$ rpki-client -vvf rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/D4AECB7A701611EF824F7281C4F9AE02.roa File: D4AECB7A701611EF824F7281C4F9AE02.roa (raw, json) Hash identifier: OgrtZob9BenmszWmMepyuR4+jTnWhH21Nc4ELG9DAkE= Subject key identifier: D0:AB:6C:AA:1A:BC:D8:E9:2E:AF:BD:3A:BC:33:2B:1F:16:B1:20:12 Certificate issuer: /CN=A913A7A6/serialNumber=907B038ADEC7C3FA9C64930E6419B2FBBAB9C81C Certificate serial: 0A65 Authority key identifier: 90:7B:03:8A:DE:C7:C3:FA:9C:64:93:0E:64:19:B2:FB:BA:B9:C8:1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kHsDit7Hw_qcZJMOZBmy-7q5yBw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/D4AECB7A701611EF824F7281C4F9AE02.roa Signing time: Thu 30 Oct 2025 20:09:10 +0000 ROA not before: Thu 30 Oct 2025 20:09:10 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 58877 IP address blocks: 2405:2d00::/32 maxlen: 33 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/kHsDit7Hw_qcZJMOZBmy-7q5yBw.crl rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/kHsDit7Hw_qcZJMOZBmy-7q5yBw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kHsDit7Hw_qcZJMOZBmy-7q5yBw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 19:36:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2661 (0xa65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913A7A6, serialNumber=907B038ADEC7C3FA9C64930E6419B2FBBAB9C81C Validity Not Before: Oct 30 20:09:10 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=6903c5e6-6dd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e0:1f:f9:e1:43:35:af:98:cf:a6:e2:60:2c: b3:47:ea:43:cf:41:20:43:63:49:7f:05:8d:17:ee: 37:2d:00:8f:bb:ae:37:fe:e4:96:d2:dc:d5:0c:a2: 05:2f:95:e0:1b:89:f3:2c:63:7c:c4:e0:a5:4e:32: 20:d3:1d:43:9a:aa:66:0e:a9:f7:e2:2d:1e:35:57: 2e:15:eb:30:6b:45:02:ac:69:ff:d7:91:1f:ed:3e: 57:0b:de:c3:d9:6b:77:e6:dd:8c:ac:2e:00:47:92: 87:67:61:d7:61:a7:8d:69:da:5b:bc:84:5b:df:3f: 53:a7:50:21:d9:14:61:2b:4a:46:55:09:6f:b5:d2: 57:13:41:77:02:7d:e3:1c:90:35:34:39:6c:97:3b: 35:ab:c0:40:91:2f:78:01:6f:51:87:72:61:04:a8: b6:c5:76:82:0f:74:ff:35:c6:d4:b5:01:83:bd:8b: 3c:5a:a7:0d:78:e2:ca:c7:27:d9:69:8a:45:4b:ad: 71:85:8a:7f:7c:d7:09:f6:d3:90:a8:bb:b6:ca:de: 94:f6:fc:b2:e9:ab:18:53:1c:38:69:44:d7:37:c5: dc:37:ad:39:6d:55:a4:82:2b:5b:95:3a:bd:07:5e: 57:46:40:54:6f:20:66:cd:c4:0a:f6:ba:c2:78:c4: 62:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:AB:6C:AA:1A:BC:D8:E9:2E:AF:BD:3A:BC:33:2B:1F:16:B1:20:12 X509v3 Authority Key Identifier: keyid:90:7B:03:8A:DE:C7:C3:FA:9C:64:93:0E:64:19:B2:FB:BA:B9:C8:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/kHsDit7Hw_qcZJMOZBmy-7q5yBw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kHsDit7Hw_qcZJMOZBmy-7q5yBw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/D4AECB7A701611EF824F7281C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2405:2d00::/32 Signature Algorithm: sha256WithRSAEncryption 09:68:e9:cf:1e:d9:40:94:69:eb:fb:c6:9c:41:cc:0c:40:f7: 54:cc:78:63:d0:a5:b5:56:03:37:5e:84:fc:46:f4:36:53:9e: 72:ae:94:69:c9:69:ca:8d:38:f4:29:12:7b:da:89:a7:39:d2: 4e:6c:46:9b:c4:39:da:97:14:8d:33:36:60:af:27:64:89:2b: d2:ee:72:bd:81:2e:8b:3f:b0:53:18:1b:ee:3d:4f:5d:af:73: a8:d1:4d:ac:d5:48:e0:13:59:d7:eb:2a:95:17:6d:9c:c9:bb: a0:ca:48:92:fd:15:7e:e1:41:24:3f:97:f5:62:c0:55:92:bd: 0a:86:85:e6:32:7b:5f:74:cc:35:f1:b4:d3:7a:7e:78:8d:32: 90:fa:d1:11:16:a1:23:45:b3:91:03:fb:1f:ca:5d:d7:65:3c: 42:c4:13:c2:fd:03:9d:4a:62:f2:a7:c4:1e:6f:08:02:b9:a2: a4:fa:53:e6:46:ed:ea:34:5b:47:88:0b:6c:e9:39:d4:d4:5c: d8:7f:96:b3:d0:87:b7:89:71:88:cd:41:42:78:52:59:c6:ec: e0:6b:5b:06:f9:b9:b4:3b:4e:2e:4d:61:e0:02:4d:0d:9d:b4: 08:09:04:ae:82:c1:10:3d:3b:cf:73:73:bd:85:0b:57:1a:f9: 6b:50:7c:19 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICCmUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0E3QTYxMTAvBgNVBAUTKDkwN0IwMzhBREVDN0MzRkE5QzY0OTMwRTY0MTlCMkZC QkFCOUM4MUMwHhcNMjUxMDMwMjAwOTEwWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTAzYzVlNi02ZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxeAf+eFDNa+Yz6biYCyzR+pDz0EgQ2NJfwWNF+43LQCPu643/uSW0tzVDKIF L5XgG4nzLGN8xOClTjIg0x1DmqpmDqn34i0eNVcuFeswa0UCrGn/15Ef7T5XC97D 2Wt35t2MrC4AR5KHZ2HXYaeNadpbvIRb3z9Tp1Ah2RRhK0pGVQlvtdJXE0F3An3j HJA1NDlslzs1q8BAkS94AW9Rh3JhBKi2xXaCD3T/NcbUtQGDvYs8WqcNeOLKxyfZ aYpFS61xhYp/fNcJ9tOQqLu2yt6U9vyy6asYUxw4aUTXN8XcN605bVWkgitblTq9 B15XRkBUbyBmzcQK9rrCeMRiRwIDAQABo4ICljCCApIwHQYDVR0OBBYEFNCrbKoa vNjpLq+9OrwzKx8WsSASMB8GA1UdIwQYMBaAFJB7A4rex8P6nGSTDmQZsvu6ucgc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQTdBNi80REI5NDQzQTcz QjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9rSHNEaXQ3SHdfcWNaSk1PWkJteS03cTV5 QncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tIc0RpdDdId19xY1pKTU9aQm15LTdxNXlCdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0E3QTYvNERCOTQ0M0E3M0I2MTFFQTlCOEMxRjVDQzRGOUFFMDIvRDRBRUNCN0E3 MDE2MTFFRjgyNEY3MjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkBS0AMA0GCSqGSIb3DQEBCwUAA4IBAQAJaOnPHtlAlGnr +8acQcwMQPdUzHhj0KW1VgM3XoT8RvQ2U55yrpRpyWnKjTj0KRJ72omnOdJObEab xDnalxSNMzZgrydkiSvS7nK9gS6LP7BTGBvuPU9dr3Oo0U2s1UjgE1nX6yqVF22c ybugykiS/RV+4UEkP5f1YsBVkr0KhoXmMntfdMw18bTTen54jTKQ+tERFqEjRbOR A/sfyl3XZTxCxBPC/QOdSmLyp8QebwgCuaKk+lPmRu3qNFtHiAts6TnU1FzYf5az 0Ie3iXGIzUFCeFJZxuzga1sG+bm0O04uTWHgAk0NnbQICQSugsEQPTvPc3O9hQtX GvlrUHwZ -----END CERTIFICATE-----Generated at Tue Nov 4 07:21:00 2025 by rpki-client