$ rpki-client -vvf rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/A647525E853B11EFB513D149C4F9AE02.roa File: A647525E853B11EFB513D149C4F9AE02.roa (raw, json) Hash identifier: 8/z43AfGGthVBc9cfR73JH6jugiVT0aL27yCo3q+XYM= Subject key identifier: E3:CF:DA:FF:9D:5C:CF:BC:0A:E2:67:C6:E4:DE:1A:F7:C2:4E:5D:A3 Certificate issuer: /CN=A9170EED/serialNumber=EDFE706C949B5ECF1DBBE460DBD04EFE7C1E128B Certificate serial: 0119 Authority key identifier: ED:FE:70:6C:94:9B:5E:CF:1D:BB:E4:60:DB:D0:4E:FE:7C:1E:12:8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/A647525E853B11EFB513D149C4F9AE02.roa Signing time: Mon 02 Mar 2026 14:18:23 +0000 ROA not before: Fri 05 Dec 2025 03:44:06 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 150154 IP address blocks: 2001:df4:5e40::/47 maxlen: 47 2001:df4:5e40::/48 maxlen: 48 2001:df4:5e41::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/7f5wbJSbXs8du-Rg29BO_nweEos.crl rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/7f5wbJSbXs8du-Rg29BO_nweEos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 05:05:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 281 (0x119) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170EED, serialNumber=EDFE706C949B5ECF1DBBE460DBD04EFE7C1E128B Validity Not Before: Dec 5 03:44:06 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a59c2f-4cc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:49:c0:80:11:ef:1d:07:68:ce:68:a6:b1:55: 6a:ca:cb:68:5b:fe:4e:4f:d7:4d:74:72:0d:81:ef: 2e:65:63:80:12:6d:c2:4f:cd:09:42:c4:23:e5:5e: 9e:0e:c8:e4:78:58:00:09:96:81:be:59:3a:c4:47: 21:ca:3c:21:cb:e6:be:99:58:d2:6a:aa:3f:f8:49: 19:06:b4:21:dc:87:b5:d8:0b:b5:4b:98:f8:36:87: bb:45:f0:70:ee:eb:62:67:1b:4e:b2:09:5e:df:81: c8:cb:de:36:86:2b:aa:c7:5c:11:fc:ff:5b:45:39: e5:1a:2e:ef:63:0a:5b:85:2a:3b:21:fa:6a:f4:42: a0:94:7f:09:b7:fa:49:e0:a9:c2:5d:5c:55:45:e7: af:71:99:f9:a0:70:f0:5a:66:7f:f9:9d:b4:11:14: e9:a2:eb:3a:eb:ee:46:eb:09:cb:e0:30:6c:b7:27: f4:18:5d:87:21:40:a1:29:71:98:18:48:ed:a4:64: 06:72:06:fa:e2:e1:b6:00:e7:80:dd:4c:f8:f0:bd: fc:48:01:c0:01:ed:c0:82:71:c5:21:61:a8:44:0c: 62:94:c1:c3:cb:6e:24:8c:b7:74:b7:a6:57:45:e6: e3:3b:06:44:e1:4a:99:4b:26:c6:eb:a8:95:4d:c0: 8b:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:CF:DA:FF:9D:5C:CF:BC:0A:E2:67:C6:E4:DE:1A:F7:C2:4E:5D:A3 X509v3 Authority Key Identifier: keyid:ED:FE:70:6C:94:9B:5E:CF:1D:BB:E4:60:DB:D0:4E:FE:7C:1E:12:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/7f5wbJSbXs8du-Rg29BO_nweEos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/A647525E853B11EFB513D149C4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2001:df4:5e40::/47 Signature Algorithm: sha256WithRSAEncryption 49:9c:54:41:fd:45:95:5f:3f:d0:c1:2e:8c:2b:e3:0f:7a:b8: dc:42:e9:dc:ff:e0:40:1c:6e:15:99:35:71:a5:4a:66:d0:d9: c1:2e:5b:be:a9:3d:be:69:a5:40:2d:e4:cb:9b:90:26:a6:15: bd:4a:a9:41:a0:02:f3:e0:68:22:1e:11:8c:1d:e4:4e:20:e6: d6:ab:99:a0:bb:78:6c:35:16:ae:38:74:37:59:8b:6a:bd:99: 1f:d2:31:9f:9a:9e:94:45:fb:33:dc:33:1f:45:67:c3:cd:fc: 73:32:cd:ae:0a:10:e2:d9:82:bb:ee:d5:99:b6:99:71:f4:30: d6:38:b6:86:a1:6e:41:3e:cd:53:4c:34:9a:d3:50:d8:5e:e2: 69:0e:bc:58:08:69:58:2c:de:06:88:95:e1:27:75:8a:4e:21: bb:cf:cb:4c:a9:67:d6:58:14:3e:70:06:e7:70:15:e0:8c:cf: 08:a5:09:94:66:ec:f5:05:87:73:bc:fd:0a:4e:85:87:25:c7: 68:1f:1c:10:b7:74:53:d4:74:42:f7:e0:3f:0f:c4:c7:42:79: 4f:4b:b7:b1:da:c6:5b:b5:52:c3:b9:51:a7:b6:ea:ce:36:0d: f7:e2:f1:1e:9c:5c:11:b1:7c:29:ed:27:80:91:64:a0:a9:3b: 5e:0f:cc:56 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgICARkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBFRUQxMTAvBgNVBAUTKEVERkU3MDZDOTQ5QjVFQ0YxREJCRTQ2MERCRDA0RUZF N0MxRTEyOEIwHhcNMjUxMjA1MDM0NDA2WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OWMyZi00Y2MyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu0nAgBHvHQdozmimsVVqystoW/5OT9dNdHINge8uZWOAEm3CT80JQsQj5V6e DsjkeFgACZaBvlk6xEchyjwhy+a+mVjSaqo/+EkZBrQh3Ie12Au1S5j4Noe7RfBw 7utiZxtOsgle34HIy942hiuqx1wR/P9bRTnlGi7vYwpbhSo7Ifpq9EKglH8Jt/pJ 4KnCXVxVReevcZn5oHDwWmZ/+Z20ERTpous66+5G6wnL4DBstyf0GF2HIUChKXGY GEjtpGQGcgb64uG2AOeA3Uz48L38SAHAAe3AgnHFIWGoRAxilMHDy24kjLd0t6ZX RebjOwZE4UqZSybG66iVTcCLqwIDAQABo4ICYzCCAl8wHQYDVR0OBBYEFOPP2v+d XM+8CuJnxuTeGvfCTl2jMB8GA1UdIwQYMBaAFO3+cGyUm17PHbvkYNvQTv58HhKL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEVFRC8zRkYzOTQwRTg1 M0IxMUVGQTMwNzIzNDlDNEY5QUUwMi83ZjV3YkpTYlhzOGR1LVJnMjlCT19ud2VF b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdmNXdiSlNiWHM4ZHUtUmcyOUJPX253ZUVvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzBFRUQvM0ZGMzk0MEU4NTNCMTFFRkEzMDcyMzQ5QzRGOUFFMDIvQTY0NzUyNUU4 NTNCMTFFRkI1MTNEMTQ5QzRGOUFFMDIucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcBIAEN9F5AMA0GCSqGSIb3DQEBCwUAA4IBAQBJnFRB/UWVXz/QwS6M K+MPerjcQunc/+BAHG4VmTVxpUpm0NnBLlu+qT2+aaVALeTLm5AmphW9SqlBoALz 4GgiHhGMHeROIObWq5mgu3hsNRauOHQ3WYtqvZkf0jGfmp6URfsz3DMfRWfDzfxz Ms2uChDi2YK77tWZtplx9DDWOLaGoW5BPs1TTDSa01DYXuJpDrxYCGlYLN4GiJXh J3WKTiG7z8tMqWfWWBQ+cAbncBXgjM8IpQmUZuz1BYdzvP0KToWHJcdoHxwQt3RT 1HRC9+A/D8THQnlPS7ex2sZbtVLDuVGnturONg334vEenFwRsXwp7SeAkWSgqTte D8xW -----END CERTIFICATE-----Generated at Thu Mar 26 16:54:36 2026 by rpki-client