$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2FAF13C2DC3D11EEB88CD024C4F9AE02.roa File: 2FAF13C2DC3D11EEB88CD024C4F9AE02.roa (raw, json) Hash identifier: mSQF1kk6JhquwC6AIJtyaykyHTv5D+WRy1ZPZfmC9Ao= Subject key identifier: 39:EA:6B:E8:D4:C5:08:8E:93:D0:69:5F:5F:19:04:BE:83:08:41:C6 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B96A Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2FAF13C2DC3D11EEB88CD024C4F9AE02.roa Signing time: Thu 08 May 2025 16:28:22 +0000 ROA not before: Thu 08 May 2025 16:28:22 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 152490 IP address blocks: 2001:df3:85c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 18:54:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47466 (0xb96a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:28:22 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cdba6-87cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:30:7a:60:d3:ab:b5:33:dc:13:65:7a:2c:9b: f6:ba:64:35:5b:d1:4c:fd:c1:fa:66:ad:69:37:0f: ba:e7:13:f3:27:71:a0:3f:75:d3:6d:a9:cd:04:00: 6e:5d:de:f7:8b:4c:6e:fc:53:d9:64:1d:72:e7:70: 24:3f:65:b3:2a:1c:78:1b:08:9d:eb:43:d1:56:f1: 36:30:0c:3a:18:1f:f0:b6:70:79:5e:76:82:3b:ba: 0c:d9:2e:5e:8e:8d:f5:c1:7b:bd:e4:ab:62:06:a9: b0:3d:4d:c3:5d:82:2d:84:f9:27:71:0a:f8:71:24: 27:64:48:58:61:a8:d8:cb:ad:74:30:39:fa:19:98: 56:a2:23:ed:ad:5e:08:bb:54:a0:95:f7:72:df:ba: b6:44:1e:4e:a9:de:b4:69:c3:d0:f7:29:66:33:21: d9:b9:69:89:b5:6d:6b:76:22:9e:1b:aa:03:a7:46: 63:8d:ca:f3:ef:55:e7:8b:09:d8:b6:82:46:a4:29: 5a:fe:3e:75:d4:f6:60:1b:28:4b:64:09:ab:48:90: 2e:a6:fd:29:51:4b:70:db:23:e9:e3:ee:56:0d:45: 4e:ed:33:e4:42:a9:27:bf:9f:22:c8:de:ab:d8:21: b0:74:ed:96:c6:3c:e4:7c:2a:06:19:a5:be:d1:74: 7f:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:EA:6B:E8:D4:C5:08:8E:93:D0:69:5F:5F:19:04:BE:83:08:41:C6 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2FAF13C2DC3D11EEB88CD024C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df3:85c0::/48 Signature Algorithm: sha256WithRSAEncryption 12:27:ad:ae:c3:3d:fb:7d:39:bb:b9:17:5d:52:55:d6:d8:f6: cc:d6:c3:27:7c:99:8f:76:d9:ae:e3:02:d6:ea:58:4e:ed:f8: 6d:aa:bf:54:ba:60:0f:d5:a4:83:0f:96:7c:61:4c:41:26:9e: 59:e8:e9:52:52:33:35:40:55:a1:ca:82:f0:95:62:7a:09:bc: 3d:23:c5:bf:a5:ea:08:46:a0:bc:5b:ba:dd:9e:c9:bd:57:a2: 76:34:ee:35:8f:4b:57:40:ef:84:e4:ab:87:b2:ea:64:97:e3: ef:3c:9d:33:2e:11:ef:22:00:23:e5:94:f4:8e:d5:36:ce:62: 82:0e:88:c1:50:d2:4e:f6:79:b4:b3:cb:b7:5c:9c:02:bd:91: 7d:a2:31:5f:85:f3:f2:db:a2:ff:f0:ed:73:df:38:13:2b:cf: 51:ea:0c:44:49:58:43:98:88:4e:bb:37:52:08:40:19:06:da: fd:63:14:4a:a1:00:a6:dd:00:bb:62:24:7e:75:1f:b5:00:83: 72:b3:b3:af:80:df:16:44:b2:77:6e:fc:22:00:b2:82:ca:d7: 40:b8:98:43:0a:2b:38:df:45:18:09:61:60:2e:7f:f9:7d:eb: 26:df:7d:81:ab:f7:5f:c0:48:41:1e:62:4a:88:52:c4:88:b2: 20:f5:a3:b4 -----BEGIN CERTIFICATE----- MIIFdTCCBF2gAwIBAgIDALlqMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MjgyMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2RiYTYtODdjZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKowemDTq7Uz3BNleiyb9rpkNVvRTP3B+mataTcPuucT8ydxoD91022pzQQA bl3e94tMbvxT2WQdcudwJD9lsyoceBsInetD0VbxNjAMOhgf8LZweV52gju6DNku Xo6N9cF7veSrYgapsD1Nw12CLYT5J3EK+HEkJ2RIWGGo2MutdDA5+hmYVqIj7a1e CLtUoJX3ct+6tkQeTqnetGnD0PcpZjMh2blpibVta3YinhuqA6dGY43K8+9V54sJ 2LaCRqQpWv4+ddT2YBsoS2QJq0iQLqb9KVFLcNsj6ePuVg1FTu0z5EKpJ7+fIsje q9ghsHTtlsY85HwqBhmlvtF0f3UCAwEAAaOCApgwggKUMB0GA1UdDgQWBBQ56mvo 1MUIjpPQaV9fGQS+gwhBxjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJGQUYxM0My REMzRDExRUVCODhDRDAyNEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCIGCCsGAQUFBwEHAQH/ BBMwETAPBAIAAjAJAwcAIAEN84XAMA0GCSqGSIb3DQEBCwUAA4IBAQASJ62uwz37 fTm7uRddUlXW2PbM1sMnfJmPdtmu4wLW6lhO7fhtqr9UumAP1aSDD5Z8YUxBJp5Z 6OlSUjM1QFWhyoLwlWJ6Cbw9I8W/peoIRqC8W7rdnsm9V6J2NO41j0tXQO+E5KuH supkl+PvPJ0zLhHvIgAj5ZT0jtU2zmKCDojBUNJO9nm0s8u3XJwCvZF9ojFfhfPy 26L/8O1z3zgTK89R6gxESVhDmIhOuzdSCEAZBtr9YxRKoQCm3QC7YiR+dR+1AINy s7OvgN8WRLJ3bvwiALKCytdAuJhDCis430UYCWFgLn/5fesm332Bq/dfwEhBHmJK iFLEiLIg9aO0 -----END CERTIFICATE-----Generated at Tue May 13 00:04:58 2025 by rpki-client