$ rpki-client -vvf rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/3CDB97F6B03911F09A54BE60C4F9AE02.roa File: 3CDB97F6B03911F09A54BE60C4F9AE02.roa (raw, json) Hash identifier: 6SWqHXnqIzuEPf5esMyFHKpdKbE+6wQV4YrBSsNPMq0= Subject key identifier: D8:4D:AD:38:6A:25:17:7D:F8:71:24:88:58:D6:6A:8A:E4:C9:FD:9E Certificate issuer: /CN=A915B5B1/serialNumber=DFDC3ADB33CAA8591EFAF2776C3B0C556C08A2B6 Certificate serial: 03A2 Authority key identifier: DF:DC:3A:DB:33:CA:A8:59:1E:FA:F2:77:6C:3B:0C:55:6C:08:A2:B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/39w62zPKqFke-vJ3bDsMVWwIorY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/3CDB97F6B03911F09A54BE60C4F9AE02.roa Signing time: Thu 23 Oct 2025 17:53:54 +0000 ROA not before: Thu 23 Oct 2025 17:53:54 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 149311 IP address blocks: 2001:df0:c240::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/39w62zPKqFke-vJ3bDsMVWwIorY.crl rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/39w62zPKqFke-vJ3bDsMVWwIorY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/39w62zPKqFke-vJ3bDsMVWwIorY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:56:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 930 (0x3a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915B5B1, serialNumber=DFDC3ADB33CAA8591EFAF2776C3B0C556C08A2B6 Validity Not Before: Oct 23 17:53:54 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68fa6bb1-0efe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c0:0b:68:e3:b4:50:04:56:46:50:f9:28:c4: 50:0c:dd:bc:73:55:bf:dd:33:a7:15:21:c6:9c:31: 3f:f9:2b:5e:8b:47:0d:1b:68:e8:01:1d:46:06:27: 01:1e:3a:69:78:ae:01:fd:3d:f9:e2:5b:fe:83:16: 99:d9:e4:73:62:d9:4b:41:df:d2:89:32:76:61:8b: 25:21:8d:c5:fb:d9:d4:81:7d:a6:e3:53:13:c9:b7: 77:ee:bd:94:bf:58:a9:56:dd:49:b1:df:c2:59:5d: b3:eb:df:3a:12:78:3d:67:60:0b:98:f6:e9:46:49: 0a:b4:13:59:c3:03:44:36:59:1f:ea:67:d2:de:6b: a8:72:86:46:bc:b2:71:a5:4f:84:a1:6e:87:05:f7: 52:70:3b:77:e3:af:28:d1:d5:e4:b6:5a:31:fb:65: 61:fd:0f:4e:c4:20:06:bb:91:8b:06:a5:5f:dc:04: 23:82:e0:e1:e5:0a:ba:28:3d:47:3f:e2:4f:56:f3: 56:ae:7e:72:8a:88:49:55:4f:c4:6a:46:b0:36:bb: f8:ea:2a:8e:03:b2:26:b9:6b:d1:1d:07:6d:c1:16: d1:54:41:6c:7a:97:90:16:76:be:eb:35:77:7b:71: 57:5c:48:bb:c5:5b:ce:d3:bb:50:ef:8d:22:49:81: 4e:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:4D:AD:38:6A:25:17:7D:F8:71:24:88:58:D6:6A:8A:E4:C9:FD:9E X509v3 Authority Key Identifier: keyid:DF:DC:3A:DB:33:CA:A8:59:1E:FA:F2:77:6C:3B:0C:55:6C:08:A2:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/39w62zPKqFke-vJ3bDsMVWwIorY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/39w62zPKqFke-vJ3bDsMVWwIorY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B5B1/ED629F0CD7E811EC92A94F4CC4F9AE02/3CDB97F6B03911F09A54BE60C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df0:c240::/48 Signature Algorithm: sha256WithRSAEncryption 10:2a:47:b8:06:fd:ef:58:11:19:71:40:f3:2f:24:f3:7b:c2: 9a:92:93:9e:b9:44:8d:ea:26:47:59:3a:a8:8d:68:76:06:44: 4a:f6:a5:c0:a6:9f:43:00:8c:be:4b:7a:d2:50:b6:fa:04:b8: 15:3a:95:7c:06:f7:c0:f3:0f:fc:70:22:63:dc:c5:45:f6:46: 4a:f8:28:f1:5e:b3:00:bc:41:77:5a:d0:c8:c8:4c:f8:41:d4: 44:c7:5d:20:b7:f4:0f:2b:ba:4f:42:c4:a1:e2:6f:fd:a9:c7: 8c:3c:2b:df:8a:30:1f:9d:f2:d4:e5:08:a1:b5:3f:7e:d4:a2: ca:f1:1d:fe:3d:4d:f9:38:a4:c3:dd:2b:72:c1:5e:7a:b4:a4: ea:0e:10:4f:d1:6b:b4:1e:c1:02:0c:94:99:d0:c6:3e:6e:9f: 79:ba:a5:c6:63:63:38:b0:fe:75:0c:11:9b:a2:51:f8:3a:00: 77:ef:ab:04:eb:e8:5c:1a:3a:e3:f1:56:04:4d:63:9f:3c:71: 0a:cc:40:e3:24:03:cc:2d:ad:28:06:38:96:a5:7a:6c:ab:2e: 71:2a:6b:5a:ab:1e:02:e7:f9:d3:81:41:9e:d2:64:e4:73:c4: 4e:f7:92:9f:35:76:28:94:50:77:92:1f:e5:cf:a4:36:fd:f3: e9:cb:d4:08 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICA6IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUI1QjExMTAvBgNVBAUTKERGREMzQURCMzNDQUE4NTkxRUZBRjI3NzZDM0IwQzU1 NkMwOEEyQjYwHhcNMjUxMDIzMTc1MzU0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGZhNmJiMS0wZWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxsALaOO0UARWRlD5KMRQDN28c1W/3TOnFSHGnDE/+Stei0cNG2joAR1GBicB HjppeK4B/T354lv+gxaZ2eRzYtlLQd/SiTJ2YYslIY3F+9nUgX2m41MTybd37r2U v1ipVt1Jsd/CWV2z6986Eng9Z2ALmPbpRkkKtBNZwwNENlkf6mfS3muocoZGvLJx pU+EoW6HBfdScDt3468o0dXktlox+2Vh/Q9OxCAGu5GLBqVf3AQjguDh5Qq6KD1H P+JPVvNWrn5yiohJVU/EakawNrv46iqOA7ImuWvRHQdtwRbRVEFsepeQFna+6zV3 e3FXXEi7xVvO07tQ740iSYFOvwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNhNrThq JRd9+HEkiFjWaorkyf2eMB8GA1UdIwQYMBaAFN/cOtszyqhZHvryd2w7DFVsCKK2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjVCMS9FRDYyOUYwQ0Q3 RTgxMUVDOTJBOTRGNENDNEY5QUUwMi8zOXc2MnpQS3FGa2UtdkozYkRzTVZXd0lv clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzM5dzYyelBLcUZrZS12SjNiRHNNVld3SW9yWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NUI1QjEvRUQ2MjlGMENEN0U4MTFFQzkyQTk0RjRDQzRGOUFFMDIvM0NEQjk3RjZC MDM5MTFGMDlBNTRCRTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ3wwkAwDQYJKoZIhvcNAQELBQADggEBABAqR7gG/e9Y ERlxQPMvJPN7wpqSk565RI3qJkdZOqiNaHYGREr2pcCmn0MAjL5LetJQtvoEuBU6 lXwG98DzD/xwImPcxUX2Rkr4KPFeswC8QXda0MjITPhB1ETHXSC39A8ruk9CxKHi b/2px4w8K9+KMB+d8tTlCKG1P37UosrxHf49Tfk4pMPdK3LBXnq0pOoOEE/Ra7Qe wQIMlJnQxj5un3m6pcZjYziw/nUMEZuiUfg6AHfvqwTr6FwaOuPxVgRNY588cQrM QOMkA8wtrSgGOJalemyrLnEqa1qrHgLn+dOBQZ7SZORzxE73kp81diiUUHeSH+XP pDb98+nL1Ag= -----END CERTIFICATE-----Generated at Tue Nov 4 13:15:19 2025 by rpki-client