$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa File: DCE70C6EF9B911ED8314C10EC4F9AE02.roa (raw, json) Hash identifier: lkd89MpvF6HjrZnQ7+Am4kQJDo7BJMWf79Z8hJQl200= Subject key identifier: 27:CA:01:84:A8:5F:01:F1:52:A5:E4:BC:32:A8:68:8A:3A:48:92:D2 Certificate issuer: /CN=A91EB4AF/serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Certificate serial: 03BA Authority key identifier: A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa Signing time: Mon 02 Mar 2026 04:54:30 +0000 ROA not before: Mon 18 Aug 2025 06:50:58 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 3573 IP address blocks: 2404:3d00:41a8::/47 maxlen: 47 2404:3d00:41c2::/47 maxlen: 47 2404:3d00:41c2::/48 maxlen: 48 2404:3d00:41c3::/48 maxlen: 48 2404:3d00:41dc::/47 maxlen: 47 2404:3d00:41dc::/48 maxlen: 48 2404:3d00:41dd::/48 maxlen: 48 2404:3d00:41e4::/47 maxlen: 47 2404:3d00:41e4::/48 maxlen: 48 2404:3d00:41e5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Mar 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 954 (0x3ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB4AF, serialNumber=A97EAA4D6F155B8D27C40AE8E327D9BA52C34B42 Validity Not Before: Aug 18 06:50:58 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69a51806-719e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:2c:ca:cc:b1:9d:cf:40:18:e7:ac:4b:0e:27: 65:86:0c:1d:66:02:60:18:10:5d:38:b3:fe:a2:62: b0:95:4d:76:fc:83:92:7f:94:c4:95:71:c3:2e:b3: 1a:7e:90:59:39:d9:45:c9:2f:d1:e4:70:56:bb:db: f5:48:b9:01:ef:d4:09:17:72:5d:9b:f1:f8:91:f1: 36:bc:c6:4d:e6:5c:e6:a1:d7:29:ff:53:dc:5b:ad: a3:ec:ac:48:a9:aa:42:e3:cb:1d:7a:34:a2:b7:7c: d1:8f:e1:12:ea:b3:47:00:59:e6:cf:d1:10:d1:24: 0a:ef:5a:90:fa:ce:41:e2:77:6c:27:23:a3:02:c3: fb:88:68:e7:27:05:df:51:25:51:bd:36:88:17:07: 6c:c2:0d:41:37:5e:d2:af:4f:30:f7:68:77:2a:c6: a6:49:19:9e:b2:2b:a7:12:70:4f:a0:02:17:dc:bc: 5d:54:5b:b8:1b:3a:3a:97:a7:9b:51:2a:24:43:03: a0:41:ef:be:e2:b7:ff:44:26:2d:d0:0b:bc:3a:8a: fa:11:d6:06:36:a8:cb:e2:b1:55:db:49:d1:4e:e5: f7:58:b0:f6:9b:9f:db:1f:94:72:aa:13:7d:9e:17: 32:b2:fa:3f:16:4a:da:a8:db:b2:34:b7:d5:7c:12: 0d:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:CA:01:84:A8:5F:01:F1:52:A5:E4:BC:32:A8:68:8A:3A:48:92:D2 X509v3 Authority Key Identifier: keyid:A9:7E:AA:4D:6F:15:5B:8D:27:C4:0A:E8:E3:27:D9:BA:52:C3:4B:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/qX6qTW8VW40nxAro4yfZulLDS0I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qX6qTW8VW40nxAro4yfZulLDS0I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB4AF/CC7B255ADCA911EC94E3E029C4F9AE02/DCE70C6EF9B911ED8314C10EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2404:3d00:41a8::/47 2404:3d00:41c2::/47 2404:3d00:41dc::/47 2404:3d00:41e4::/47 Signature Algorithm: sha256WithRSAEncryption 59:9c:e2:99:2a:48:b4:a9:71:64:a1:c4:05:d9:eb:a4:a4:81: 0a:d4:3b:9c:a2:d4:75:bb:95:ad:cb:17:29:35:81:21:f4:4c: f1:80:7f:9e:f3:17:0a:0a:73:2c:f8:c4:c8:de:91:68:65:5e: 62:20:b4:a7:4c:1a:a5:fc:23:2f:79:fa:e2:e0:11:69:7b:26: 0c:e1:15:a1:8a:8a:6f:7e:32:38:df:b1:14:42:bf:74:74:ac: 39:d9:55:82:54:e7:70:6b:c4:02:35:ba:58:35:d1:e8:8c:8b: ac:48:84:6e:ff:23:d0:e5:e8:6b:42:ad:07:f8:66:aa:99:b2: 96:98:81:3b:9b:0c:17:06:31:31:66:90:83:16:06:ce:18:d5: 2b:5b:21:39:a9:38:c6:5b:db:f8:09:60:02:b5:25:5f:52:22: 50:26:13:12:00:6d:e5:12:dc:e5:9a:af:58:f6:78:c5:a6:58: c2:76:d0:96:98:97:6a:a2:7e:57:e1:6c:2b:af:91:87:1a:cd: 58:61:35:a4:28:f3:00:1c:b6:c5:8e:ee:6d:1b:37:f3:eb:e4: ed:b2:d3:00:c5:f8:f4:55:e6:13:75:52:f2:01:7f:5c:ac:23: d0:44:06:b6:c7:10:81:af:93:87:37:7d:01:4f:ee:cd:66:b6: 59:92:99:34 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgICA7owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI0QUYxMTAvBgNVBAUTKEE5N0VBQTRENkYxNTVCOEQyN0M0MEFFOEUzMjdEOUJB NTJDMzRCNDIwHhcNMjUwODE4MDY1MDU4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1MTgwNi03MTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4izKzLGdz0AY56xLDidlhgwdZgJgGBBdOLP+omKwlU12/IOSf5TElXHDLrMa fpBZOdlFyS/R5HBWu9v1SLkB79QJF3Jdm/H4kfE2vMZN5lzmodcp/1PcW62j7KxI qapC48sdejSit3zRj+ES6rNHAFnmz9EQ0SQK71qQ+s5B4ndsJyOjAsP7iGjnJwXf USVRvTaIFwdswg1BN17Sr08w92h3KsamSRmesiunEnBPoAIX3LxdVFu4Gzo6l6eb USokQwOgQe++4rf/RCYt0Au8Oor6EdYGNqjL4rFV20nRTuX3WLD2m5/bH5RyqhN9 nhcysvo/FkraqNuyNLfVfBINqQIDAQABo4ICfjCCAnowHQYDVR0OBBYEFCfKAYSo XwHxUqXkvDKoaIo6SJLSMB8GA1UdIwQYMBaAFKl+qk1vFVuNJ8QK6OMn2bpSw0tC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjRBRi9DQzdCMjU1QURD QTkxMUVDOTRFM0UwMjlDNEY5QUUwMi9xWDZxVFc4Vlc0MG54QXJvNHlmWnVsTERT MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FYNnFUVzhWVzQwbnhBcm80eWZadWxMRFMwSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI0QUYvQ0M3QjI1NUFEQ0E5MTFFQzk0RTNFMDI5QzRGOUFFMDIvRENFNzBDNkVG OUI5MTFFRDgzMTRDMTBFQzRGOUFFMDIucm9hMD0GCCsGAQUFBwEHAQH/BC4wLDAq BAIAAjAkAwcBJAQ9AEGoAwcBJAQ9AEHCAwcBJAQ9AEHcAwcBJAQ9AEHkMA0GCSqG SIb3DQEBCwUAA4IBAQBZnOKZKki0qXFkocQF2eukpIEK1DucotR1u5WtyxcpNYEh 9EzxgH+e8xcKCnMs+MTI3pFoZV5iILSnTBql/CMvefri4BFpeyYM4RWhiopvfjI4 37EUQr90dKw52VWCVOdwa8QCNbpYNdHojIusSIRu/yPQ5ehrQq0H+GaqmbKWmIE7 mwwXBjExZpCDFgbOGNUrWyE5qTjGW9v4CWACtSVfUiJQJhMSAG3lEtzlmq9Y9njF pljCdtCWmJdqon5X4Wwrr5GHGs1YYTWkKPMAHLbFju5tGzfz6+TtstMAxfj0VeYT dVLyAX9crCPQRAa2xxCBr5OHN30BT+7NZrZZkpk0 -----END CERTIFICATE-----Generated at Fri Mar 13 20:48:23 2026 by rpki-client