$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/8F9B067EF96011EF89D9E37DC4F9AE02.roa File: 8F9B067EF96011EF89D9E37DC4F9AE02.roa (raw, json) Hash identifier: C4f1DGgr88zvtZI01sEk4X9+P0XVPyTaQ0X1w0t3gJE= Subject key identifier: E7:B1:0A:CB:35:E8:CC:9B:96:5C:DD:A3:10:8C:D7:27:53:5D:0B:A3 Certificate issuer: /CN=A91E8DF5/serialNumber=C6F758ECDDC4C9B0F72F065C35AD54697432711B Certificate serial: 35 Authority key identifier: C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/8F9B067EF96011EF89D9E37DC4F9AE02.roa Signing time: Tue 27 May 2025 07:46:29 +0000 ROA not before: Tue 27 May 2025 07:46:29 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 32595 IP address blocks: 2001:df2:45c0::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 07:32:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8DF5, serialNumber=C6F758ECDDC4C9B0F72F065C35AD54697432711B Validity Not Before: May 27 07:46:29 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=68356dd4-f2b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:92:7b:c7:34:6c:25:2c:48:65:bf:49:a3:14: e1:0b:4e:95:53:07:41:a5:6f:ae:6b:c7:1b:3a:80: 67:d6:6f:79:e6:d8:0c:52:78:cf:3b:61:60:00:14: ce:48:e7:b5:72:ed:97:86:6b:cc:cc:82:36:3b:f6: 5b:ba:af:6c:cd:c4:38:14:5c:ac:b0:ef:10:67:10: b2:51:97:4a:a6:a4:11:e7:96:4a:89:92:03:73:78: 2b:bb:6f:4e:c1:68:aa:eb:86:7b:13:1c:67:5a:1b: 9f:f9:f8:79:d6:ac:59:9d:ed:6c:93:d1:0a:a8:39: c6:52:e8:f6:e9:b6:1e:f1:02:cd:de:95:42:d7:5e: 43:0d:62:ea:66:4d:a6:73:ce:07:d3:48:80:05:6c: e2:35:2b:bf:02:66:b7:86:8a:fa:53:c9:de:2d:5e: 9b:df:0a:c0:34:82:72:4c:ca:f1:04:c7:dd:e3:d3: 73:c5:70:21:b3:f7:a8:1f:13:22:0d:7d:e4:95:ba: bf:7d:d6:f5:f6:c1:75:90:ca:9e:9f:0c:b1:d6:06: bb:c1:2a:72:ec:b9:74:db:1d:51:56:2d:43:6a:c8: df:fd:03:bd:07:b3:5c:db:46:8f:f6:cc:9a:7e:bd: 23:82:85:18:a9:f8:3c:6b:48:75:2d:d4:8e:6b:e2: 3e:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:B1:0A:CB:35:E8:CC:9B:96:5C:DD:A3:10:8C:D7:27:53:5D:0B:A3 X509v3 Authority Key Identifier: keyid:C6:F7:58:EC:DD:C4:C9:B0:F7:2F:06:5C:35:AD:54:69:74:32:71:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/xvdY7N3EybD3LwZcNa1UaXQycRs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xvdY7N3EybD3LwZcNa1UaXQycRs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/31E0F16AF96011EF9D679C7AC4F9AE02/8F9B067EF96011EF89D9E37DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df2:45c0::/47 Signature Algorithm: sha256WithRSAEncryption 0c:b9:6c:2b:59:eb:4d:ab:0e:f1:da:98:5c:0b:a1:60:f6:17: 1c:d1:56:71:44:08:dc:23:7b:4c:ca:be:10:1a:37:3e:c9:81: d4:6b:51:c5:5d:2c:e3:05:33:c2:c8:b6:0a:29:01:f4:40:e6: 7e:d6:0f:ed:2a:44:be:9f:64:8f:10:92:29:11:a0:9c:7d:14: 82:bf:f6:fd:a5:24:16:d6:d1:fe:e8:4d:19:ac:d2:bd:57:cd: c7:cf:06:05:50:f1:60:67:15:e0:61:35:37:a6:25:82:0d:07: 18:84:0e:e9:2f:99:85:12:95:98:2a:85:b9:0d:87:60:31:44: 0c:f8:59:22:c2:76:44:b7:be:3d:13:da:ad:29:8b:dd:d0:be: 68:3f:47:9f:e9:e7:6e:1d:d3:6f:8a:ca:14:48:bb:b0:1f:cc: 87:97:97:41:c3:59:e2:ed:f3:f5:0f:23:21:1f:4c:62:e7:f8: 0d:de:55:ec:50:73:11:79:0c:13:f7:cf:19:e4:c0:55:f3:a2: b1:36:1e:ff:88:ba:09:93:ab:dd:44:dc:04:c2:9b:73:48:36: e1:4b:d0:1e:4d:d6:42:a6:76:27:09:dc:60:3b:8c:17:fa:56: 10:34:af:d7:41:9d:5a:b9:15:12:e4:b4:35:80:d9:b6:e7:81: 82:c7:ac:9b -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF OERGNTExMC8GA1UEBRMoQzZGNzU4RUNEREM0QzlCMEY3MkYwNjVDMzVBRDU0Njk3 NDMyNzExQjAeFw0yNTA1MjcwNzQ2MjlaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MzU2ZGQ0LWYyYjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBknvHNGwlLEhlv0mjFOELTpVTB0Glb65rxxs6gGfWb3nm2AxSeM87YWAAFM5I 57Vy7ZeGa8zMgjY79lu6r2zNxDgUXKyw7xBnELJRl0qmpBHnlkqJkgNzeCu7b07B aKrrhnsTHGdaG5/5+HnWrFmd7WyT0QqoOcZS6Pbpth7xAs3elULXXkMNYupmTaZz zgfTSIAFbOI1K78CZreGivpTyd4tXpvfCsA0gnJMyvEEx93j03PFcCGz96gfEyIN feSVur991vX2wXWQyp6fDLHWBrvBKnLsuXTbHVFWLUNqyN/9A70Hs1zbRo/2zJp+ vSOChRip+DxrSHUt1I5r4j5bAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQU57EKyzXo zJuWXN2jEIzXJ1NdC6MwHwYDVR0jBBgwFoAUxvdY7N3EybD3LwZcNa1UaXQycRsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4REY1LzMxRTBGMTZBRjk2 MDExRUY5RDY3OUM3QUM0RjlBRTAyL3h2ZFk3TjNFeWJEM0x3WmNOYTFVYVhReWNS cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveHZkWTdOM0V5YkQzTHdaY05hMVVhWFF5Y1JzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OERGNS8zMUUwRjE2QUY5NjAxMUVGOUQ2NzlDN0FDNEY5QUUwMi84RjlCMDY3RUY5 NjAxMUVGODlEOUUzN0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHASABDfJFwDANBgkqhkiG9w0BAQsFAAOCAQEADLlsK1nrTasO 8dqYXAuhYPYXHNFWcUQI3CN7TMq+EBo3PsmB1GtRxV0s4wUzwsi2CikB9EDmftYP 7SpEvp9kjxCSKRGgnH0Ugr/2/aUkFtbR/uhNGazSvVfNx88GBVDxYGcV4GE1N6Yl gg0HGIQO6S+ZhRKVmCqFuQ2HYDFEDPhZIsJ2RLe+PRParSmL3dC+aD9Hn+nnbh3T b4rKFEi7sB/Mh5eXQcNZ4u3z9Q8jIR9MYuf4Dd5V7FBzEXkME/fPGeTAVfOisTYe /4i6CZOr3UTcBMKbc0g24UvQHk3WQqZ2JwncYDuMF/pWEDSv10GdWrkVEuS0NYDZ tueBgsesmw== -----END CERTIFICATE-----Generated at Wed Jun 4 00:07:15 2025 by rpki-client