen: 40 2405:84c0:5000::/36 maxlen: 40 2405:84c0:6800::/40 maxlen: 44 2405:84c0:6f00::/40 maxlen: 44 2405:84c0:8000::/44 maxlen: 48 2405:84c0:8010::/44 maxlen: 48 2405:84c0:8020::/44 maxlen: 48 2405:84c0:8030::/44 maxlen: 48 2405:84c0:8040::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 18:38:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3734 (0xe96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4C60, serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Validity Not Before: Sep 2 18:37:56 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b73984-abe7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:f5:5c:d5:a7:60:9c:a8:9d:2f:db:b4:a8:02: 1c:fc:25:de:08:1c:9a:a2:73:90:40:2b:f1:2e:b8: 4b:66:7f:4f:49:76:dc:b9:a0:95:9d:b9:ae:14:03: a1:34:b4:ae:43:01:12:2c:e1:9b:62:8c:1f:c9:c9: e8:b9:2f:37:1a:b6:a5:74:c5:fb:5c:2c:60:de:c0: ea:4e:35:b9:c5:82:78:e0:cb:c8:ad:72:bd:fd:f3: d6:24:19:27:d5:b3:ff:77:94:2d:18:16:19:ea:30: 2d:d5:75:89:e4:3c:97:72:ab:1e:49:7c:aa:f0:fe: 68:88:85:ff:08:11:de:a4:15:8b:a9:96:b9:c0:75: 9b:1f:16:08:84:e7:ef:17:35:6f:ba:37:87:9b:47: 33:6e:5c:ee:a6:3c:1c:06:68:c5:7e:34:19:37:62: 38:69:40:b5:22:f8:30:e4:05:3f:e3:c6:1f:21:58: e4:3b:ed:bd:4d:9f:e0:55:75:ff:3f:68:9e:55:94: ff:df:f4:52:5d:0e:dc:ea:c5:bf:cd:5f:45:a1:59: f7:0b:c4:59:ca:a2:17:ed:4c:08:e0:1e:be:a6:8a: 64:92:92:25:12:5c:f5:e3:66:c4:7b:b6:c4:a4:45: 1d:36:f3:2e:33:8f:2b:ad:70:86:96:a4:dc:09:5a: 03:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:75:BF:F3:7F:26:F5:EC:79:95:0F:A9:EC:E1:7F:A7:1F:5F:F6:63 X509v3 Authority Key Identifier: keyid:9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/0D90C6C899BC11EEBF0F7411C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df1:4580::/48 2405:84c0::/48 2405:84c0:2000::/36 2405:84c0:4000::/35 2405:84c0:6800::/40 2405:84c0:6f00::/40 2405:84c0:8000::-2405:84c0:804f:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 8e:db:ee:87:fa:98:24:35:b8:7b:97:aa:c2:e2:cb:66:dd:d6: 79:29:4e:9d:d4:2b:b1:56:c7:41:24:bc:0c:d1:ad:47:bb:84: 2c:39:be:0b:4d:37:65:a9:f1:ef:1e:d4:c4:0e:ed:ab:2f:0c: 6d:4e:d3:b0:fd:61:71:33:6d:1f:0a:46:af:80:1d:d9:d5:4d: ff:79:a3:1b:ec:a2:d0:89:b1:82:75:dc:ea:d8:62:94:6e:77: 61:8e:3c:8d:47:6c:a4:9d:02:c4:2c:08:b8:b3:10:99:03:90: 82:bc:4e:26:55:7b:07:20:61:b0:68:8d:90:ca:4f:91:a3:11: 6d:29:7a:fa:df:65:fb:0d:dd:4c:76:27:bb:03:d3:3f:eb:f3: 59:4d:b8:c9:6d:cf:b7:75:f9:67:7b:39:3b:8d:af:c2:fa:0d: bc:68:5a:30:4b:a6:34:41:bb:dc:b3:84:b5:4a:72:1a:48:68: 83:8d:41:c8:df:27:d2:a9:31:74:0d:04:54:9c:a3:7a:1f:cd: 40:b4:7a:be:06:95:a6:f1:16:b8:c2:9d:6a:d1:69:11:f5:78: 4a:fe:c1:89:2f:bf:d8:21:a9:b3:2e:44:7a:4a:12:51:48:16: 03:59:1d:52:a2:b4:84:97:a8:82:bd:3d:d9:c1:a0:5d:93:0a: 34:c6:76:a0 -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgICDpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRDNjAxMTAvBgNVBAUTKDlFRjlFNDM3NkUzNjY1MzI3NUM3OTYzNTk4RDZCNDVC NzBBRjgwOTkwHhcNMjUwOTAyMTgzNzU2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3Mzk4NC1hYmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1PVc1adgnKidL9u0qAIc/CXeCByaonOQQCvxLrhLZn9PSXbcuaCVnbmuFAOh NLSuQwESLOGbYowfycnouS83GraldMX7XCxg3sDqTjW5xYJ44MvIrXK9/fPWJBkn 1bP/d5QtGBYZ6jAt1XWJ5DyXcqseSXyq8P5oiIX/CBHepBWLqZa5wHWbHxYIhOfv FzVvujeHm0czblzupjwcBmjFfjQZN2I4aUC1Ivgw5AU/48YfIVjkO+29TZ/gVXX/ P2ieVZT/3/RSXQ7c6sW/zV9FoVn3C8RZyqIX7UwI4B6+popkkpIlElz142bEe7bE pEUdNvMuM48rrXCGlqTcCVoDVQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFJB1v/N/ JvXseZUPqezhf6cfX/ZjMB8GA1UdIwQYMBaAFJ755DduNmUydceWNZjWtFtwr4CZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEM2MC9CNTI2RkY3NEQ4 NDExMUU5QTQ1MjE0MTNDNEY5QUUwMi9udm5rTjI0MlpUSjF4NVkxbU5hMFczQ3Zn SmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252bmtOMjQyWlRKMXg1WTFtTmEwVzNDdmdKay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRDNjAvQjUyNkZGNzREODQxMTFFOUE0NTIxNDEzQzRGOUFFMDIvMEQ5MEM2Qzg5 OUJDMTFFRUJGMEY3NDExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E TzBNMEsEAgACMEUDBwAgAQ3xRYADBwAkBYTAAAADBgQkBYTAIAMGBSQFhMBAAwYA JAWEwGgDBgAkBYTAbzARAwYHJAWEwIADBwQkBYTAgEAwDQYJKoZIhvcNAQELBQAD ggEBAI7b7of6mCQ1uHuXqsLiy2bd1nkpTp3UK7FWx0EkvAzRrUe7hCw5vgtNN2Wp 8e8e1MQO7asvDG1O07D9YXEzbR8KRq+AHdnVTf95oxvsotCJsYJ13OrYYpRud2GO PI1HbKSdAsQsCLizEJkDkIK8TiZVewcgYbBojZDKT5GjEW0pevrfZfsN3Ux2J7sD 0z/r81lNuMltz7d1+Wd7OTuNr8L6DbxoWjBLpjRBu9yzhLVKchpIaIONQcjfJ9Kp MXQNBFSco3ofzUC0er4GlabxFrjCnWrRaRH1eEr+wYkvv9ghqbMuRHpKElFIFgNZ HVKitISXqIK9PdnBoF2TCjTGdqA= -----END CERTIFICATE-----Generated at Thu Sep 4 10:32:05 2025 by rpki-client