$ rpki-client -vvf rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/AA398864B96611EF8161BF51C4F9AE02.roa File: AA398864B96611EF8161BF51C4F9AE02.roa (raw, json) Hash identifier: TD7salmLrRM34euIo8G4Ct9yO9PS+fagaxM6vGI2MEw= Subject key identifier: 05:E8:36:4B:D2:A7:3C:D7:EB:B1:9B:81:A4:B5:B4:0C:89:66:1C:03 Certificate issuer: /CN=A917BEA7/serialNumber=0B8D638FFD38B1F77E48E1BB5DF29929CE7D78B5 Certificate serial: 01D5 Authority key identifier: 0B:8D:63:8F:FD:38:B1:F7:7E:48:E1:BB:5D:F2:99:29:CE:7D:78:B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C41jj_04sfd-SOG7XfKZKc59eLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/AA398864B96611EF8161BF51C4F9AE02.roa Signing time: Sun 31 Aug 2025 04:21:18 +0000 ROA not before: Sun 31 Aug 2025 04:21:18 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 139358 IP address blocks: 2401:e60:20::/44 maxlen: 44 2401:e60:20::/48 maxlen: 48 2401:e60:30::/44 maxlen: 44 2401:e60:100::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/C41jj_04sfd-SOG7XfKZKc59eLU.crl rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/C41jj_04sfd-SOG7XfKZKc59eLU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C41jj_04sfd-SOG7XfKZKc59eLU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 03:39:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 469 (0x1d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917BEA7, serialNumber=0B8D638FFD38B1F77E48E1BB5DF29929CE7D78B5 Validity Not Before: Aug 31 04:21:18 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68b3cdbe-43e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:ac:3d:6e:7e:db:cb:f2:36:49:a9:8f:b2:3b: 89:b1:88:f4:88:ea:ea:a5:fc:e0:a8:f9:03:ec:04: 2a:9b:77:3e:a1:a5:e9:3c:e3:16:ad:1b:e4:b5:5f: d6:22:dd:05:1f:61:51:fb:cc:6b:1b:cd:9d:f9:c8: 5a:2a:5c:2a:2c:d0:6f:7a:af:ab:ba:27:0b:ff:c6: d8:18:81:a7:e3:90:77:4c:8e:fd:d3:ef:e0:b9:0c: fc:79:0f:c7:59:e2:db:5a:50:40:b7:8a:23:f1:b6: 6a:78:ab:e9:4b:d8:4e:92:d9:bb:21:9b:e9:b0:62: 24:2d:c7:46:17:12:a0:09:d2:93:9f:33:22:fa:c3: b4:7b:71:87:55:bb:27:28:2f:9e:df:aa:6b:a5:e1: 02:4d:77:f0:14:01:0c:42:f8:3e:6f:42:fb:4b:20: bf:99:4f:e6:5b:04:83:74:75:a9:69:ec:b0:70:5d: 12:0a:9a:45:17:c1:65:78:ee:3c:05:0b:94:b6:b0: fe:fc:47:79:da:c5:be:72:96:48:bc:c1:f8:24:09: 44:9c:2e:c9:60:ae:1b:96:ae:c8:5d:b0:8b:8a:6f: c2:d1:ed:4b:8f:99:3c:b2:d1:2b:d8:f5:6f:7c:28: 56:c3:94:29:9b:a6:33:28:29:fa:01:2b:95:13:d5: 93:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:E8:36:4B:D2:A7:3C:D7:EB:B1:9B:81:A4:B5:B4:0C:89:66:1C:03 X509v3 Authority Key Identifier: keyid:0B:8D:63:8F:FD:38:B1:F7:7E:48:E1:BB:5D:F2:99:29:CE:7D:78:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/C41jj_04sfd-SOG7XfKZKc59eLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C41jj_04sfd-SOG7XfKZKc59eLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BEA7/044F6448116811EEAC63C234C4F9AE02/AA398864B96611EF8161BF51C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:e60:20::/43 2401:e60:100::/40 Signature Algorithm: sha256WithRSAEncryption 73:f4:8e:fd:6e:6c:58:27:e3:9f:fa:c7:37:bf:1d:62:ae:42: ff:9b:62:48:90:cc:ef:75:65:8c:cb:52:64:c7:ec:ff:39:46: af:a4:f0:e3:3d:da:8d:48:19:c9:3a:6c:49:1e:a2:11:50:e4: 52:5a:be:57:c7:79:52:73:4b:98:60:65:b2:68:0f:0b:80:37: b0:2f:54:35:3f:a7:f2:ec:e1:01:7c:fd:f3:ed:2c:02:8f:2d: f6:6e:bb:eb:c0:12:95:a3:28:06:bb:a0:83:a9:53:3f:b9:57: 3b:25:ff:63:e3:48:d3:da:06:0f:5e:e8:cc:d5:89:52:11:c9: db:b5:4e:6e:4c:ca:37:a4:33:c9:3c:92:ad:98:8d:cd:fa:fc: fd:3f:42:b5:be:dd:ac:de:21:d9:63:55:2d:70:6f:fd:e1:c1: e9:d2:09:ff:82:41:cf:d1:5d:3a:45:79:e0:63:60:f4:84:67: 9f:6f:e6:18:c8:de:c1:6a:2d:1b:0c:ff:61:a1:df:2d:0e:4d: 25:6c:c1:97:4b:19:13:36:dd:82:e1:0f:2a:36:b1:0a:76:15: 05:13:cd:8e:59:74:7c:e9:7b:e6:d5:e5:ee:71:92:6c:aa:98: 6e:62:3a:67:4c:2c:f2:f3:74:62:18:dd:5f:93:4f:fe:6e:7c: d1:0d:8f:97 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgICAdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0JFQTcxMTAvBgNVBAUTKDBCOEQ2MzhGRkQzOEIxRjc3RTQ4RTFCQjVERjI5OTI5 Q0U3RDc4QjUwHhcNMjUwODMxMDQyMTE4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIzY2RiZS00M2UzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArKw9bn7by/I2SamPsjuJsYj0iOrqpfzgqPkD7AQqm3c+oaXpPOMWrRvktV/W It0FH2FR+8xrG82d+chaKlwqLNBveq+ruicL/8bYGIGn45B3TI790+/guQz8eQ/H WeLbWlBAt4oj8bZqeKvpS9hOktm7IZvpsGIkLcdGFxKgCdKTnzMi+sO0e3GHVbsn KC+e36prpeECTXfwFAEMQvg+b0L7SyC/mU/mWwSDdHWpaeywcF0SCppFF8FleO48 BQuUtrD+/Ed52sW+cpZIvMH4JAlEnC7JYK4blq7IXbCLim/C0e1Lj5k8stEr2PVv fChWw5Qpm6YzKCn6ASuVE9WTxwIDAQABo4ICoDCCApwwHQYDVR0OBBYEFAXoNkvS pzzX67GbgaS1tAyJZhwDMB8GA1UdIwQYMBaAFAuNY4/9OLH3fkjhu13ymSnOfXi1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkVBNy8wNDRGNjQ0ODEx NjgxMUVFQUM2M0MyMzRDNEY5QUUwMi9DNDFqal8wNHNmZC1TT0c3WGZLWktjNTll TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0M0MWpqXzA0c2ZkLVNPRzdYZktaS2M1OWVMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0JFQTcvMDQ0RjY0NDgxMTY4MTFFRUFDNjNDMjM0QzRGOUFFMDIvQUEzOTg4NjRC OTY2MTFFRjgxNjFCRjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E GzAZMBcEAgACMBEDBwUkAQ5gACADBgAkAQ5gATANBgkqhkiG9w0BAQsFAAOCAQEA c/SO/W5sWCfjn/rHN78dYq5C/5tiSJDM73VljMtSZMfs/zlGr6Tw4z3ajUgZyTps SR6iEVDkUlq+V8d5UnNLmGBlsmgPC4A3sC9UNT+n8uzhAXz98+0sAo8t9m6768AS laMoBrugg6lTP7lXOyX/Y+NI09oGD17ozNWJUhHJ27VObkzKN6QzyTySrZiNzfr8 /T9Ctb7drN4h2WNVLXBv/eHB6dIJ/4JBz9FdOkV54GNg9IRnn2/mGMjewWotGwz/ YaHfLQ5NJWzBl0sZEzbdguEPKjaxCnYVBRPNjll0fOl75tXl7nGSbKqYbmI6Z0ws 8vN0YhjdX5NP/m580Q2Plw== -----END CERTIFICATE-----Generated at Sat Sep 6 20:58:19 2025 by rpki-client