$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/60B3CD6EAF2E11EEBF12DF45C4F9AE02.roa File: 60B3CD6EAF2E11EEBF12DF45C4F9AE02.roa (raw, json) Hash identifier: D96s3C0fz4gg+o7Ty1+9cwFV2PT+r04AXwT8/vXI9r8= Subject key identifier: 01:B9:AA:EF:D7:FE:D2:A4:25:25:F3:DE:DD:F0:07:AF:29:B5:D6:95 Certificate issuer: /CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Certificate serial: 0E9A Authority key identifier: 9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/60B3CD6EAF2E11EEBF12DF45C4F9AE02.roa Signing time: Tue 02 Sep 2025 18:37:59 +0000 ROA not before: Tue 02 Sep 2025 18:37:59 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 23077 IP address blocks: 2405:84c0:3000::/36 maxlen: 40 2405:84c0:5e00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 18:38:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3738 (0xe9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4C60, serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099 Validity Not Before: Sep 2 18:37:59 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b73987-1737 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ab:e3:ba:1c:2d:f4:65:8a:81:62:11:5e:f6: e5:65:ca:c8:92:5f:3f:21:63:14:59:3b:77:28:94: 00:c3:5f:e7:69:61:15:0b:c3:e0:0d:4f:cc:d9:4d: c4:00:89:cf:b3:31:b3:8b:52:2a:f0:f4:dd:7d:e7: 52:56:cb:1e:be:d0:98:29:b5:d8:f7:4a:80:70:11: 81:8b:0a:c1:dc:b1:7c:c5:ad:f4:42:13:ea:74:01: 7a:dd:be:6f:0d:5d:9f:e4:30:da:d2:a0:36:4b:6b: ce:ba:9e:60:a3:02:9b:37:bc:84:79:bc:d3:bb:e5: b9:ea:6c:24:9f:0c:a6:22:c3:ca:61:9a:f3:2d:74: 1d:d6:5d:08:67:dc:1a:54:5d:f4:1c:0c:7c:45:28: 85:fc:5d:34:a0:70:36:80:7a:64:0f:4c:a3:88:47: dd:80:72:ca:02:cf:4f:33:58:e7:eb:31:bb:db:90: 47:54:2d:8b:23:18:0a:2b:1a:11:00:5e:e2:5f:1e: f0:f3:b3:6a:cb:ff:91:36:1b:48:12:f6:00:15:40: cc:64:40:42:70:ed:1f:93:f5:d9:bf:e3:63:1d:e8: e4:66:77:4c:3f:f9:49:2b:07:aa:08:bb:2f:7f:2d: 5f:3d:e6:39:ef:17:5e:ab:0e:f2:4a:57:5d:56:e5: 26:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:B9:AA:EF:D7:FE:D2:A4:25:25:F3:DE:DD:F0:07:AF:29:B5:D6:95 X509v3 Authority Key Identifier: keyid:9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/60B3CD6EAF2E11EEBF12DF45C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2405:84c0:3000::/36 2405:84c0:5e00::/40 Signature Algorithm: sha256WithRSAEncryption 01:a1:fa:86:4e:30:f8:ac:76:e9:a4:0e:63:15:7a:5b:d4:b8: b0:5f:c1:15:ad:a5:b8:12:53:45:23:67:c0:79:eb:45:0c:4a: 2e:ca:61:3e:43:8e:19:48:63:9e:8a:58:cb:0c:29:67:f7:ce: 99:41:2d:ee:cb:37:31:a6:f7:11:57:80:bd:8b:d5:24:a7:d7: 5f:ac:cc:d7:68:11:c5:94:a3:92:84:65:dd:de:4d:9f:d0:29: bb:12:cd:a7:e3:31:60:5c:27:1f:b4:97:99:d9:98:46:f3:6f: 65:f4:83:44:de:89:5a:93:eb:fc:12:d7:70:4e:a4:df:5c:e4: fd:b1:ec:e4:20:2b:58:1f:df:c8:6f:1a:d7:a8:33:13:06:50: 1d:5a:11:93:ca:f8:30:d5:b1:4a:c6:b8:ac:0a:ba:aa:4a:f1: f9:61:5c:68:2b:c3:57:bd:7f:8d:67:7a:ed:57:d2:77:cb:99: fa:08:e0:a8:0e:88:fc:57:99:ed:30:46:2b:8e:cb:11:5e:dc: 81:1b:43:d6:4d:d8:6f:93:ac:21:c8:50:6e:2f:27:5d:83:d6: 28:52:53:a1:49:73:ad:73:e2:0c:75:9e:fe:ed:04:26:93:b3: 33:f5:0c:5b:e3:52:e8:e1:df:41:70:dc:c3:bb:6e:c9:08:d1: 0e:c8:f0:d1 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgICDpowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRDNjAxMTAvBgNVBAUTKDlFRjlFNDM3NkUzNjY1MzI3NUM3OTYzNTk4RDZCNDVC NzBBRjgwOTkwHhcNMjUwOTAyMTgzNzU5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3Mzk4Ny0xNzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvqvjuhwt9GWKgWIRXvblZcrIkl8/IWMUWTt3KJQAw1/naWEVC8PgDU/M2U3E AInPszGzi1Iq8PTdfedSVssevtCYKbXY90qAcBGBiwrB3LF8xa30QhPqdAF63b5v DV2f5DDa0qA2S2vOup5gowKbN7yEebzTu+W56mwknwymIsPKYZrzLXQd1l0IZ9wa VF30HAx8RSiF/F00oHA2gHpkD0yjiEfdgHLKAs9PM1jn6zG725BHVC2LIxgKKxoR AF7iXx7w87Nqy/+RNhtIEvYAFUDMZEBCcO0fk/XZv+NjHejkZndMP/lJKweqCLsv fy1fPeY57xdeqw7ySlddVuUmhwIDAQABo4ICnzCCApswHQYDVR0OBBYEFAG5qu/X /tKkJSXz3t3wB68ptdaVMB8GA1UdIwQYMBaAFJ755DduNmUydceWNZjWtFtwr4CZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEM2MC9CNTI2RkY3NEQ4 NDExMUU5QTQ1MjE0MTNDNEY5QUUwMi9udm5rTjI0MlpUSjF4NVkxbU5hMFczQ3Zn SmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL252bmtOMjQyWlRKMXg1WTFtTmEwVzNDdmdKay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRDNjAvQjUyNkZGNzREODQxMTFFOUE0NTIxNDEzQzRGOUFFMDIvNjBCM0NENkVB RjJFMTFFRUJGMTJERjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQcBAf8E GjAYMBYEAgACMBADBgQkBYTAMAMGACQFhMBeMA0GCSqGSIb3DQEBCwUAA4IBAQAB ofqGTjD4rHbppA5jFXpb1LiwX8EVraW4ElNFI2fAeetFDEouymE+Q44ZSGOeiljL DCln986ZQS3uyzcxpvcRV4C9i9Ukp9dfrMzXaBHFlKOShGXd3k2f0Cm7Es2n4zFg XCcftJeZ2ZhG829l9INE3olak+v8EtdwTqTfXOT9sezkICtYH9/IbxrXqDMTBlAd WhGTyvgw1bFKxrisCrqqSvH5YVxoK8NXvX+NZ3rtV9J3y5n6COCoDoj8V5ntMEYr jssRXtyBG0PWTdhvk6whyFBuLyddg9YoUlOhSXOtc+IMdZ7+7QQmk7Mz9Qxb41Lo 4d9BcNzDu27JCNEOyPDR -----END CERTIFICATE-----Generated at Thu Sep 4 10:26:08 2025 by rpki-client