$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/2152FB1650C511EAB566FE61C4F9AE02.roa File: 2152FB1650C511EAB566FE61C4F9AE02.roa (raw, json) Hash identifier: 6YL37qZcSHIsKWgAPwXyLHa/ujTtyBijwb8nN7Syf3U= Subject key identifier: 3B:1D:68:95:70:D7:05:56:61:E2:2C:45:91:CF:2E:60:FA:4F:A3:22 Certificate issuer: /CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Certificate serial: 0E92 Authority key identifier: 9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/2152FB1650C511EAB566FE61C4F9AE02.roa Signing time: Tue 02 Sep 2025 18:37:52 +0000 ROA not before: Tue 02 Sep 2025 18:37:52 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 139618 IP address blocks: 2001:df1:4580::/48 maxlen: 48 2405:84c0:9000::/44 maxlen: 44 2405:84c0:9010::/44 maxlen: 44 2405:84c0:9020::/44 maxlen: 44 2405:84c0:9100::/44 maxlen: 44 2405:84c0:9110::/44 maxlen: 44 2405:84c0:9120::/44 maxlen: 44 2405:84c0:ff80::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 18:38:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3730 (0xe92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4C60, serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Validity Not Before: Sep 2 18:37:52 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b73980-b155 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:df:ec:22:c9:35:d0:36:fc:9c:f1:9c:78:1c: d4:df:d1:5b:a3:d8:11:7c:5a:f8:81:9c:1d:d9:a9: e7:83:30:b5:e2:7c:bc:56:28:80:91:cb:b1:96:e0: 23:8a:e8:31:ac:c7:54:07:03:13:1d:55:8f:8c:52: 44:11:dd:15:a4:d2:da:b4:51:3a:2f:77:dd:90:18: bd:91:ff:e0:e3:c6:ec:06:ac:4b:94:d4:dd:4e:e8: 19:d8:dc:e5:9b:e6:b4:38:28:8a:c8:bd:c2:93:16: 54:34:5b:96:da:4c:e2:f2:49:2c:09:78:e4:17:e7: b5:e6:62:2a:3c:fe:cc:58:1e:f7:f9:43:60:04:27: c5:a9:b1:49:89:4a:7a:6c:ed:d1:68:29:e6:44:86: 6a:ce:e9:cc:9b:25:b6:62:e9:31:90:a9:f2:54:3f: cb:96:1b:04:b4:72:95:32:4e:be:ab:73:22:58:42: 48:ba:66:4e:e0:7f:25:38:63:48:94:d5:22:be:2a: 21:95:f4:d7:48:97:66:d2:8b:47:ec:2f:2b:ef:e0: 6c:47:95:ab:5c:73:43:ca:39:9e:b4:e2:e7:48:f2: bf:5b:e2:ab:fb:67:00:3a:3e:fb:78:6d:f6:57:ab: a8:b5:0f:81:6d:d8:66:69:62:4b:39:4d:8b:4d:6c: 84:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:1D:68:95:70:D7:05:56:61:E2:2C:45:91:CF:2E:60:FA:4F:A3:22 X509v3 Authority Key Identifier: keyid:9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/2152FB1650C511EAB566FE61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df1:4580::/48 2405:84c0:9000::-2405:84c0:902f:ffff:ffff:ffff:ffff:ffff 2405:84c0:9100::-2405:84c0:912f:ffff:ffff:ffff:ffff:ffff 2405:84c0:ff80::/44 Signature Algorithm: sha256WithRSAEncryption 08:c3:e9:67:f9:a8:5b:96:80:a8:d1:0f:75:d2:fe:8a:9e:89: 27:5c:84:6f:d0:f4:79:fb:6b:2c:dd:d1:b9:1e:c8:cd:9b:e7: c9:67:e8:46:19:19:ab:28:8e:55:2d:94:0e:86:44:e5:d8:b2: b2:15:07:2c:8a:49:d2:81:3d:ad:1a:ac:87:05:d0:ab:35:f4: c0:0c:d6:a5:c3:30:c6:81:cb:b7:d9:30:d6:12:7a:dc:18:10: a6:34:dd:de:32:63:e8:5f:ed:04:09:e2:26:a3:98:43:e9:0c: a8:5e:75:f9:02:1c:8e:40:04:99:61:4c:c5:7a:a5:d1:6c:4b: 8f:3e:74:5a:2e:63:2a:2e:73:51:23:75:03:de:2e:59:75:12: 4c:43:1d:c0:0a:86:db:5a:2f:d9:72:ef:d8:4f:ca:03:5f:fc: a3:a8:2b:51:e1:e3:02:7e:55:d5:eb:d2:dd:57:81:16:69:50: bc:27:18:10:82:19:11:5a:10:c1:be:f7:bd:1b:c0:2b:8c:43: 48:2f:d4:f6:52:3a:97:72:05:32:b0:02:e9:85:bb:51:88:2f: 9d:e7:22:77:1b:89:41:79:3f:f3:2d:59:3b:42:32:88:7c:4b: 86:03:de:79:77:c0:90:7f:5f:0e:81:af:8b:df:1a:e3:6b:9d: ee:be:2d:68 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgICDpIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRDNjAxMTAvBgNVBAUTKDlFRjlFNDM3NkUzNjY1MzI3NUM3OTYzNTk4RDZCNDVC NzBBRjgwOTkwHhcNMjUwOTAyMTgzNzUyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3Mzk4MC1iMTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1d/sIsk10Db8nPGceBzU39Fbo9gRfFr4gZwd2anngzC14ny8ViiAkcuxluAj iugxrMdUBwMTHVWPjFJEEd0VpNLatFE6L3fdkBi9kf/g48bsBqxLlNTdTugZ2Nzl m+a0OCiKyL3CkxZUNFuW2kzi8kksCXjkF+e15mIqPP7MWB73+UNgBCfFqbFJiUp6 bO3RaCnmRIZqzunMmyW2YukxkKnyVD/LlhsEtHKVMk6+q3MiWEJIumZO4H8lOGNI lNUiviohlfTXSJdm0otH7C8r7+BsR5WrXHNDyjmetOLnSPK/W+Kr+2cAOj77eG32 V6uotQ+BbdhmaWJLOU2LTWyEgwIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFDsdaJVw 1wVWYeIsRZHPLmD6T6MiMB8GA1UdIwQYMBaAFJ755DduNmUydceWNZjWtFtwr4CZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEM2MC9CNTI2RkY3NEQ4 NDExMUU5QTQ1MjE0MTNDNEY5QUUwMi9udm5rTjI0MlpUSjF4NVkxbU5hMFczQ3Zn SmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252bmtOMjQyWlRKMXg1WTFtTmEwVzNDdmdKay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRDNjAvQjUyNkZGNzREODQxMTFFOUE0NTIxNDEzQzRGOUFFMDIvMjE1MkZCMTY1 MEM1MTFFQUI1NjZGRTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E QjBAMD4EAgACMDgDBwAgAQ3xRYAwEQMGBCQFhMCQAwcEJAWEwJAgMBEDBgAkBYTA kQMHBCQFhMCRIAMHBCQFhMD/gDANBgkqhkiG9w0BAQsFAAOCAQEACMPpZ/moW5aA qNEPddL+ip6JJ1yEb9D0eftrLN3RuR7IzZvnyWfoRhkZqyiOVS2UDoZE5diyshUH LIpJ0oE9rRqshwXQqzX0wAzWpcMwxoHLt9kw1hJ63BgQpjTd3jJj6F/tBAniJqOY Q+kMqF51+QIcjkAEmWFMxXql0WxLjz50Wi5jKi5zUSN1A94uWXUSTEMdwAqG21ov 2XLv2E/KA1/8o6grUeHjAn5V1evS3VeBFmlQvCcYEIIZEVoQwb73vRvAK4xDSC/U 9lI6l3IFMrAC6YW7UYgvnecidxuJQXk/8y1ZO0IyiHxLhgPeeXfAkH9fDoGvi98a 42ud7r4taA== -----END CERTIFICATE-----Generated at Thu Sep 4 10:25:34 2025 by rpki-client