$ rpki-client -vvf rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/A647525E853B11EFB513D149C4F9AE02.roa File: A647525E853B11EFB513D149C4F9AE02.roa (raw, json) Hash identifier: Axdu2K4689qVzRAgDjbBJHLOdW6HGq6jJhlmKdC7fSA= Subject key identifier: 55:A7:7F:67:46:C9:3F:63:DA:6C:7E:CB:8E:03:10:26:4B:C4:17:42 Certificate issuer: /CN=A9170EED/serialNumber=EDFE706C949B5ECF1DBBE460DBD04EFE7C1E128B Certificate serial: BD Authority key identifier: ED:FE:70:6C:94:9B:5E:CF:1D:BB:E4:60:DB:D0:4E:FE:7C:1E:12:8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/A647525E853B11EFB513D149C4F9AE02.roa Signing time: Wed 17 Sep 2025 03:57:29 +0000 ROA not before: Wed 17 Sep 2025 03:57:29 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 150154 IP address blocks: 2001:df4:5e40::/47 maxlen: 47 2001:df4:5e40::/48 maxlen: 48 2001:df4:5e41::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/7f5wbJSbXs8du-Rg29BO_nweEos.crl rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/7f5wbJSbXs8du-Rg29BO_nweEos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:57:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 189 (0xbd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170EED, serialNumber=EDFE706C949B5ECF1DBBE460DBD04EFE7C1E128B Validity Not Before: Sep 17 03:57:29 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=68ca31a9-cf68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4f:13:9a:73:cd:50:d7:0b:aa:82:3f:4c:84: 7f:6b:3d:84:af:9c:8e:28:0b:8b:4e:86:aa:4e:d7: 99:be:30:d1:7d:b3:a7:2f:d5:b1:02:0a:23:c1:bc: 65:63:01:f0:4a:f2:ea:42:f5:77:cd:f5:45:00:c6: 51:08:6b:4f:4c:40:0b:a5:1d:03:12:06:92:aa:71: 71:8c:e4:51:37:fc:c1:c0:69:bf:16:18:e0:f0:f0: 02:4b:bd:0b:7f:1d:62:de:8f:65:bb:80:1c:b8:1b: 64:53:60:d5:ce:ea:5b:5a:64:c9:79:ec:c5:09:36: ba:4c:3f:7d:54:94:fe:73:35:0f:cc:14:3d:d2:1e: 07:03:15:f8:83:42:5f:b3:45:94:86:42:98:fe:b6: 9b:ab:45:35:24:92:cb:9c:12:1b:a8:d3:b6:2b:cd: 75:0a:23:11:88:3a:7c:fb:b3:81:6f:5c:be:47:19: c9:46:ee:5c:9c:3b:0d:84:ff:42:d8:0c:cb:2f:c0: 66:cf:d6:64:45:9a:9c:3d:d7:f2:37:3a:d4:b2:7a: 83:cf:fe:aa:61:c2:db:de:83:5f:58:8f:96:a3:ed: ea:4f:30:4e:30:40:6c:e7:72:3f:53:ff:05:27:04: 52:f8:ce:6e:d1:6d:40:49:30:c9:d2:83:1e:eb:99: 97:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:A7:7F:67:46:C9:3F:63:DA:6C:7E:CB:8E:03:10:26:4B:C4:17:42 X509v3 Authority Key Identifier: keyid:ED:FE:70:6C:94:9B:5E:CF:1D:BB:E4:60:DB:D0:4E:FE:7C:1E:12:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/7f5wbJSbXs8du-Rg29BO_nweEos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/A647525E853B11EFB513D149C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df4:5e40::/47 Signature Algorithm: sha256WithRSAEncryption 6c:a8:36:c9:7c:f4:08:39:aa:8f:7c:9d:5d:96:3f:93:9f:11: 83:e8:31:17:1e:38:12:b5:c7:88:58:f0:28:bd:90:a7:9d:3b: 21:4e:14:44:ce:9f:7c:41:95:d1:c5:49:58:29:b6:69:92:f3: 14:83:7c:5c:e7:b0:d8:23:55:6f:45:5f:60:4d:33:22:d0:2f: 51:80:ec:87:a1:e2:3c:ce:7c:44:e0:a6:54:7a:16:6b:f1:a5: ba:9d:28:94:8a:f3:55:46:25:56:24:47:df:bc:f2:1b:13:a9: 52:2c:7b:ca:17:e3:30:8c:ac:ee:bc:69:f2:25:8f:fc:17:e2: 57:27:4b:8f:3d:60:18:9d:27:35:39:08:9a:92:72:89:9b:7b: f3:f5:56:10:b3:5b:35:08:52:1c:69:da:ce:4a:5f:e3:3a:56: 35:b1:be:28:16:0a:19:1c:ed:e4:2f:d0:3f:cd:32:0e:11:d9: 22:f0:fd:b8:76:02:a9:58:e4:dd:62:82:b4:c7:41:18:7c:b2: 60:46:8d:60:e4:98:a6:c0:5d:ba:8c:6b:a4:da:74:58:bb:03: d2:3c:35:23:43:56:13:c5:8f:27:35:33:06:47:25:de:52:6b: 8f:ce:0e:e2:59:42:9c:f4:43:c3:fb:7f:8c:9c:f4:ce:e3:a9: ac:11:a2:fc -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICAL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBFRUQxMTAvBgNVBAUTKEVERkU3MDZDOTQ5QjVFQ0YxREJCRTQ2MERCRDA0RUZF N0MxRTEyOEIwHhcNMjUwOTE3MDM1NzI5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGNhMzFhOS1jZjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr08TmnPNUNcLqoI/TIR/az2Er5yOKAuLToaqTteZvjDRfbOnL9WxAgojwbxl YwHwSvLqQvV3zfVFAMZRCGtPTEALpR0DEgaSqnFxjORRN/zBwGm/Fhjg8PACS70L fx1i3o9lu4AcuBtkU2DVzupbWmTJeezFCTa6TD99VJT+czUPzBQ90h4HAxX4g0Jf s0WUhkKY/rabq0U1JJLLnBIbqNO2K811CiMRiDp8+7OBb1y+RxnJRu5cnDsNhP9C 2AzLL8Bmz9ZkRZqcPdfyNzrUsnqDz/6qYcLb3oNfWI+Wo+3qTzBOMEBs53I/U/8F JwRS+M5u0W1ASTDJ0oMe65mXLQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFFWnf2dG yT9j2mx+y44DECZLxBdCMB8GA1UdIwQYMBaAFO3+cGyUm17PHbvkYNvQTv58HhKL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEVFRC8zRkYzOTQwRTg1 M0IxMUVGQTMwNzIzNDlDNEY5QUUwMi83ZjV3YkpTYlhzOGR1LVJnMjlCT19ud2VF b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdmNXdiSlNiWHM4ZHUtUmcyOUJPX253ZUVvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzBFRUQvM0ZGMzk0MEU4NTNCMTFFRkEzMDcyMzQ5QzRGOUFFMDIvQTY0NzUyNUU4 NTNCMTFFRkI1MTNEMTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwEgAQ30XkAwDQYJKoZIhvcNAQELBQADggEBAGyoNsl89Ag5 qo98nV2WP5OfEYPoMRceOBK1x4hY8Ci9kKedOyFOFETOn3xBldHFSVgptmmS8xSD fFznsNgjVW9FX2BNMyLQL1GA7Ieh4jzOfETgplR6FmvxpbqdKJSK81VGJVYkR9+8 8hsTqVIse8oX4zCMrO68afIlj/wX4lcnS489YBidJzU5CJqScombe/P1VhCzWzUI Uhxp2s5KX+M6VjWxvigWChkc7eQv0D/NMg4R2SLw/bh2AqlY5N1igrTHQRh8smBG jWDkmKbAXbqMa6TadFi7A9I8NSNDVhPFjyc1MwZHJd5Sa4/ODuJZQpz0Q8P7f4yc 9M7jqawRovw= -----END CERTIFICATE-----Generated at Mon Oct 20 14:46:28 2025 by rpki-client