$ rpki-client -vvf rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/DF8D07E8FB7E11EFA25DF775C4F9AE02.roa File: DF8D07E8FB7E11EFA25DF775C4F9AE02.roa (raw, json) Hash identifier: n28bSlaWY/S2wfqAMTDZC/VvTdPcMvRogB10CM2udPE= Subject key identifier: E5:BC:AD:AE:5F:96:5A:6B:E3:F4:8B:13:7C:C1:03:7E:32:98:72:B1 Certificate issuer: /CN=A9166C39/serialNumber=07E051B41ED82E3F53BF59AA84DD9ACA20CFB54C Certificate serial: 08F6 Authority key identifier: 07:E0:51:B4:1E:D8:2E:3F:53:BF:59:AA:84:DD:9A:CA:20:CF:B5:4C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/DF8D07E8FB7E11EFA25DF775C4F9AE02.roa Signing time: Sat 30 Aug 2025 21:11:54 +0000 ROA not before: Sat 30 Aug 2025 21:11:53 +0000 ROA not after: Tue 30 Dec 2025 00:00:00 +0000 asID: 400105 IP address blocks: 2001:df4:d80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.crl rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 20:26:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2294 (0x8f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166C39, serialNumber=07E051B41ED82E3F53BF59AA84DD9ACA20CFB54C Validity Not Before: Aug 30 21:11:53 2025 GMT Not After : Dec 30 00:00:00 2025 GMT Subject: CN=68b36919-1361 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:8f:35:c7:75:ad:b1:95:58:77:96:3e:03:23: 46:4d:74:ca:a9:46:4a:b9:4d:70:a6:72:14:ad:d2: 29:2c:fc:56:8c:2f:62:00:a7:b1:71:84:9b:92:53: 1e:0a:43:59:be:ad:ac:dd:61:86:6e:be:60:11:c8: 29:b5:ec:07:be:8b:94:22:28:1a:9e:f9:3a:91:3b: 24:66:57:b5:96:78:ac:87:a8:4f:7f:25:c5:90:80: c2:25:fa:62:6a:06:1d:4a:11:f0:a7:16:9f:4f:f9: fe:7c:29:07:16:66:c5:6a:c0:7a:4f:f7:19:c7:bf: a8:60:46:26:9b:b8:ef:77:80:98:b6:ce:17:db:26: 27:3a:d6:cb:42:20:f8:33:8d:94:02:b6:8f:f6:08: d5:a9:1b:5b:05:ac:14:22:f3:03:ca:84:0a:0a:5c: f3:59:fd:40:30:6c:9d:0d:ed:7f:f7:bc:e2:9c:30: 7e:3e:19:cd:5d:fc:4d:ce:82:13:17:76:51:e9:ab: 64:a5:e9:5e:27:bf:46:3b:45:82:46:07:fb:36:e2: b0:03:76:b2:29:f1:ef:13:ea:6c:31:78:c4:8b:f8: f7:6c:db:4d:50:11:ad:a4:4e:8e:72:94:80:a7:f7: 4a:db:c8:85:c9:d3:30:f5:75:92:4c:fd:1a:c8:73: fc:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:BC:AD:AE:5F:96:5A:6B:E3:F4:8B:13:7C:C1:03:7E:32:98:72:B1 X509v3 Authority Key Identifier: keyid:07:E0:51:B4:1E:D8:2E:3F:53:BF:59:AA:84:DD:9A:CA:20:CF:B5:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B-BRtB7YLj9Tv1mqhN2ayiDPtUw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166C39/27EECFD0BB9711EAA1A66C53C4F9AE02/DF8D07E8FB7E11EFA25DF775C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df4:d80::/48 Signature Algorithm: sha256WithRSAEncryption 21:12:57:92:69:7b:d3:c6:94:c5:e3:4f:5c:61:9a:f1:f3:58: 32:1e:93:14:81:d9:57:09:4d:5d:28:5c:97:f4:5f:ba:31:e2: 84:1f:fd:6e:6e:c0:71:51:be:e3:6a:4c:5e:d7:66:90:01:81: 09:87:fd:ef:d5:2d:52:05:97:cc:8a:ee:ee:a5:89:f8:97:fb: 63:d4:4b:f3:97:35:15:73:fc:14:7a:e4:53:9f:bd:f8:e0:d9: 4c:2d:f3:08:f7:c6:26:9a:dd:13:e3:bb:2d:20:20:12:10:e6: 41:36:44:68:4b:5a:81:12:00:69:3b:f0:52:42:fd:4c:71:55: 36:3c:75:55:39:b7:6a:e9:19:f5:e4:4f:17:ce:09:90:81:c3: 03:ea:e8:e5:1b:c4:87:18:3b:dd:be:f6:3f:85:0d:f0:13:1d: db:53:40:2c:ed:b3:aa:4f:14:f1:82:53:4f:7f:d0:98:c0:9d: de:30:fd:cf:a1:ba:a8:3d:39:35:fd:d8:3a:28:b2:65:f5:ec: e2:57:10:30:17:52:88:60:f2:ec:45:78:36:dc:a3:01:1b:0b: ca:90:8f:10:ad:14:d5:96:68:a0:3c:f4:6c:42:e6:01:ff:fa: a2:10:a6:cc:67:d7:ed:66:a0:e3:32:f7:82:b9:7c:01:d3:ba: a8:68:b4:6b -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICCPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZDMzkxMTAvBgNVBAUTKDA3RTA1MUI0MUVEODJFM0Y1M0JGNTlBQTg0REQ5QUNB MjBDRkI1NEMwHhcNMjUwODMwMjExMTUzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIzNjkxOS0xMzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo481x3WtsZVYd5Y+AyNGTXTKqUZKuU1wpnIUrdIpLPxWjC9iAKexcYSbklMe CkNZvq2s3WGGbr5gEcgptewHvouUIiganvk6kTskZle1lnish6hPfyXFkIDCJfpi agYdShHwpxafT/n+fCkHFmbFasB6T/cZx7+oYEYmm7jvd4CYts4X2yYnOtbLQiD4 M42UAraP9gjVqRtbBawUIvMDyoQKClzzWf1AMGydDe1/97zinDB+PhnNXfxNzoIT F3ZR6atkpeleJ79GO0WCRgf7NuKwA3ayKfHvE+psMXjEi/j3bNtNUBGtpE6OcpSA p/dK28iFydMw9XWSTP0ayHP89wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFOW8ra5f llpr4/SLE3zBA34ymHKxMB8GA1UdIwQYMBaAFAfgUbQe2C4/U79ZqoTdmsogz7VM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkMzOS8yN0VFQ0ZEMEJC OTcxMUVBQTFBNjZDNTNDNEY5QUUwMi9CLUJSdEI3WUxqOVR2MW1xaE4yYXlpRFB0 VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ItQlJ0QjdZTGo5VHYxbXFoTjJheWlEUHRVdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjZDMzkvMjdFRUNGRDBCQjk3MTFFQUExQTY2QzUzQzRGOUFFMDIvREY4RDA3RThG QjdFMTFFRkEyNURGNzc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ30DYAwDQYJKoZIhvcNAQELBQADggEBACESV5Jpe9PG lMXjT1xhmvHzWDIekxSB2VcJTV0oXJf0X7ox4oQf/W5uwHFRvuNqTF7XZpABgQmH /e/VLVIFl8yK7u6lifiX+2PUS/OXNRVz/BR65FOfvfjg2Uwt8wj3xiaa3RPjuy0g IBIQ5kE2RGhLWoESAGk78FJC/UxxVTY8dVU5t2rpGfXkTxfOCZCBwwPq6OUbxIcY O92+9j+FDfATHdtTQCzts6pPFPGCU09/0JjAnd4w/c+huqg9OTX92DoosmX17OJX EDAXUohg8uxFeDbcowEbC8qQjxCtFNWWaKA89GxC5gH/+qIQpsxn1+1moOMy94K5 fAHTuqhotGs= -----END CERTIFICATE-----Generated at Tue Sep 9 13:20:55 2025 by rpki-client