$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/4A0DC3DCA29211EFA2E3BE76C4F9AE02.roa File: 4A0DC3DCA29211EFA2E3BE76C4F9AE02.roa (raw, json) Hash identifier: LdmfjgS4nxOVK6eNjUZpERmIerj/zxYqfVHMFTG0Nzo= Subject key identifier: A9:E6:D3:7E:23:CA:8E:7E:FB:98:13:F5:84:8D:13:85:DA:77:23:91 Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Certificate serial: 1076 Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/4A0DC3DCA29211EFA2E3BE76C4F9AE02.roa Signing time: Sun 01 Mar 2026 19:30:37 +0000 ROA not before: Thu 22 May 2025 20:07:51 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 153458 IP address blocks: 2406:840:e2c0::/44 maxlen: 48 2406:840:feac::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 17:31:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4214 (0x1076) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917ED5C, serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5 Validity Not Before: May 22 20:07:51 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a493dd-5955 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:52:59:dd:49:96:b6:e0:21:41:20:99:de:1d: 93:d7:b7:a6:cd:2b:a5:91:ef:75:81:42:f2:b4:b0: f2:ca:82:f5:7d:78:e7:aa:b4:9d:08:8c:84:d8:e0: 3d:e8:22:12:31:db:1e:32:46:00:85:be:8e:03:95: 53:a6:1c:e4:1a:e8:52:7d:b7:76:cf:eb:be:a2:3b: ae:0e:f2:a7:8c:b2:87:1e:7e:91:c6:79:87:fb:a4: a9:54:58:11:2c:fe:06:a6:19:f5:b1:26:92:ff:0d: 43:14:d3:90:87:b8:b2:05:bd:70:ff:aa:a4:db:31: 9a:c2:b0:15:d6:d7:4f:bf:c6:d8:ec:4b:d2:75:67: 7a:99:ab:03:c2:a4:8e:bc:1d:85:41:c6:46:17:47: be:98:08:50:28:16:bb:6f:23:eb:db:22:2f:e8:a0: ef:19:05:5f:eb:f7:a3:01:aa:86:de:7a:ef:88:d9: a0:53:a1:77:c9:5c:6e:b7:97:af:e5:53:4d:52:1e: a9:07:f4:ee:4a:bb:57:f2:50:d2:b7:36:ad:47:8b: e5:9d:29:d8:a0:0f:1b:c7:60:7a:7b:3f:1c:59:2a: 8c:ed:c4:02:76:9b:a4:63:79:a0:47:ee:8c:4d:0b: 74:19:ea:4e:07:46:0e:77:65:e2:1c:48:be:e2:d1: cb:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:E6:D3:7E:23:CA:8E:7E:FB:98:13:F5:84:8D:13:85:DA:77:23:91 X509v3 Authority Key Identifier: keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/4A0DC3DCA29211EFA2E3BE76C4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2406:840:e2c0::/44 2406:840:feac::/48 Signature Algorithm: sha256WithRSAEncryption 7b:bc:2f:84:8a:5c:4d:2e:27:c4:fa:b0:52:29:11:f3:7a:c6: 1b:00:5f:50:f6:9e:26:7e:8e:8a:b3:5d:f8:40:d6:35:31:c1: 16:a7:df:b4:11:bb:86:bd:23:b7:0a:25:a5:f2:3f:c2:19:11: f6:eb:14:c1:9b:2c:35:e3:1f:19:d2:fc:58:7c:48:77:04:0f: 21:f0:d7:af:dc:d8:f8:2b:8b:fd:c3:df:ad:2d:19:f7:67:80: 1f:c4:69:96:49:35:33:a6:6c:05:5c:6e:93:2f:07:f6:30:51: da:92:f2:8a:bf:90:af:e2:1c:87:b8:77:f7:ce:ef:bb:88:de: 12:43:09:58:6f:3b:b4:5a:be:97:68:16:70:f6:6d:b3:f8:b0: 8b:f2:f7:8c:fc:b7:4b:a1:0d:84:3a:d1:03:91:8e:5f:3f:b1: 2a:2f:32:3f:1c:e8:db:7e:4c:bf:03:3a:46:89:0a:d6:30:f2: 68:5e:61:ea:04:c5:57:17:dd:b1:72:be:6c:e1:0c:5c:f3:45: 6e:3b:b0:78:aa:cb:53:61:f6:1d:9a:7f:45:75:9a:c6:ba:48: 12:c9:8a:cb:82:9f:21:26:1e:ae:cc:43:a3:69:fe:d3:fb:5d: 1d:62:2d:3a:47:27:69:e0:a3:a3:f8:a0:46:53:2a:d5:03:08: f3:7d:1a:4f -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICEHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE RTExQ0ExQTUwHhcNMjUwNTIyMjAwNzUxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OTNkZC01OTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmlJZ3UmWtuAhQSCZ3h2T17emzSulke91gULytLDyyoL1fXjnqrSdCIyE2OA9 6CISMdseMkYAhb6OA5VTphzkGuhSfbd2z+u+ojuuDvKnjLKHHn6RxnmH+6SpVFgR LP4Gphn1sSaS/w1DFNOQh7iyBb1w/6qk2zGawrAV1tdPv8bY7EvSdWd6masDwqSO vB2FQcZGF0e+mAhQKBa7byPr2yIv6KDvGQVf6/ejAaqG3nrviNmgU6F3yVxut5ev 5VNNUh6pB/TuSrtX8lDStzatR4vlnSnYoA8bx2B6ez8cWSqM7cQCdpukY3mgR+6M TQt0GepOB0YOd2XiHEi+4tHLnwIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFKnm034j yo5++5gT9YSNE4XadyORMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2 MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvNEEwREMzRENB MjkyMTFFRkEyRTNCRTc2QzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAAjASAwcEJAYIQOLAAwcAJAYIQP6sMA0GCSqGSIb3DQEBCwUAA4IBAQB7vC+E ilxNLifE+rBSKRHzesYbAF9Q9p4mfo6Ks134QNY1McEWp9+0EbuGvSO3CiWl8j/C GRH26xTBmyw14x8Z0vxYfEh3BA8h8Nev3Nj4K4v9w9+tLRn3Z4AfxGmWSTUzpmwF XG6TLwf2MFHakvKKv5Cv4hyHuHf3zu+7iN4SQwlYbzu0Wr6XaBZw9m2z+LCL8veM /LdLoQ2EOtEDkY5fP7EqLzI/HOjbfky/AzpGiQrWMPJoXmHqBMVXF92xcr5s4Qxc 80VuO7B4qstTYfYdmn9FdZrGukgSyYrLgp8hJh6uzEOjaf7T+10dYi06Rydp4KOj +KBGUyrVAwjzfRpP -----END CERTIFICATE-----Generated at Sat Mar 7 02:25:08 2026 by rpki-client