$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/A0A9D60C807511EFAD8C4257C4F9AE02.roa File: A0A9D60C807511EFAD8C4257C4F9AE02.roa (raw, json) Hash identifier: ItObitSQLkGH+talVc8PNR7Z2o8Aby5tjfREkgGvzVc= Subject key identifier: 6A:B5:E7:83:D9:0B:D0:F6:69:85:0E:47:F2:55:1F:46:DC:5E:5C:DD Certificate issuer: /CN=A91D0B0E/serialNumber=957E50A75FBE502F38E3EDBF3F4AAAE665AE148B Certificate serial: 97 Authority key identifier: 95:7E:50:A7:5F:BE:50:2F:38:E3:ED:BF:3F:4A:AA:E6:65:AE:14:8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/A0A9D60C807511EFAD8C4257C4F9AE02.roa Signing time: Tue 15 Jul 2025 06:43:44 +0000 ROA not before: Tue 15 Jul 2025 06:43:44 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 153055 IP address blocks: 2401:afe0::/32 maxlen: 33 2401:afe0::/34 maxlen: 36 2401:afe0:4000::/35 maxlen: 36 2401:afe0:6000::/35 maxlen: 35 2401:afe0:6000::/36 maxlen: 36 2401:afe0:8000::/33 maxlen: 34 2401:afe0:8000::/36 maxlen: 36 2401:afe0:9000::/36 maxlen: 36 2401:afe0:a000::/35 maxlen: 35 2401:afe0:b000::/36 maxlen: 36 2401:afe0:c000::/34 maxlen: 35 2401:afe0:c000::/36 maxlen: 36 2401:afe0:e000::/35 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.crl rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:35:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 151 (0x97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0B0E, serialNumber=957E50A75FBE502F38E3EDBF3F4AAAE665AE148B Validity Not Before: Jul 15 06:43:44 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=6875f8a0-f421 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:f7:2a:88:06:ae:8b:9c:d1:ab:e7:90:c6:6e: e3:e0:11:33:36:85:6c:cc:30:20:a8:4b:3b:39:da: 17:e4:e6:40:91:2f:47:1d:95:f6:9b:bf:fd:3d:a2: f6:b3:d1:b1:96:36:53:fb:81:56:b5:53:e3:b7:a0: f2:8e:18:a8:30:36:4b:ca:45:f7:df:1c:59:82:ef: 84:98:3b:82:25:ad:76:b6:c8:8f:6a:ae:4c:ef:21: 46:81:f6:80:09:83:82:32:af:7f:7d:36:72:47:ad: 87:3f:05:e5:d2:b8:5f:cc:f5:b6:2f:88:2a:32:6d: 51:ab:1a:fb:91:54:cd:1a:51:86:68:80:a4:d1:e6: 22:e6:86:b2:5e:97:03:26:93:4a:72:4d:c8:49:e4: dc:4e:62:b0:e1:0c:6d:ef:9d:ba:cb:73:ea:36:77: 17:e2:2f:3c:36:f6:f4:87:28:cc:e4:70:f0:6c:83: 80:b4:be:1c:d9:93:45:1f:6f:ae:0b:ab:58:69:3b: 0a:1f:1b:ad:87:d6:4c:10:e1:36:29:69:95:6e:63: fe:e6:7f:10:bc:94:44:e5:3d:e5:be:75:d3:e1:16: 7f:f1:c5:97:ce:bb:f3:9f:34:44:b9:cc:a8:f9:af: f3:62:24:80:52:74:d5:c7:1e:73:7b:2e:a6:9b:2b: 1e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:B5:E7:83:D9:0B:D0:F6:69:85:0E:47:F2:55:1F:46:DC:5E:5C:DD X509v3 Authority Key Identifier: keyid:95:7E:50:A7:5F:BE:50:2F:38:E3:ED:BF:3F:4A:AA:E6:65:AE:14:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/A0A9D60C807511EFAD8C4257C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:afe0::/32 Signature Algorithm: sha256WithRSAEncryption 27:ff:40:7a:22:6f:03:d9:f8:ff:c8:81:52:8e:b1:82:7e:9a: ea:53:f1:8c:43:a2:a8:6c:4f:dd:8b:72:78:18:61:05:0a:a4: 23:62:a3:35:99:b8:38:55:1d:ab:c5:b8:d6:75:9e:61:e8:94: 90:d6:f2:5d:93:fa:83:33:65:db:03:1f:6c:52:4b:5c:fc:ce: 75:e0:5a:22:8a:98:77:a3:b0:84:b0:dc:bb:13:8e:b6:32:e4: 9b:b8:5c:a9:ec:03:56:64:e9:d6:dc:3d:27:46:c4:29:a2:d7: 6a:d3:6a:9f:18:e7:b0:a0:5c:36:53:2e:e0:55:97:75:2c:42: c4:f0:b5:99:e5:98:b0:be:49:5e:3d:f9:5e:79:59:89:bc:a7: c1:ce:da:e2:f8:fa:0a:8e:18:4c:50:45:32:ef:b2:83:50:6e: 70:24:5d:66:16:24:d9:cf:af:9c:6b:ad:95:50:94:0d:31:62: 48:33:fd:8b:53:a0:42:08:52:b5:3f:41:50:92:97:19:5c:83: 1d:60:57:ba:d2:79:0c:ca:c3:f3:eb:1f:3d:88:b2:02:ce:99: df:23:02:75:dc:8d:02:b7:a6:66:b9:a5:1e:5c:68:11:f4:f6: 68:45:ac:f7:93:9d:42:2b:fb:e9:ea:94:a1:10:47:c2:95:31: cf:21:5b:a0 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICAJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDBCMEUxMTAvBgNVBAUTKDk1N0U1MEE3NUZCRTUwMkYzOEUzRURCRjNGNEFBQUU2 NjVBRTE0OEIwHhcNMjUwNzE1MDY0MzQ0WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODc1ZjhhMC1mNDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0/cqiAaui5zRq+eQxm7j4BEzNoVszDAgqEs7OdoX5OZAkS9HHZX2m7/9PaL2 s9GxljZT+4FWtVPjt6DyjhioMDZLykX33xxZgu+EmDuCJa12tsiPaq5M7yFGgfaA CYOCMq9/fTZyR62HPwXl0rhfzPW2L4gqMm1Rqxr7kVTNGlGGaICk0eYi5oayXpcD JpNKck3ISeTcTmKw4Qxt7526y3PqNncX4i88Nvb0hyjM5HDwbIOAtL4c2ZNFH2+u C6tYaTsKHxuth9ZMEOE2KWmVbmP+5n8QvJRE5T3lvnXT4RZ/8cWXzrvznzREucyo +a/zYiSAUnTVxx5zey6mmyseewIDAQABo4ICljCCApIwHQYDVR0OBBYEFGq154PZ C9D2aYUOR/JVH0bcXlzdMB8GA1UdIwQYMBaAFJV+UKdfvlAvOOPtvz9KquZlrhSL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMEIwRS80RTZDQjRGNjgw NjkxMUVGODg3QjcwM0NDNEY5QUUwMi9sWDVRcDEtLVVDODQ0LTJfUDBxcTVtV3VG SXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xYNVFwMS0tVUM4NDQtMl9QMHFxNW1XdUZJcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDBCMEUvNEU2Q0I0RjY4MDY5MTFFRjg4N0I3MDNDQzRGOUFFMDIvQTBBOUQ2MEM4 MDc1MTFFRkFEOEM0MjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkAa/gMA0GCSqGSIb3DQEBCwUAA4IBAQAn/0B6Im8D2fj/ yIFSjrGCfprqU/GMQ6KobE/di3J4GGEFCqQjYqM1mbg4VR2rxbjWdZ5h6JSQ1vJd k/qDM2XbAx9sUktc/M514Foiiph3o7CEsNy7E462MuSbuFyp7ANWZOnW3D0nRsQp otdq02qfGOewoFw2Uy7gVZd1LELE8LWZ5ZiwvklePfleeVmJvKfBztri+PoKjhhM UEUy77KDUG5wJF1mFiTZz6+ca62VUJQNMWJIM/2LU6BCCFK1P0FQkpcZXIMdYFe6 0nkMysPz6x89iLICzpnfIwJ13I0Ct6ZmuaUeXGgR9PZoRaz3k51CK/vp6pShEEfC lTHPIVug -----END CERTIFICATE-----Generated at Mon Jul 21 07:04:25 2025 by rpki-client