$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/595774341B6211F0B9733473C4F9AE02.roa File: 595774341B6211F0B9733473C4F9AE02.roa (raw, json) Hash identifier: FsghJjQsuRRGpnhop47UMyZjNIpI+E4uxqKOZi0XVJ8= Subject key identifier: B0:B8:BC:8D:D1:A9:4B:1A:66:20:A5:FC:B2:39:6E:96:E6:B4:E1:87 Certificate issuer: /CN=A91EB4AF/serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Certificate serial: 03BB Authority key identifier: A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/595774341B6211F0B9733473C4F9AE02.roa Signing time: Mon 02 Mar 2026 04:54:31 +0000 ROA not before: Tue 26 Aug 2025 08:49:55 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 21433 IP address blocks: 2404:3d00:41c4::/47 maxlen: 47 2404:3d00:41c4::/48 maxlen: 48 2404:3d00:41c5::/48 maxlen: 48 2404:3d00:41ce::/47 maxlen: 47 2404:3d00:41ce::/48 maxlen: 48 2404:3d00:41cf::/48 maxlen: 48 2404:3d00:41d0::/47 maxlen: 47 2404:3d00:41d0::/48 maxlen: 48 2404:3d00:41d1::/48 maxlen: 48 2404:3d00:41d2::/47 maxlen: 47 2404:3d00:41d4::/47 maxlen: 47 2404:3d00:41d6::/47 maxlen: 47 2404:3d00:41e2::/47 maxlen: 47 2404:3d00:41e2::/48 maxlen: 48 2404:3d00:41e3::/48 maxlen: 48 2404:3d00:41e6::/47 maxlen: 47 2404:3d00:41e6::/48 maxlen: 48 2404:3d00:41e7::/48 maxlen: 48 2404:3d00:41ee::/47 maxlen: 47 2404:3d00:41ee::/48 maxlen: 48 2404:3d00:41ef::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Mar 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 955 (0x3bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB4AF, serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Validity Not Before: Aug 26 08:49:55 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a51807-b86e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:16:39:92:60:2c:8a:61:8e:68:6c:29:7b:e4: 55:b7:2d:03:88:61:17:89:d9:82:f0:19:92:f5:63: 42:d6:e3:21:fa:0e:49:c5:36:a3:9d:95:1d:bf:fd: 75:21:0b:92:44:bc:45:00:a5:9c:c5:b0:09:1e:4a: 1f:74:91:38:fa:c0:df:7a:7e:a2:28:5f:a8:31:19: f3:dd:82:d5:a0:1a:a0:08:a1:2f:c4:ee:d6:54:55: 3c:ac:5f:48:b6:af:9a:c4:80:9d:b2:f9:36:89:89: 67:57:9a:4e:36:48:a7:d5:8a:4e:ec:97:48:a4:62: d5:08:03:8d:22:02:81:c8:76:58:1c:90:b4:0b:1a: 85:41:88:ae:00:de:1e:66:67:4f:cd:1d:d9:36:4e: b4:d4:ff:da:54:12:68:04:7c:fe:29:9e:ac:32:f9: 74:d8:00:de:6e:ca:3e:aa:b4:5c:9d:a6:eb:4d:0f: 7d:26:6e:e1:d2:91:5a:9b:69:c9:b7:5c:63:b5:e9: b5:58:cf:7c:21:6f:0f:d1:c7:c2:a3:c5:2a:6b:91: 6a:8a:09:32:df:28:74:b6:e2:56:10:ad:89:61:91: 7c:71:0a:8e:75:72:58:48:f4:0b:bb:8d:f8:f6:9f: f6:14:01:2d:ed:8d:61:ff:9e:aa:1f:ec:ce:cd:ed: e5:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:B8:BC:8D:D1:A9:4B:1A:66:20:A5:FC:B2:39:6E:96:E6:B4:E1:87 X509v3 Authority Key Identifier: keyid:A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/595774341B6211F0B9733473C4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2404:3d00:41c4::/47 2404:3d00:41ce::-2404:3d00:41d7:ffff:ffff:ffff:ffff:ffff 2404:3d00:41e2::/47 2404:3d00:41e6::/47 2404:3d00:41ee::/47 Signature Algorithm: sha256WithRSAEncryption 32:24:94:2b:8c:d5:6a:54:ae:8a:b4:40:91:02:be:98:33:5b: a3:44:2f:5d:d6:08:f6:88:a3:45:0f:6c:93:f6:12:86:c3:86: 77:56:7a:f1:05:63:c5:db:c8:00:20:1f:4f:17:bc:e7:07:a0: c2:88:46:00:a5:5c:5a:b4:43:0f:d0:b1:57:3e:63:fb:f5:36: ec:ce:d4:99:85:e9:1c:9f:0b:8e:e2:4b:28:5b:55:21:0b:c7: 81:e6:3a:e5:dd:54:62:14:8a:4b:ec:f7:b8:0e:80:69:45:dd: a3:f2:46:eb:8d:37:ef:74:ad:63:60:ac:2c:cf:72:e5:ee:ff: 55:ce:f2:f4:50:13:9e:b4:e0:d6:04:69:19:f2:79:b8:6c:8d: 62:90:4c:15:12:cc:68:a1:f0:62:82:fc:6c:66:a0:9b:9d:3c: d6:2d:80:18:c4:14:b7:90:41:c7:af:06:7a:60:b3:86:36:1b: 90:45:1b:40:c2:c0:23:b7:ff:13:ca:7c:8f:07:3f:df:66:34: 6d:26:df:36:8c:c2:d1:74:42:d7:15:a2:39:3c:7c:4c:a8:44: cd:0a:a4:3b:e3:22:c2:82:69:b6:ff:5f:20:6d:8c:3d:6a:1b: 51:2a:1d:95:de:86:9a:ea:13:39:49:dd:95:43:14:d2:b5:37: 7a:28:f5:9b -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgICA7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI0QUYxMTAvBgNVBAUTKEE5N0VBQTRENkYxNTVCOEQyN0M0MEFFOEUzMjdEOUJB NTJDMzRCNDIwHhcNMjUwODI2MDg0OTU1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MTgwNy1iODZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmRY5kmAsimGOaGwpe+RVty0DiGEXidmC8BmS9WNC1uMh+g5JxTajnZUdv/11 IQuSRLxFAKWcxbAJHkofdJE4+sDfen6iKF+oMRnz3YLVoBqgCKEvxO7WVFU8rF9I tq+axICdsvk2iYlnV5pONkin1YpO7JdIpGLVCAONIgKByHZYHJC0CxqFQYiuAN4e ZmdPzR3ZNk601P/aVBJoBHz+KZ6sMvl02ADebso+qrRcnabrTQ99Jm7h0pFam2nJ t1xjtem1WM98IW8P0cfCo8Uqa5Fqigky3yh0tuJWEK2JYZF8cQqOdXJYSPQLu434 9p/2FAEt7Y1h/56qH+zOze3lDwIDAQABo4ICkjCCAo4wHQYDVR0OBBYEFLC4vI3R qUsaZiCl/LI5bpbmtOGHMB8GA1UdIwQYMBaAFKl+qk1vFVuNJ8QK6OMn2bpSw0tC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjRBRi9DQzdCMjU1QURD QTkxMUVDOTRFM0UwMjlDNEY5QUUwMi9xWDZxVFc4Vlc0MG54QXJvNHlmWnVsTERT MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYNnFUVzhWVzQwbnhBcm80eWZadWxMRFMwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI0QUYvQ0M3QjI1NUFEQ0E5MTFFQzk0RTNFMDI5QzRGOUFFMDIvNTk1Nzc0MzQx QjYyMTFGMEI5NzMzNDczQzRGOUFFMDIucm9hMFEGCCsGAQUFBwEHAQH/BEIwQDA+ BAIAAjA4AwcBJAQ9AEHEMBIDBwEkBD0AQc4DBwMkBD0AQdADBwEkBD0AQeIDBwEk BD0AQeYDBwEkBD0AQe4wDQYJKoZIhvcNAQELBQADggEBADIklCuM1WpUroq0QJEC vpgzW6NEL13WCPaIo0UPbJP2EobDhndWevEFY8XbyAAgH08XvOcHoMKIRgClXFq0 Qw/QsVc+Y/v1NuzO1JmF6RyfC47iSyhbVSELx4HmOuXdVGIUikvs97gOgGlF3aPy RuuNN+90rWNgrCzPcuXu/1XO8vRQE5604NYEaRnyebhsjWKQTBUSzGih8GKC/Gxm oJudPNYtgBjEFLeQQcevBnpgs4Y2G5BFG0DCwCO3/xPKfI8HP99mNG0m3zaMwtF0 QtcVojk8fEyoRM0KpDvjIsKCabb/XyBtjD1qG1EqHZXehprqEzlJ3ZVDFNK1N3oo 9Zs= -----END CERTIFICATE-----Generated at Fri Mar 13 17:55:52 2026 by rpki-client