$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DDB31A6E896511F0BFB7885BC4F9AE02.roa File: DDB31A6E896511F0BFB7885BC4F9AE02.roa (raw, json) Hash identifier: Nb8Vug+MCmbu3kK6KNxVUFqcEn2tAIPFJrkh834uZ8A= Subject key identifier: EA:8B:C1:25:D9:24:DC:FB:8E:D5:86:65:54:E5:49:D9:23:C0:49:03 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: DBB7 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DDB31A6E896511F0BFB7885BC4F9AE02.roa Signing time: Mon 09 Mar 2026 10:32:08 +0000 ROA not before: Mon 09 Mar 2026 10:32:08 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 153956 IP address blocks: 2001:df5:b140::/48 maxlen: 48 2001:df6:84c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 Apr 2026 05:36:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56247 (0xdbb7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Mar 9 10:32:08 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69aea1a8-12fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:c5:cc:4b:4b:a1:34:ab:0e:61:dd:db:9a:f7: 10:25:bb:40:04:c3:bc:bb:60:f6:5e:dd:9d:ef:2e: 82:72:66:64:8e:b3:dc:84:be:65:8f:00:f9:77:f1: ad:48:a5:ac:fd:37:b0:f9:5b:b3:7f:76:74:33:bc: 10:65:a0:66:8d:7f:ba:54:4c:b9:63:b8:49:a8:45: 83:4d:22:e5:c9:ac:3c:09:f5:13:03:15:8a:53:17: 17:1f:9a:5d:fe:1b:3d:2e:23:69:e3:57:63:4f:72: a2:67:b5:7f:69:3b:a8:1b:64:89:93:52:dd:18:ae: b6:f2:4b:00:d3:90:ff:f5:5d:f2:48:8c:14:79:3d: 34:d5:83:32:22:18:1d:a8:c2:8a:9f:82:63:d3:42: 75:b7:db:d3:9d:8a:82:b7:58:f1:7e:e1:ac:75:d4: d0:75:3a:bb:11:c8:c6:6c:15:27:75:73:93:d3:f3: 1f:f4:82:80:82:86:ed:5d:86:0c:ba:53:8e:e8:cf: 5a:1c:a4:33:d2:c2:86:8a:c6:6d:4a:b1:f0:56:d0: 64:a9:fd:f9:24:52:b4:cb:27:15:24:31:8a:f7:5c: b3:87:5a:87:64:fd:a4:6a:0e:64:6b:8b:fa:a3:8d: 01:ee:df:0d:2a:fc:3c:05:d8:89:da:20:0d:60:71: 0e:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:8B:C1:25:D9:24:DC:FB:8E:D5:86:65:54:E5:49:D9:23:C0:49:03 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DDB31A6E896511F0BFB7885BC4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2001:df5:b140::/48 2001:df6:84c0::/48 Signature Algorithm: sha256WithRSAEncryption 5b:41:f3:f6:fc:e7:45:20:61:f5:83:f4:bf:23:82:63:07:a9: 07:6f:12:b3:8b:8f:80:aa:c8:38:96:ee:7e:be:61:6c:0a:c1: f6:b3:74:5d:eb:03:5d:06:89:50:0c:ad:4c:bc:c8:2a:21:ae: ac:16:40:ec:75:c7:b6:12:c0:30:4e:e1:5b:7b:09:8b:ed:fb: a1:77:5f:fe:48:c6:15:3d:94:39:9f:cc:7a:2b:95:85:2f:57: d9:f9:38:90:4c:07:b0:83:e1:0e:2a:b0:d2:1d:01:c3:b1:f5: 8a:eb:d4:7b:79:6f:5c:23:f7:67:fb:35:c8:b6:06:6b:3f:09: de:9f:7a:53:c8:7b:8c:67:52:6f:a1:ad:b9:77:e8:88:00:b1: bc:f9:dd:0b:3e:f4:2b:97:92:71:ca:4f:b3:6d:62:e2:89:f2: cd:09:75:d1:41:bd:98:79:e8:c6:88:23:b0:6b:2a:13:74:d2: 98:dc:53:92:5f:2b:01:ee:2a:69:73:17:45:31:29:2e:07:d9: d3:91:96:d7:5a:b7:2a:66:41:57:1b:e7:aa:83:5b:aa:4c:4e: 80:b6:09:88:da:3e:18:cc:1b:64:7e:5e:34:6c:d6:74:47:dc: a8:55:93:e8:b2:6c:52:ad:ee:d6:a9:26:07:52:2d:53:84:ee: 91:49:29:65 -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgIDANu3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI2MDMwOTEwMzIwOFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjlhZWExYTgtMTJmZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKLFzEtLoTSrDmHd25r3ECW7QATDvLtg9l7dne8ugnJmZI6z3IS+ZY8A+Xfx rUilrP03sPlbs392dDO8EGWgZo1/ulRMuWO4SahFg00i5cmsPAn1EwMVilMXFx+a Xf4bPS4jaeNXY09yome1f2k7qBtkiZNS3RiutvJLANOQ//Vd8kiMFHk9NNWDMiIY HajCip+CY9NCdbfb052KgrdY8X7hrHXU0HU6uxHIxmwVJ3Vzk9PzH/SCgIKG7V2G DLpTjujPWhykM9LChorGbUqx8FbQZKn9+SRStMsnFSQxivdcs4dah2T9pGoOZGuL +qONAe7fDSr8PAXYidogDWBxDrkCAwEAAaOCAmwwggJoMB0GA1UdDgQWBBTqi8El 2STc+47VhmVU5UnZI8BJAzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0REQjMxQTZF ODk2NTExRjBCRkI3ODg1QkM0RjlBRTAyLnJvYTArBggrBgEFBQcBBwEB/wQcMBow GAQCAAIwEgMHACABDfWxQAMHACABDfaEwDANBgkqhkiG9w0BAQsFAAOCAQEAW0Hz 9vznRSBh9YP0vyOCYwepB28Ss4uPgKrIOJbufr5hbArB9rN0XesDXQaJUAytTLzI KiGurBZA7HXHthLAME7hW3sJi+37oXdf/kjGFT2UOZ/MeiuVhS9X2fk4kEwHsIPh Diqw0h0Bw7H1iuvUe3lvXCP3Z/s1yLYGaz8J3p96U8h7jGdSb6GtuXfoiACxvPnd Cz70K5eSccpPs21i4onyzQl10UG9mHnoxogjsGsqE3TSmNxTkl8rAe4qaXMXRTEp LgfZ05GW11q3KmZBVxvnqoNbqkxOgLYJiNo+GMwbZH5eNGzWdEfcqFWT6LJsUq3u 1qkmB1ItU4TukUkpZQ== -----END CERTIFICATE-----Generated at Thu Mar 26 13:54:34 2026 by rpki-client