$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/2152FB1650C511EAB566FE61C4F9AE02.roa File: 2152FB1650C511EAB566FE61C4F9AE02.roa (raw, json) Hash identifier: YqyjVqfObaCdKqCeGud1APSOhnvT5Ziqju1SCkE5CAY= Subject key identifier: 37:F1:C3:1A:F7:49:1C:E2:D1:24:D2:E0:51:72:9B:10:23:32:5A:11 Certificate issuer: /CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Certificate serial: 0F1C Authority key identifier: 9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/2152FB1650C511EAB566FE61C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:38:28 +0000 ROA not before: Tue 02 Sep 2025 18:37:52 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 139618 IP address blocks: 2001:df1:4580::/48 maxlen: 48 2405:84c0:9000::/44 maxlen: 44 2405:84c0:9010::/44 maxlen: 44 2405:84c0:9020::/44 maxlen: 44 2405:84c0:9100::/44 maxlen: 44 2405:84c0:9110::/44 maxlen: 44 2405:84c0:9120::/44 maxlen: 44 2405:84c0:ff80::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 17:41:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3868 (0xf1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4C60, serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Validity Not Before: Sep 2 18:37:52 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a487a4-613d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:46:d5:bb:a4:0c:0f:0d:b7:9f:99:38:e9:49: 11:f8:7d:7e:ec:24:ce:c9:39:cb:a2:fe:77:b3:66: b2:58:46:09:ff:58:9f:cc:53:b4:b7:48:d6:a1:a4: 0e:54:ad:6d:c7:81:00:ca:1b:50:c8:4f:b1:70:dc: e1:85:55:cf:7b:39:9b:9d:4c:9b:f7:16:c8:35:8b: 44:ea:7b:d2:c4:0e:e8:19:c8:3b:c0:7c:63:28:02: c7:7a:0d:73:91:e5:99:37:4b:c6:2c:77:e8:5e:c6: d6:5d:25:a2:7f:08:41:f6:51:63:12:91:f0:0c:23: c0:01:eb:ef:79:d9:d2:04:f2:a5:f2:46:e9:76:0d: aa:00:cb:d8:98:06:31:e6:87:71:4f:3e:40:25:71: 76:60:6e:c4:2c:f1:9c:8c:97:4c:12:21:97:ea:54: 38:3d:41:f0:7b:4d:af:9f:47:1a:be:f1:42:ec:07: 5e:16:f9:db:37:35:d2:24:fe:e4:6f:30:66:a4:eb: 79:8e:71:69:95:9b:0e:a0:5b:85:6b:a8:2e:e8:bf: de:d1:49:42:d3:9b:25:2d:70:b9:87:e9:34:07:c9: 28:a0:eb:d6:ae:20:8d:5e:1e:96:6f:b1:a0:69:06: 3e:58:ec:9e:a7:4c:3e:0a:b7:a3:68:c9:c4:28:07: 52:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:F1:C3:1A:F7:49:1C:E2:D1:24:D2:E0:51:72:9B:10:23:32:5A:11 X509v3 Authority Key Identifier: keyid:9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/2152FB1650C511EAB566FE61C4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2001:df1:4580::/48 2405:84c0:9000::-2405:84c0:902f:ffff:ffff:ffff:ffff:ffff 2405:84c0:9100::-2405:84c0:912f:ffff:ffff:ffff:ffff:ffff 2405:84c0:ff80::/44 Signature Algorithm: sha256WithRSAEncryption c2:81:3d:83:af:8a:5d:dd:72:a5:57:37:53:c3:00:80:90:9e: b4:a4:55:fa:64:51:fb:45:25:80:37:cc:7d:62:93:16:db:45: d0:80:62:e4:45:a1:45:75:36:2e:5d:ad:0a:6e:46:0c:2a:6e: a7:ac:ff:6d:c5:4f:67:69:62:32:2d:c6:ac:29:5e:a4:97:3d: 8e:00:69:17:10:3e:8a:25:69:8e:23:9b:15:89:ae:e3:cd:10: 76:5a:e7:94:85:6b:36:b0:c6:4b:19:9e:14:94:b0:4c:c5:79: fd:57:ff:22:5b:57:70:6f:ae:75:f4:c1:7f:fc:9f:dc:ab:0c: 9b:24:ff:b2:4e:17:5f:c1:a4:f1:e2:c9:b7:fe:da:06:75:61: a8:7d:b1:d7:4e:75:5f:4a:dc:d2:81:7c:6f:09:80:9e:d0:16: 18:bb:02:9b:35:27:b7:f4:db:84:8c:ee:71:10:79:95:c3:ef: f6:68:22:56:33:5c:55:2d:6b:f6:0a:93:47:22:27:12:52:79: fb:ba:f1:86:ff:ca:46:4d:88:6a:84:5e:b7:10:81:34:1d:77: e1:bc:81:0b:c9:3a:5d:40:9b:29:35:ea:c5:a3:dd:21:f7:6a: 3f:97:34:7c:da:dc:8c:d8:05:57:6b:d4:fd:36:29:75:a3:95: e0:b3:f4:2b -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgICDxwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRDNjAxMTAvBgNVBAUTKDlFRjlFNDM3NkUzNjY1MzI3NUM3OTYzNTk4RDZCNDVC NzBBRjgwOTkwHhcNMjUwOTAyMTgzNzUyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODdhNC02MTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA40bVu6QMDw23n5k46UkR+H1+7CTOyTnLov53s2ayWEYJ/1ifzFO0t0jWoaQO VK1tx4EAyhtQyE+xcNzhhVXPezmbnUyb9xbINYtE6nvSxA7oGcg7wHxjKALHeg1z keWZN0vGLHfoXsbWXSWifwhB9lFjEpHwDCPAAevvednSBPKl8kbpdg2qAMvYmAYx 5odxTz5AJXF2YG7ELPGcjJdMEiGX6lQ4PUHwe02vn0cavvFC7AdeFvnbNzXSJP7k bzBmpOt5jnFplZsOoFuFa6gu6L/e0UlC05slLXC5h+k0B8kooOvWriCNXh6Wb7Gg aQY+WOyep0w+CrejaMnEKAdS/QIDAQABo4ICkjCCAo4wHQYDVR0OBBYEFDfxwxr3 SRzi0STS4FFymxAjMloRMB8GA1UdIwQYMBaAFJ755DduNmUydceWNZjWtFtwr4CZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEM2MC9CNTI2RkY3NEQ4 NDExMUU5QTQ1MjE0MTNDNEY5QUUwMi9udm5rTjI0MlpUSjF4NVkxbU5hMFczQ3Zn SmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252bmtOMjQyWlRKMXg1WTFtTmEwVzNDdmdKay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRDNjAvQjUyNkZGNzREODQxMTFFOUE0NTIxNDEzQzRGOUFFMDIvMjE1MkZCMTY1 MEM1MTFFQUI1NjZGRTYxQzRGOUFFMDIucm9hMFEGCCsGAQUFBwEHAQH/BEIwQDA+ BAIAAjA4AwcAIAEN8UWAMBEDBgQkBYTAkAMHBCQFhMCQIDARAwYAJAWEwJEDBwQk BYTAkSADBwQkBYTA/4AwDQYJKoZIhvcNAQELBQADggEBAMKBPYOvil3dcqVXN1PD AICQnrSkVfpkUftFJYA3zH1ikxbbRdCAYuRFoUV1Ni5drQpuRgwqbqes/23FT2dp YjItxqwpXqSXPY4AaRcQPoolaY4jmxWJruPNEHZa55SFazawxksZnhSUsEzFef1X /yJbV3BvrnX0wX/8n9yrDJsk/7JOF1/BpPHiybf+2gZ1Yah9sddOdV9K3NKBfG8J gJ7QFhi7Aps1J7f024SM7nEQeZXD7/ZoIlYzXFUta/YKk0ciJxJSefu68Yb/ykZN iGqEXrcQgTQdd+G8gQvJOl1Amyk16sWj3SH3aj+XNHza3IzYBVdr1P02KXWjleCz 9Cs= -----END CERTIFICATE-----Generated at Sat Mar 7 13:29:10 2026 by rpki-client