$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/86516CF04BE911EE8640FE79C4F9AE02.roa File: 86516CF04BE911EE8640FE79C4F9AE02.roa (raw, json) Hash identifier: JOQ3FTCOYnFyVjIC1sbOokkZryNT0nxy6ytkaThHIoc= Subject key identifier: E2:49:D6:05:26:DF:C0:34:47:D3:00:6E:6D:99:F5:A0:13:8A:34:91 Certificate issuer: /CN=A9148D53/serialNumber=FDBD4C0D34492F5CEAE4879E4762796E527007EB Certificate serial: 01A2 Authority key identifier: FD:BD:4C:0D:34:49:2F:5C:EA:E4:87:9E:47:62:79:6E:52:70:07:EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_b1MDTRJL1zq5IeeR2J5blJwB-s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/86516CF04BE911EE8640FE79C4F9AE02.roa Signing time: Wed 05 Mar 2025 05:20:18 +0000 ROA not before: Wed 05 Mar 2025 05:20:18 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 139853 IP address blocks: 2401:fd80:ff00::/48 maxlen: 48 2401:fd80:ff01::/48 maxlen: 48 2401:fd80:ff02::/48 maxlen: 48 2401:fd80:ff03::/48 maxlen: 48 2401:fd80:ff04::/48 maxlen: 48 2401:fd80:ffb1::/48 maxlen: 48 2401:fd80:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/_b1MDTRJL1zq5IeeR2J5blJwB-s.crl rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/_b1MDTRJL1zq5IeeR2J5blJwB-s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_b1MDTRJL1zq5IeeR2J5blJwB-s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 03:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 418 (0x1a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148D53, serialNumber=FDBD4C0D34492F5CEAE4879E4762796E527007EB Validity Not Before: Mar 5 05:20:18 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c7df11-88d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:cc:e6:03:97:aa:be:d1:8b:98:bd:f6:43:90: 48:ad:1b:d1:24:8d:93:59:da:8b:29:99:39:fe:ae: 06:79:18:db:0e:bc:80:0a:7d:59:17:d1:cc:21:ca: 52:3a:45:88:20:47:c5:89:70:b9:8f:62:1f:08:24: 8f:9e:7f:0e:1b:62:8b:db:2d:d7:41:3b:b0:58:18: 9b:02:51:65:0c:df:40:cc:9c:bb:a0:1c:c2:9f:8b: e3:5a:3a:68:07:f5:67:bf:be:9f:a7:64:c2:eb:cf: 61:25:b7:e6:95:5e:8b:50:bd:9b:b8:43:97:66:9e: 70:a0:33:58:16:f6:8a:62:82:48:71:7b:8d:06:17: 5e:7a:96:c8:58:56:0b:e4:1f:72:90:c7:83:f0:69: e8:b1:21:5d:53:3b:cd:03:00:01:e1:48:1e:4d:30: 40:76:fd:95:6c:d1:c3:04:51:bd:a6:04:58:0c:78: d6:4a:4d:64:8c:a3:7c:3b:83:41:de:55:7f:2c:97: d2:0e:66:7d:a2:a1:33:98:8a:a4:cd:72:b4:69:23: b0:ec:38:e0:87:ba:66:fd:42:91:19:66:c8:39:9a: 23:04:c0:db:96:f0:90:eb:7d:3d:88:ec:14:fa:0a: 72:ed:3c:46:0e:2c:69:ca:b7:20:a8:55:7e:34:17: 58:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:49:D6:05:26:DF:C0:34:47:D3:00:6E:6D:99:F5:A0:13:8A:34:91 X509v3 Authority Key Identifier: keyid:FD:BD:4C:0D:34:49:2F:5C:EA:E4:87:9E:47:62:79:6E:52:70:07:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/_b1MDTRJL1zq5IeeR2J5blJwB-s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_b1MDTRJL1zq5IeeR2J5blJwB-s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/86516CF04BE911EE8640FE79C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:fd80:ff00::-2401:fd80:ff04:ffff:ffff:ffff:ffff:ffff 2401:fd80:ffb1::/48 2401:fd80:ffff::/48 Signature Algorithm: sha256WithRSAEncryption 1f:02:77:0f:f5:ef:17:b9:e5:70:2a:56:4a:39:2b:5a:7f:1d: 78:aa:41:46:7c:5a:a2:b1:ff:f8:8f:8b:ea:fb:f3:3d:a5:4f: 65:cc:3e:d1:ba:bf:75:39:a8:63:4a:fc:a5:65:b4:bb:c3:b9: ad:59:1b:63:01:7a:e2:c7:fd:da:36:77:a8:4e:30:95:f7:49: 9b:d3:6e:ee:bb:8d:57:ee:1e:0a:f6:06:9f:c4:53:fa:c5:98: 68:d9:51:ca:73:78:a9:4e:8b:24:02:2b:46:7c:7b:05:af:3f: e0:8c:ff:cd:c0:42:16:be:85:b8:4a:8b:0d:94:18:ea:7a:28: c1:ad:41:c1:f2:ec:ff:f1:bb:cb:85:45:c7:26:02:f5:45:e1: 7f:1b:2b:b3:ca:8a:ea:19:a8:58:de:5b:64:50:05:d5:39:1e: f0:21:80:8c:d3:2e:fa:c0:de:af:18:76:d7:83:26:d2:25:f5: e2:27:4b:29:32:b2:05:4f:77:90:49:bc:a4:b7:3d:e8:fb:62: 99:80:58:89:c6:26:82:cf:90:d8:12:47:71:d2:a3:a7:a8:12: 03:e8:69:23:3e:3e:b0:5c:7d:f3:5e:0c:7a:87:f1:7c:2b:8d: 86:fe:03:00:dd:4e:b0:9c:46:e9:31:32:67:01:20:4c:54:45: 50:35:35:1f -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgICAaIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhENTMxMTAvBgNVBAUTKEZEQkQ0QzBEMzQ0OTJGNUNFQUU0ODc5RTQ3NjI3OTZF NTI3MDA3RUIwHhcNMjUwMzA1MDUyMDE4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2M3ZGYxMS04OGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv8zmA5eqvtGLmL32Q5BIrRvRJI2TWdqLKZk5/q4GeRjbDryACn1ZF9HMIcpS OkWIIEfFiXC5j2IfCCSPnn8OG2KL2y3XQTuwWBibAlFlDN9AzJy7oBzCn4vjWjpo B/Vnv76fp2TC689hJbfmlV6LUL2buEOXZp5woDNYFvaKYoJIcXuNBhdeepbIWFYL 5B9ykMeD8GnosSFdUzvNAwAB4UgeTTBAdv2VbNHDBFG9pgRYDHjWSk1kjKN8O4NB 3lV/LJfSDmZ9oqEzmIqkzXK0aSOw7Djgh7pm/UKRGWbIOZojBMDblvCQ6309iOwU +gpy7TxGDixpyrcgqFV+NBdYIQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFOJJ1gUm 38A0R9MAbm2Z9aATijSRMB8GA1UdIwQYMBaAFP29TA00SS9c6uSHnkdieW5ScAfr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1My9ENTg2RjhGMDMw NzExMUVFODU0NkEzMkZDNEY5QUUwMi9fYjFNRFRSSkwxenE1SWVlUjJKNWJsSndC LXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19iMU1EVFJKTDF6cTVJZWVSMko1YmxKd0Itcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDhENTMvRDU4NkY4RjAzMDcxMTFFRTg1NDZBMzJGQzRGOUFFMDIvODY1MTZDRjA0 QkU5MTFFRTg2NDBGRTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E LzAtMCsEAgACMCUwEQMGACQB/YD/AwcAJAH9gP8EAwcAJAH9gP+xAwcAJAH9gP// MA0GCSqGSIb3DQEBCwUAA4IBAQAfAncP9e8XueVwKlZKOStafx14qkFGfFqisf/4 j4vq+/M9pU9lzD7Rur91OahjSvylZbS7w7mtWRtjAXrix/3aNneoTjCV90mb027u u41X7h4K9gafxFP6xZho2VHKc3ipToskAitGfHsFrz/gjP/NwEIWvoW4SosNlBjq eijBrUHB8uz/8bvLhUXHJgL1ReF/GyuzyorqGahY3ltkUAXVOR7wIYCM0y76wN6v GHbXgybSJfXiJ0spMrIFT3eQSbyktz3o+2KZgFiJxiaCz5DYEkdx0qOnqBID6Gkj Pj6wXH3zXgx6h/F8K42G/gMA3U6wnEbpMTJnASBMVEVQNTUf -----END CERTIFICATE-----Generated at Wed Oct 29 10:50:42 2025 by rpki-client