$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/0D90C6C899BC11EEBF0F7411C4F9AE02.roa File: 0D90C6C899BC11EEBF0F7411C4F9AE02.roa (raw, json) Hash identifier: XjNKNn/2Bt+iRdEaPNO9EdsBSZe4KlIzvbN2cWi79bk= Subject key identifier: 69:76:04:49:15:86:D8:9B:1E:8F:EB:3E:70:09:91:42:8C:01:56:52 Certificate issuer: /CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Certificate serial: 0E70 Authority key identifier: 9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/0D90C6C899BC11EEBF0F7411C4F9AE02.roa Signing time: Fri 18 Jul 2025 08:54:34 +0000 ROA not before: Fri 18 Jul 2025 08:54:34 +0000 ROA not after: Mon 01 Dec 2025 00:00:00 +0000 asID: 209554 IP address blocks: 2001:df1:4580::/48 maxlen: 48 2405:84c0::/48 maxlen: 48 2405:84c0:2000::/36 maxlen: 40 2405:84c0:4000::/36 maxlen: 40 2405:84c0:5000::/36 maxlen: 40 2405:84c0:6800::/40 maxlen: 44 2405:84c0:6f00::/40 maxlen: 44 2405:84c0:8000::/44 maxlen: 48 2405:84c0:8010::/44 maxlen: 48 2405:84c0:8020::/44 maxlen: 48 2405:84c0:8030::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 18:10:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3696 (0xe70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4C60, serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Validity Not Before: Jul 18 08:54:34 2025 GMT Not After : Dec 1 00:00:00 2025 GMT Subject: CN=687a0bca-3c46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ad:91:80:98:02:ba:24:f7:6c:df:e3:7f:f3: 9c:e4:b1:52:26:6d:03:d1:d8:0a:18:81:46:b4:46: 34:39:73:e6:1f:59:13:c5:c4:9e:b3:19:6c:f5:ef: 6a:63:fb:1c:6f:70:25:a9:b0:fa:57:74:ae:29:35: 49:db:e7:eb:e7:4a:67:a7:5c:78:9a:e9:00:50:98: ff:a9:56:73:33:1f:d5:9d:5c:eb:ac:9d:eb:26:cb: fb:04:01:46:86:90:47:80:ad:28:b2:1a:03:68:ff: 04:b1:3a:56:5e:7a:c0:23:3b:c8:34:05:1a:ec:3f: 06:23:76:cf:b6:47:81:76:3c:22:88:4f:0f:01:c4: a4:08:eb:bb:21:f6:20:94:ce:23:60:64:04:6a:8c: f3:4f:9f:ff:e6:de:05:aa:48:ea:42:c5:b5:15:e1: 86:47:1a:db:dd:14:ae:11:db:69:b7:7b:13:09:1e: 6b:18:0a:29:a6:53:09:f1:6e:5c:ce:eb:fb:48:f5: fa:95:51:ce:eb:aa:79:aa:68:f4:47:9e:2f:f2:8d: 78:ad:ff:a4:5f:58:dc:6d:a3:f2:84:da:14:97:31: 0a:db:2e:f1:5f:04:b1:0a:7e:cf:0b:fb:e8:fe:cf: 65:43:8c:7d:82:33:3e:57:2f:b8:9b:9f:89:4c:21: a6:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:76:04:49:15:86:D8:9B:1E:8F:EB:3E:70:09:91:42:8C:01:56:52 X509v3 Authority Key Identifier: keyid:9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/0D90C6C899BC11EEBF0F7411C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df1:4580::/48 2405:84c0::/48 2405:84c0:2000::/36 2405:84c0:4000::/35 2405:84c0:6800::/40 2405:84c0:6f00::/40 2405:84c0:8000::/42 Signature Algorithm: sha256WithRSAEncryption 27:6c:fe:5b:58:26:88:c3:82:19:0b:95:0b:fc:72:ce:0f:4e: f2:03:1c:84:82:85:74:44:5d:52:f6:e9:8c:93:30:78:de:fc: d1:ca:21:28:70:16:17:1d:62:25:16:38:bb:b0:cc:e8:97:c7: 39:81:ce:a2:41:78:5b:5f:b2:dd:47:3d:13:b8:fd:51:40:11: 30:25:f6:77:13:8c:8e:07:a7:a8:73:a2:50:0b:07:81:02:d9: a2:df:61:2b:a4:db:93:e0:94:2e:02:62:d2:e9:ed:41:c5:1f: d9:b5:b2:37:d9:35:40:89:e5:31:a8:9b:0b:f2:4f:70:02:22: ad:0b:a8:1d:71:23:32:c9:a6:7f:31:f4:29:20:79:1d:5f:bb: 07:ad:88:de:94:77:5d:24:95:51:18:32:ce:e5:dd:34:de:8b: 0f:ce:79:e6:99:5e:9c:8c:89:fb:1c:d5:3d:c0:62:a9:dc:5a: ad:a8:78:b9:95:9e:40:fa:e4:a9:06:1f:7e:d0:19:ef:ba:fe: 65:a5:45:e4:0f:8f:93:cc:df:cf:ae:c0:44:41:fc:c9:59:4a: af:f8:2b:2b:7a:bf:f0:48:71:ff:18:b3:22:7b:c6:7b:c6:c7: f4:b2:2d:f3:e5:76:94:40:f7:b8:6f:7c:87:10:2c:1c:80:12: da:3c:3c:8e -----BEGIN CERTIFICATE----- MIIFpjCCBI6gAwIBAgICDnAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRDNjAxMTAvBgNVBAUTKDlFRjlFNDM3NkUzNjY1MzI3NUM3OTYzNTk4RDZCNDVC NzBBRjgwOTkwHhcNMjUwNzE4MDg1NDM0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODdhMGJjYS0zYzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx62RgJgCuiT3bN/jf/Oc5LFSJm0D0dgKGIFGtEY0OXPmH1kTxcSesxls9e9q Y/scb3AlqbD6V3SuKTVJ2+fr50pnp1x4mukAUJj/qVZzMx/VnVzrrJ3rJsv7BAFG hpBHgK0oshoDaP8EsTpWXnrAIzvINAUa7D8GI3bPtkeBdjwiiE8PAcSkCOu7IfYg lM4jYGQEaozzT5//5t4FqkjqQsW1FeGGRxrb3RSuEdtpt3sTCR5rGAopplMJ8W5c zuv7SPX6lVHO66p5qmj0R54v8o14rf+kX1jcbaPyhNoUlzEK2y7xXwSxCn7PC/vo /s9lQ4x9gjM+Vy+4m5+JTCGmLwIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFGl2BEkV htibHo/rPnAJkUKMAVZSMB8GA1UdIwQYMBaAFJ755DduNmUydceWNZjWtFtwr4CZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEM2MC9CNTI2RkY3NEQ4 NDExMUU5QTQ1MjE0MTNDNEY5QUUwMi9udm5rTjI0MlpUSjF4NVkxbU5hMFczQ3Zn SmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252bmtOMjQyWlRKMXg1WTFtTmEwVzNDdmdKay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRDNjAvQjUyNkZGNzREODQxMTFFOUE0NTIxNDEzQzRGOUFFMDIvMEQ5MEM2Qzg5 OUJDMTFFRUJGMEY3NDExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E RTBDMEEEAgACMDsDBwAgAQ3xRYADBwAkBYTAAAADBgQkBYTAIAMGBSQFhMBAAwYA JAWEwGgDBgAkBYTAbwMHBiQFhMCAADANBgkqhkiG9w0BAQsFAAOCAQEAJ2z+W1gm iMOCGQuVC/xyzg9O8gMchIKFdERdUvbpjJMweN780cohKHAWFx1iJRY4u7DM6JfH OYHOokF4W1+y3Uc9E7j9UUARMCX2dxOMjgenqHOiUAsHgQLZot9hK6Tbk+CULgJi 0untQcUf2bWyN9k1QInlMaibC/JPcAIirQuoHXEjMsmmfzH0KSB5HV+7B62I3pR3 XSSVURgyzuXdNN6LD8555plenIyJ+xzVPcBiqdxarah4uZWeQPrkqQYfftAZ77r+ ZaVF5A+Pk8zfz67AREH8yVlKr/grK3q/8Ehx/xizInvGe8bH9LIt8+V2lED3uG98 hxAsHIAS2jw8jg== -----END CERTIFICATE-----Generated at Sat Jul 19 08:59:16 2025 by rpki-client