$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8E70/35C76C7E955A11EFBD9E024AC4F9AE02/4E7F3B4C955B11EFACD8F26CC4F9AE02.roa File: 4E7F3B4C955B11EFACD8F26CC4F9AE02.roa (raw, json) Hash identifier: Z1yPOrOVBAA0wAoiECPiJ9d5WH/bmXdgM8w0h3GaBUg= Subject key identifier: 10:C5:DF:01:DD:C7:E9:07:04:D1:B8:C0:63:D9:D2:03:66:EB:AB:9C Certificate issuer: /CN=A91B8E70/serialNumber=1E656DDEC7E98D24A186FFDB6F597710AAFF2A8D Certificate serial: BA Authority key identifier: 1E:65:6D:DE:C7:E9:8D:24:A1:86:FF:DB:6F:59:77:10:AA:FF:2A:8D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HmVt3sfpjSShhv_bb1l3EKr_Ko0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B8E70/35C76C7E955A11EFBD9E024AC4F9AE02/4E7F3B4C955B11EFACD8F26CC4F9AE02.roa Signing time: Thu 23 Oct 2025 08:20:27 +0000 ROA not before: Thu 23 Oct 2025 08:20:27 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 153378 IP address blocks: 2001:df4:8340::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B8E70/35C76C7E955A11EFBD9E024AC4F9AE02/HmVt3sfpjSShhv_bb1l3EKr_Ko0.crl rsync://rpki.apnic.net/member_repository/A91B8E70/35C76C7E955A11EFBD9E024AC4F9AE02/HmVt3sfpjSShhv_bb1l3EKr_Ko0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HmVt3sfpjSShhv_bb1l3EKr_Ko0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:55:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 186 (0xba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B8E70, serialNumber=1E656DDEC7E98D24A186FFDB6F597710AAFF2A8D Validity Not Before: Oct 23 08:20:27 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=68f9e54b-c64a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:22:42:03:a6:f6:c7:28:0c:b3:bc:07:7e:64: 84:f1:2a:d0:9b:79:b0:11:0e:11:28:c0:f6:53:22: c8:d0:86:4f:89:1f:49:7d:61:f6:f1:ea:b6:25:d1: 9f:74:7b:44:5c:bc:c5:93:17:fd:09:0b:19:c8:02: 6e:7f:b2:60:b7:89:81:8e:fe:8c:c1:b9:4b:84:54: da:1f:63:7c:70:6d:67:23:0f:12:1a:18:5b:84:f4: b0:00:0e:03:51:45:70:1e:b3:7d:e7:f1:11:bf:e1: 38:07:54:db:d4:bf:f4:ea:a9:3b:f0:a6:ab:14:42: 7e:99:a1:27:eb:23:fd:39:76:0f:85:fc:2c:21:8b: a7:9d:da:26:6b:5e:19:ca:ad:be:1c:97:ee:a8:61: 01:bd:59:06:8e:ab:49:40:89:b8:e0:80:07:3e:48: ec:79:df:c5:11:af:19:3f:19:cf:e0:cb:61:2a:3e: c3:6e:b6:1f:7a:88:22:2d:a8:c7:88:43:6f:40:d4: 41:50:f7:c5:e1:10:ea:55:9d:1f:46:cb:5f:97:b7: 99:f7:1a:9b:48:45:5e:f3:2b:2c:c7:52:2a:e6:fe: 4f:b4:4b:fd:39:50:4d:f5:d8:54:ed:9e:7a:c6:23: 21:0a:9a:fe:1e:a9:58:13:19:84:d0:37:1b:64:00: 43:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:C5:DF:01:DD:C7:E9:07:04:D1:B8:C0:63:D9:D2:03:66:EB:AB:9C X509v3 Authority Key Identifier: keyid:1E:65:6D:DE:C7:E9:8D:24:A1:86:FF:DB:6F:59:77:10:AA:FF:2A:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B8E70/35C76C7E955A11EFBD9E024AC4F9AE02/HmVt3sfpjSShhv_bb1l3EKr_Ko0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HmVt3sfpjSShhv_bb1l3EKr_Ko0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8E70/35C76C7E955A11EFBD9E024AC4F9AE02/4E7F3B4C955B11EFACD8F26CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df4:8340::/48 Signature Algorithm: sha256WithRSAEncryption 4a:35:8b:4a:a3:39:eb:e4:f1:1d:58:55:dd:65:35:d6:f1:1d: 70:47:c6:12:12:e9:90:27:0c:9a:e8:5a:ab:c5:e8:d2:d7:9d: 77:f4:09:f8:bc:74:cf:88:05:0d:4c:84:b6:34:a1:49:8a:a5: f1:7b:22:30:0f:d9:4d:2d:f9:de:d9:d2:c3:e3:2f:93:7c:cc: 8a:cf:bc:69:7c:70:65:63:be:01:29:9c:e8:c0:65:b8:43:a8: 17:4f:20:46:c3:6e:87:ae:9e:b7:e5:66:57:cd:28:31:e0:d6: 07:fa:27:d2:e4:a2:3c:4b:fa:32:fc:2d:b5:11:2c:e3:1f:db: b2:1d:04:23:7c:80:38:56:7e:f8:f3:ef:67:17:77:64:89:60: e8:84:c3:61:86:ac:31:9f:5e:aa:03:c1:19:a5:11:f2:77:39: fc:53:32:7e:82:a7:7f:cd:85:74:72:e9:4b:7d:95:e4:8a:be: 07:ba:5d:f4:51:a4:7f:8b:16:76:8e:95:db:55:d2:1b:21:e8: 7b:3d:99:3d:4a:a1:de:71:6d:4f:01:5d:72:31:fc:4b:b5:5d: 58:67:3f:7f:0f:63:45:ab:4a:7f:2f:a4:90:dc:72:c3:d7:28: a2:92:8e:f6:92:dc:77:46:52:40:82:fc:d8:43:f9:9a:94:9d: 48:47:bc:ce -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICALowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjhFNzAxMTAvBgNVBAUTKDFFNjU2RERFQzdFOThEMjRBMTg2RkZEQjZGNTk3NzEw QUFGRjJBOEQwHhcNMjUxMDIzMDgyMDI3WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGY5ZTU0Yi1jNjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtSJCA6b2xygMs7wHfmSE8SrQm3mwEQ4RKMD2UyLI0IZPiR9JfWH28eq2JdGf dHtEXLzFkxf9CQsZyAJuf7Jgt4mBjv6MwblLhFTaH2N8cG1nIw8SGhhbhPSwAA4D UUVwHrN95/ERv+E4B1Tb1L/06qk78KarFEJ+maEn6yP9OXYPhfwsIYunndoma14Z yq2+HJfuqGEBvVkGjqtJQIm44IAHPkjsed/FEa8ZPxnP4MthKj7DbrYfeogiLajH iENvQNRBUPfF4RDqVZ0fRstfl7eZ9xqbSEVe8yssx1Iq5v5PtEv9OVBN9dhU7Z56 xiMhCpr+HqlYExmE0DcbZABDgQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFBDF3wHd x+kHBNG4wGPZ0gNm66ucMB8GA1UdIwQYMBaAFB5lbd7H6Y0koYb/229ZdxCq/yqN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOEU3MC8zNUM3NkM3RTk1 NUExMUVGQkQ5RTAyNEFDNEY5QUUwMi9IbVZ0M3NmcGpTU2hodl9iYjFsM0VLcl9L bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0htVnQzc2ZwalNTaGh2X2JiMWwzRUtyX0tvMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjhFNzAvMzVDNzZDN0U5NTVBMTFFRkJEOUUwMjRBQzRGOUFFMDIvNEU3RjNCNEM5 NTVCMTFFRkFDRDhGMjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ30g0AwDQYJKoZIhvcNAQELBQADggEBAEo1i0qjOevk 8R1YVd1lNdbxHXBHxhIS6ZAnDJroWqvF6NLXnXf0Cfi8dM+IBQ1MhLY0oUmKpfF7 IjAP2U0t+d7Z0sPjL5N8zIrPvGl8cGVjvgEpnOjAZbhDqBdPIEbDboeunrflZlfN KDHg1gf6J9LkojxL+jL8LbURLOMf27IdBCN8gDhWfvjz72cXd2SJYOiEw2GGrDGf XqoDwRmlEfJ3OfxTMn6Cp3/NhXRy6Ut9leSKvge6XfRRpH+LFnaOldtV0hsh6Hs9 mT1Kod5xbU8BXXIx/Eu1XVhnP38PY0WrSn8vpJDccsPXKKKSjvaS3HdGUkCC/NhD +ZqUnUhHvM4= -----END CERTIFICATE-----Generated at Tue Nov 4 01:05:20 2025 by rpki-client