$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/971BD34C68FB11EFB3A4CD61C4F9AE02.roa File: 971BD34C68FB11EFB3A4CD61C4F9AE02.roa (raw, json) Hash identifier: S//h0FvEyaMaAGxiOxnAlzaIIXmPhHgkfb3U/Ur0Y5g= Subject key identifier: 58:E0:83:DD:D6:68:D9:FD:2A:43:06:71:44:4C:39:92:A5:BD:B7:2D Certificate issuer: /CN=A91AF2D9/serialNumber=FF06343CA99A641000C711F32D69F59C19ACF043 Certificate serial: CA Authority key identifier: FF:06:34:3C:A9:9A:64:10:00:C7:11:F3:2D:69:F5:9C:19:AC:F0:43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wY0PKmaZBAAxxHzLWn1nBms8EM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/971BD34C68FB11EFB3A4CD61C4F9AE02.roa Signing time: Tue 23 Sep 2025 06:26:00 +0000 ROA not before: Tue 23 Sep 2025 06:26:00 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 151656 IP address blocks: 2001:df4:27c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/_wY0PKmaZBAAxxHzLWn1nBms8EM.crl rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/_wY0PKmaZBAAxxHzLWn1nBms8EM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wY0PKmaZBAAxxHzLWn1nBms8EM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 05:41:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 202 (0xca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF2D9, serialNumber=FF06343CA99A641000C711F32D69F59C19ACF043 Validity Not Before: Sep 23 06:26:00 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68d23d78-ff5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4d:f8:ff:27:ac:04:2e:38:d1:6d:93:94:1d: 44:14:86:76:5b:e5:c4:51:36:0a:93:56:41:7d:bd: 84:2a:15:b7:60:58:94:5d:8d:ad:82:52:da:f6:a7: b3:85:fd:5c:30:3b:e4:e1:f0:3b:c4:e7:be:1f:07: f5:f5:1c:4d:73:24:e7:f0:a2:94:e3:a1:36:92:bd: 98:7d:2b:3b:51:3a:8e:16:23:46:10:69:76:76:af: 7e:8c:a5:bd:ac:76:7e:fd:4f:62:c2:e9:1f:28:eb: 21:7a:d1:1c:00:af:e5:2e:5a:a3:b4:cd:2a:97:3a: 6d:07:de:49:9b:2d:fa:8d:29:84:7e:80:10:5a:d9: a5:bb:b1:10:83:df:5c:4d:11:87:03:4a:61:39:aa: 8b:4b:99:ed:3a:94:a0:7f:90:f0:5f:fd:47:91:c7: 92:dc:08:b1:ce:e5:38:0c:77:57:c2:27:fb:d6:4e: 31:77:a4:ee:90:0c:3f:b3:56:1b:61:ca:50:2d:73: 95:7e:f3:24:9b:7d:c2:bb:9b:f8:f6:2a:da:ab:6a: 4b:80:e7:69:4c:e2:06:9c:65:0b:96:1c:ba:c6:44: ad:e8:ed:5c:8f:2d:20:db:e9:b0:df:f5:bd:01:f2: 96:cf:3f:12:81:d9:64:72:3b:20:7e:7e:5d:55:82: 81:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:E0:83:DD:D6:68:D9:FD:2A:43:06:71:44:4C:39:92:A5:BD:B7:2D X509v3 Authority Key Identifier: keyid:FF:06:34:3C:A9:9A:64:10:00:C7:11:F3:2D:69:F5:9C:19:AC:F0:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/_wY0PKmaZBAAxxHzLWn1nBms8EM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wY0PKmaZBAAxxHzLWn1nBms8EM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/971BD34C68FB11EFB3A4CD61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df4:27c0::/48 Signature Algorithm: sha256WithRSAEncryption ab:6d:09:a0:78:5a:d8:1b:32:98:42:17:50:c1:5a:13:5d:a5: b0:fb:fa:c1:d3:0f:4b:b7:b3:bc:53:fa:fb:d6:86:c2:7a:1e: ac:5c:de:3a:fd:da:66:d4:da:64:61:9c:d7:98:cc:d0:28:6c: 5f:a9:e1:f7:84:d2:5a:72:84:c9:78:2b:89:10:fe:c3:bc:d2: 44:da:aa:39:ea:e4:fb:05:5b:6f:fd:6c:4d:02:3b:83:cc:1a: b2:c4:79:81:c0:e5:7e:48:aa:67:27:47:a9:4d:11:09:21:a0: 60:c6:f6:ec:d6:83:22:39:97:0d:fe:b0:d4:fb:85:50:54:36: 30:0a:32:73:9b:44:fc:2c:4f:01:e4:a9:f8:65:2c:e9:1b:0e: 8c:b0:b6:68:10:7d:cc:85:af:94:94:a9:1f:c1:5d:3b:d5:1e: c2:3e:e6:82:b0:86:11:22:6f:77:59:b7:39:bf:27:e3:21:5a: ce:e4:4d:e3:d1:04:13:97:4a:0c:90:f2:3d:ef:e5:55:d1:c7: 04:51:af:8b:f4:c2:6e:fb:ba:43:23:e8:39:56:24:03:03:f1: 59:27:ff:16:62:7c:43:c4:72:1a:63:bf:98:68:3f:c4:1c:97: f8:df:17:c3:36:c4:d9:b2:7f:9a:85:36:18:b4:ea:3b:36:57: 89:32:5f:09 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYyRDkxMTAvBgNVBAUTKEZGMDYzNDNDQTk5QTY0MTAwMEM3MTFGMzJENjlGNTlD MTlBQ0YwNDMwHhcNMjUwOTIzMDYyNjAwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGQyM2Q3OC1mZjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1U34/yesBC440W2TlB1EFIZ2W+XEUTYKk1ZBfb2EKhW3YFiUXY2tglLa9qez hf1cMDvk4fA7xOe+Hwf19RxNcyTn8KKU46E2kr2YfSs7UTqOFiNGEGl2dq9+jKW9 rHZ+/U9iwukfKOshetEcAK/lLlqjtM0qlzptB95Jmy36jSmEfoAQWtmlu7EQg99c TRGHA0phOaqLS5ntOpSgf5DwX/1HkceS3AixzuU4DHdXwif71k4xd6TukAw/s1Yb YcpQLXOVfvMkm33Cu5v49iraq2pLgOdpTOIGnGULlhy6xkSt6O1cjy0g2+mw3/W9 AfKWzz8Sgdlkcjsgfn5dVYKB8wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFFjgg93W aNn9KkMGcURMOZKlvbctMB8GA1UdIwQYMBaAFP8GNDypmmQQAMcR8y1p9ZwZrPBD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjJEOS9CMzEyMDFFMDY3 QUExMUVGOEY0OThBMjdDNEY5QUUwMi9fd1kwUEttYVpCQUF4eEh6TFduMW5CbXM4 RU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL193WTBQS21hWkJBQXh4SHpMV24xbkJtczhFTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUYyRDkvQjMxMjAxRTA2N0FBMTFFRjhGNDk4QTI3QzRGOUFFMDIvOTcxQkQzNEM2 OEZCMTFFRkIzQTRDRDYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ30J8AwDQYJKoZIhvcNAQELBQADggEBAKttCaB4Wtgb MphCF1DBWhNdpbD7+sHTD0u3s7xT+vvWhsJ6Hqxc3jr92mbU2mRhnNeYzNAobF+p 4feE0lpyhMl4K4kQ/sO80kTaqjnq5PsFW2/9bE0CO4PMGrLEeYHA5X5IqmcnR6lN EQkhoGDG9uzWgyI5lw3+sNT7hVBUNjAKMnObRPwsTwHkqfhlLOkbDoywtmgQfcyF r5SUqR/BXTvVHsI+5oKwhhEib3dZtzm/J+MhWs7kTePRBBOXSgyQ8j3v5VXRxwRR r4v0wm77ukMj6DlWJAMD8Vkn/xZifEPEchpjv5hoP8Qcl/jfF8M2xNmyf5qFNhi0 6js2V4kyXwk= -----END CERTIFICATE-----Generated at Wed Nov 5 15:04:50 2025 by rpki-client