$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9B0D/A28ECBC08AB611EB8237D414C4F9AE02/3F9CDA68179911EDB9008D18C4F9AE02.roa File: 3F9CDA68179911EDB9008D18C4F9AE02.roa (raw, json) Hash identifier: tNq0wofO9dQz+k+RyZIdbIOpj1vNXpBAnuEbiTZO6hQ= Subject key identifier: 68:91:FA:46:EF:09:66:63:29:E5:C6:11:2F:B4:D4:BE:34:68:14:EA Certificate issuer: /CN=A91B9B0D/serialNumber=E4D62D31297F17E49C42FA7A7B6623624AD94175 Certificate serial: 0688 Authority key identifier: E4:D6:2D:31:29:7F:17:E4:9C:42:FA:7A:7B:66:23:62:4A:D9:41:75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5NYtMSl_F-ScQvp6e2YjYkrZQXU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9B0D/A28ECBC08AB611EB8237D414C4F9AE02/3F9CDA68179911EDB9008D18C4F9AE02.roa Signing time: Tue 02 Sep 2025 22:43:36 +0000 ROA not before: Tue 02 Sep 2025 22:43:36 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 24390 IP address blocks: 2001:dd8::/48 maxlen: 48 2402:2940::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9B0D/A28ECBC08AB611EB8237D414C4F9AE02/5NYtMSl_F-ScQvp6e2YjYkrZQXU.crl rsync://rpki.apnic.net/member_repository/A91B9B0D/A28ECBC08AB611EB8237D414C4F9AE02/5NYtMSl_F-ScQvp6e2YjYkrZQXU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5NYtMSl_F-ScQvp6e2YjYkrZQXU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1672 (0x688) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9B0D, serialNumber=E4D62D31297F17E49C42FA7A7B6623624AD94175 Validity Not Before: Sep 2 22:43:36 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68b77317-9ce5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:86:e8:3c:02:a7:cb:ae:41:5b:ea:f8:7f:a3: 8b:b5:56:20:72:bc:6d:61:38:67:4d:82:de:3f:21: 39:73:72:b3:76:b6:af:b5:f6:a8:0c:1c:3d:2c:4f: 8e:31:92:67:28:54:28:73:78:f8:65:5d:c5:cb:de: a7:59:fc:99:de:b2:3d:26:5d:02:8c:1c:ec:51:a3: fb:99:be:9d:87:08:9e:b0:45:fc:17:85:ae:33:3d: 89:fe:d9:56:26:29:74:ab:96:92:6d:a3:95:30:37: 54:76:f5:91:aa:70:44:08:b0:fb:cb:81:b9:30:14: 34:a0:32:be:ae:0c:32:14:41:c9:f9:5c:ea:0a:6b: ce:6b:6b:79:ac:8f:83:8e:87:68:15:a2:07:1f:11: 89:b2:39:07:b6:39:d4:79:ad:a2:2d:a8:71:83:7f: e3:9b:23:58:5e:f2:09:64:7d:9d:eb:56:32:68:f6: 20:4c:7e:67:b9:e4:2e:42:d1:66:82:08:9e:c2:d0: b5:85:a1:b5:45:49:5d:48:25:db:bf:ad:c6:bf:71: f0:17:58:9f:8a:01:59:09:7a:59:13:e4:46:02:2c: 04:00:f9:77:b1:c5:12:8d:77:c8:38:12:98:8b:94: 57:68:52:76:77:f3:6b:11:b8:81:c6:74:98:8c:08: b6:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:91:FA:46:EF:09:66:63:29:E5:C6:11:2F:B4:D4:BE:34:68:14:EA X509v3 Authority Key Identifier: keyid:E4:D6:2D:31:29:7F:17:E4:9C:42:FA:7A:7B:66:23:62:4A:D9:41:75 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9B0D/A28ECBC08AB611EB8237D414C4F9AE02/5NYtMSl_F-ScQvp6e2YjYkrZQXU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5NYtMSl_F-ScQvp6e2YjYkrZQXU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9B0D/A28ECBC08AB611EB8237D414C4F9AE02/3F9CDA68179911EDB9008D18C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:dd8::/48 2402:2940::/32 Signature Algorithm: sha256WithRSAEncryption 5a:5d:23:4c:f3:16:34:76:80:3e:87:58:01:fa:01:aa:53:05: 37:74:00:31:6b:a7:3d:34:d5:67:23:08:ce:ad:a3:2a:e4:fe: 1b:d5:ee:f9:58:98:35:04:6b:92:72:0f:ea:c9:e6:69:64:1e: d4:9f:2f:e1:71:d7:d0:ed:4f:be:db:4b:2f:2c:82:4a:ec:ea: 08:63:02:6d:74:36:29:f1:72:07:33:2d:cf:7f:48:d7:d1:e3: 14:64:8d:13:2a:15:cf:71:58:68:8b:58:de:09:3f:90:fd:09: c4:2e:db:3f:ac:49:28:8a:bd:4f:f0:86:7b:20:7b:84:36:66: 37:d8:3f:44:06:17:00:74:74:df:a6:c0:e5:6e:de:04:be:cc: 4e:d9:ff:34:70:11:02:2a:99:49:5c:01:7d:84:d8:b8:a3:e2: 6b:ea:ee:b1:77:6e:32:28:2d:ff:ba:fb:b6:ba:25:75:be:a6: 0d:ac:1f:8d:4c:ac:6e:69:25:cf:a0:e0:17:37:b2:90:29:b6: 9a:9c:d8:5b:72:a1:14:be:e9:b4:dc:d3:45:08:86:4e:c2:5f: 00:bc:46:b2:76:2a:b2:1e:92:15:23:51:66:97:6f:f0:5e:5b: c5:34:c2:85:fd:c4:ea:47:93:06:35:8c:e7:0a:55:e4:2f:a9: 4c:b0:84:06 -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgICBogwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlCMEQxMTAvBgNVBAUTKEU0RDYyRDMxMjk3RjE3RTQ5QzQyRkE3QTdCNjYyMzYy NEFEOTQxNzUwHhcNMjUwOTAyMjI0MzM2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI3NzMxNy05Y2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuIboPAKny65BW+r4f6OLtVYgcrxtYThnTYLePyE5c3KzdravtfaoDBw9LE+O MZJnKFQoc3j4ZV3Fy96nWfyZ3rI9Jl0CjBzsUaP7mb6dhwiesEX8F4WuMz2J/tlW Jil0q5aSbaOVMDdUdvWRqnBECLD7y4G5MBQ0oDK+rgwyFEHJ+VzqCmvOa2t5rI+D jodoFaIHHxGJsjkHtjnUea2iLahxg3/jmyNYXvIJZH2d61YyaPYgTH5nueQuQtFm ggiewtC1haG1RUldSCXbv63Gv3HwF1ifigFZCXpZE+RGAiwEAPl3scUSjXfIOBKY i5RXaFJ2d/NrEbiBxnSYjAi2CQIDAQABo4ICnzCCApswHQYDVR0OBBYEFGiR+kbv CWZjKeXGES+01L40aBTqMB8GA1UdIwQYMBaAFOTWLTEpfxfknEL6entmI2JK2UF1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUIwRC9BMjhFQ0JDMDhB QjYxMUVCODIzN0Q0MTRDNEY5QUUwMi81Tll0TVNsX0YtU2NRdnA2ZTJZallrclpR WFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVOWXRNU2xfRi1TY1F2cDZlMllqWWtyWlFYVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjlCMEQvQTI4RUNCQzA4QUI2MTFFQjgyMzdENDE0QzRGOUFFMDIvM0Y5Q0RBNjgx Nzk5MTFFREI5MDA4RDE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQcBAf8E GjAYMBYEAgACMBADBwAgAQ3YAAADBQAkAilAMA0GCSqGSIb3DQEBCwUAA4IBAQBa XSNM8xY0doA+h1gB+gGqUwU3dAAxa6c9NNVnIwjOraMq5P4b1e75WJg1BGuScg/q yeZpZB7Uny/hcdfQ7U++20svLIJK7OoIYwJtdDYp8XIHMy3Pf0jX0eMUZI0TKhXP cVhoi1jeCT+Q/QnELts/rEkoir1P8IZ7IHuENmY32D9EBhcAdHTfpsDlbt4EvsxO 2f80cBECKplJXAF9hNi4o+Jr6u6xd24yKC3/uvu2uiV1vqYNrB+NTKxuaSXPoOAX N7KQKbaanNhbcqEUvum03NNFCIZOwl8AvEaydiqyHpIVI1Fml2/wXlvFNMKF/cTq R5MGNYznClXkL6lMsIQG -----END CERTIFICATE-----Generated at Fri Sep 19 15:11:18 2025 by rpki-client