$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B39/FEF549E8AF1611EE8C48A74DC4F9AE02/AA778F4CAF8A11EEB167DB64C4F9AE02.roa File: AA778F4CAF8A11EEB167DB64C4F9AE02.roa (raw, json) Hash identifier: fwuxGVlJEIbfWm/zAmVn2KsgJ1NWhQLxSqXc+gc1DUU= Subject key identifier: CD:64:CE:AE:7D:C8:E3:CF:9E:CC:98:51:1A:10:9E:72:F2:7E:25:0E Certificate issuer: /CN=A91A4B39/serialNumber=9CC88A86D0B37ECEE8D57657EF99789532680CDF Certificate serial: 01B3 Authority key identifier: 9C:C8:8A:86:D0:B3:7E:CE:E8:D5:76:57:EF:99:78:95:32:68:0C:DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nMiKhtCzfs7o1XZX75l4lTJoDN8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B39/FEF549E8AF1611EE8C48A74DC4F9AE02/AA778F4CAF8A11EEB167DB64C4F9AE02.roa Signing time: Fri 03 Apr 2026 04:36:54 +0000 ROA not before: Fri 03 Apr 2026 04:36:54 +0000 ROA not after: Sat 01 Aug 2026 00:00:00 +0000 asID: 152322 IP address blocks: 2001:df3:5ac0::/49 maxlen: 49 2001:df3:5ac0:8000::/49 maxlen: 49 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4B39/FEF549E8AF1611EE8C48A74DC4F9AE02/nMiKhtCzfs7o1XZX75l4lTJoDN8.crl rsync://rpki.apnic.net/member_repository/A91A4B39/FEF549E8AF1611EE8C48A74DC4F9AE02/nMiKhtCzfs7o1XZX75l4lTJoDN8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nMiKhtCzfs7o1XZX75l4lTJoDN8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Apr 2026 03:35:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 435 (0x1b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4B39, serialNumber=9CC88A86D0B37ECEE8D57657EF99789532680CDF Validity Not Before: Apr 3 04:36:54 2026 GMT Not After : Aug 1 00:00:00 2026 GMT Subject: CN=69cf43e6-d7fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:21:44:3a:59:db:ed:04:60:8e:7f:66:72:1d: 56:88:89:ad:92:cf:a3:00:b4:80:86:43:a6:4c:7c: 3c:e1:ca:c1:5a:9c:4c:ea:18:e3:4a:f3:05:1b:57: 30:5c:e7:cd:05:01:0c:38:8f:a6:0c:ae:5e:45:a7: fd:71:78:e0:99:a9:95:9c:df:13:24:f3:68:2a:17: ee:4f:2a:1d:4b:69:c1:af:d7:2a:81:83:f9:80:93: 22:0a:61:5a:c5:5a:0e:8d:d1:09:76:af:df:ef:e9: 2e:57:a2:33:b8:ac:38:47:26:d4:4a:8a:46:ef:5c: ec:da:85:91:b1:e6:5e:4e:8f:68:3b:85:cb:db:41: 6d:8d:49:85:0a:34:4e:f9:f8:62:a0:ec:10:d4:57: 78:a4:85:32:c0:8a:e9:8d:e2:78:7c:19:1c:55:65: 96:c8:e5:41:28:ed:71:aa:cc:ec:5d:03:bd:48:0f: a9:1c:4b:b9:6a:cb:37:0a:7f:c5:55:06:e3:50:7d: ba:46:0a:7e:8b:e6:ad:e1:35:57:8e:94:55:36:4a: 75:67:9d:e9:d2:95:7d:97:e0:f1:0a:34:cc:53:be: ff:7a:a6:6c:5f:89:f4:41:11:e7:82:b2:c2:8d:da: e5:97:0b:93:15:c0:af:0f:77:90:82:21:75:da:34: 41:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:64:CE:AE:7D:C8:E3:CF:9E:CC:98:51:1A:10:9E:72:F2:7E:25:0E X509v3 Authority Key Identifier: keyid:9C:C8:8A:86:D0:B3:7E:CE:E8:D5:76:57:EF:99:78:95:32:68:0C:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4B39/FEF549E8AF1611EE8C48A74DC4F9AE02/nMiKhtCzfs7o1XZX75l4lTJoDN8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nMiKhtCzfs7o1XZX75l4lTJoDN8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B39/FEF549E8AF1611EE8C48A74DC4F9AE02/AA778F4CAF8A11EEB167DB64C4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2001:df3:5ac0::/48 Signature Algorithm: sha256WithRSAEncryption 57:b8:61:cd:c9:e1:2d:4f:32:f3:27:ab:33:4c:83:76:c5:56: 93:3f:fe:9f:b4:96:fd:2d:a6:8a:4d:4c:54:6d:19:cc:0d:94: b9:88:29:be:e2:af:e5:4e:2a:74:ee:cd:47:b5:9e:22:c5:17: 8e:36:27:38:94:29:a6:d8:41:ce:b9:3e:c7:63:6d:85:06:5b: 2b:90:a2:e6:a0:c0:f5:49:cb:3a:92:92:11:65:e6:3e:ad:ed: 0d:65:48:0c:73:10:66:61:22:99:b5:ed:40:d2:a4:79:10:ea: 12:94:20:6f:8e:e8:4a:f3:38:e6:05:f3:48:86:cc:3f:e0:64: eb:44:c3:13:19:65:62:f7:8c:10:a1:54:6c:e3:f0:bb:be:50: 34:9f:81:f0:e3:b1:ab:8a:46:8a:0c:89:fb:63:73:43:9e:0b: 3d:2a:d0:71:1d:95:13:c9:b4:a9:ea:01:72:7a:a2:e7:fe:a5: 35:51:03:62:b3:69:2e:cf:0d:31:25:f2:a0:ad:e6:b7:b6:8d: ad:15:8e:90:17:0b:8a:44:6e:90:37:ff:a6:42:65:54:29:29: cb:94:62:27:8d:21:25:5d:53:ed:79:67:fd:12:bb:94:a9:4d: f6:f2:6a:9f:c3:8a:19:32:9b:d6:3a:9c:bc:07:b2:1d:37:26: b7:a2:c1:80 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRCMzkxMTAvBgNVBAUTKDlDQzg4QTg2RDBCMzdFQ0VFOEQ1NzY1N0VGOTk3ODk1 MzI2ODBDREYwHhcNMjYwNDAzMDQzNjU0WhcNMjYwODAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWNmNDNlNi1kN2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArSFEOlnb7QRgjn9mch1WiImtks+jALSAhkOmTHw84crBWpxM6hjjSvMFG1cw XOfNBQEMOI+mDK5eRaf9cXjgmamVnN8TJPNoKhfuTyodS2nBr9cqgYP5gJMiCmFa xVoOjdEJdq/f7+kuV6IzuKw4RybUSopG71zs2oWRseZeTo9oO4XL20FtjUmFCjRO +fhioOwQ1Fd4pIUywIrpjeJ4fBkcVWWWyOVBKO1xqszsXQO9SA+pHEu5ass3Cn/F VQbjUH26Rgp+i+at4TVXjpRVNkp1Z53p0pV9l+DxCjTMU77/eqZsX4n0QRHngrLC jdrllwuTFcCvD3eQgiF12jRB6wIDAQABo4ICYzCCAl8wHQYDVR0OBBYEFM1kzq59 yOPPnsyYURoQnnLyfiUOMB8GA1UdIwQYMBaAFJzIiobQs37O6NV2V++ZeJUyaAzf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIzOS9GRUY1NDlFOEFG MTYxMUVFOEM0OEE3NERDNEY5QUUwMi9uTWlLaHRDemZzN28xWFpYNzVsNGxUSm9E TjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25NaUtodEN6ZnM3bzFYWlg3NWw0bFRKb0ROOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTRCMzkvRkVGNTQ5RThBRjE2MTFFRThDNDhBNzREQzRGOUFFMDIvQUE3NzhGNENB RjhBMTFFRUIxNjdEQjY0QzRGOUFFMDIucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAIAEN81rAMA0GCSqGSIb3DQEBCwUAA4IBAQBXuGHNyeEtTzLzJ6sz TIN2xVaTP/6ftJb9LaaKTUxUbRnMDZS5iCm+4q/lTip07s1HtZ4ixReONic4lCmm 2EHOuT7HY22FBlsrkKLmoMD1Scs6kpIRZeY+re0NZUgMcxBmYSKZte1A0qR5EOoS lCBvjuhK8zjmBfNIhsw/4GTrRMMTGWVi94wQoVRs4/C7vlA0n4Hw47GrikaKDIn7 Y3NDngs9KtBxHZUTybSp6gFyeqLn/qU1UQNis2kuzw0xJfKgrea3to2tFY6QFwuK RG6QN/+mQmVUKSnLlGInjSElXVPteWf9EruUqU328mqfw4oZMpvWOpy8B7IdNya3 osGA -----END CERTIFICATE-----Generated at Mon Apr 6 10:07:14 2026 by rpki-client