$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/971BD34C68FB11EFB3A4CD61C4F9AE02.roa File: 971BD34C68FB11EFB3A4CD61C4F9AE02.roa (raw, json) Hash identifier: db0T6je7EzXg8TXl/6K3AERU82KHSYVQ7I7q4aY89M8= Subject key identifier: 68:40:95:F0:25:EA:2F:45:E8:69:0A:1B:80:DD:CB:7E:F7:06:A8:E7 Certificate issuer: /CN=A91AF2D9/serialNumber=FF06343CA99A641000C711F32D69F59C19ACF043 Certificate serial: 0122 Authority key identifier: FF:06:34:3C:A9:9A:64:10:00:C7:11:F3:2D:69:F5:9C:19:AC:F0:43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wY0PKmaZBAAxxHzLWn1nBms8EM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/971BD34C68FB11EFB3A4CD61C4F9AE02.roa Signing time: Mon 02 Mar 2026 14:02:29 +0000 ROA not before: Tue 23 Sep 2025 06:26:00 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 151656 IP address blocks: 2001:df4:27c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/_wY0PKmaZBAAxxHzLWn1nBms8EM.crl rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/_wY0PKmaZBAAxxHzLWn1nBms8EM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wY0PKmaZBAAxxHzLWn1nBms8EM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 04:51:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 290 (0x122) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF2D9, serialNumber=FF06343CA99A641000C711F32D69F59C19ACF043 Validity Not Before: Sep 23 06:26:00 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a59875-41ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:bc:e2:4d:ea:8c:db:ef:61:56:e3:f6:a8:0c: f0:c0:50:b7:2c:af:32:89:5d:df:de:21:46:08:3c: 57:da:50:d9:cc:2b:47:a0:e1:f9:58:2c:0d:8b:b5: bf:f8:93:b7:8c:4c:83:7c:ed:d9:c5:0a:50:57:4f: 72:ed:fd:02:bb:cc:56:f3:5e:12:31:0a:39:bc:77: b7:27:0b:ca:a3:ec:52:06:f8:9c:12:6e:86:93:78: 92:af:9b:f2:24:bc:ef:d1:d8:d6:1e:be:fc:15:53: a4:f5:50:9d:a0:4d:0a:a0:5f:0f:a0:d2:66:f8:d5: 62:6a:b3:39:5f:c9:0f:13:a5:fe:44:01:a4:40:53: 6f:a1:3d:aa:4a:3a:11:e7:bb:d9:6e:60:16:b2:46: 4a:30:11:98:04:3e:05:95:39:06:d2:82:ee:fa:6a: 28:08:5e:3c:4c:da:78:84:ef:64:2d:0f:e3:bc:33: 07:6d:41:18:63:d0:02:6b:8f:36:72:82:cd:b7:cc: 44:c6:04:de:63:49:66:ba:71:ba:6b:2d:7e:3d:c3: 07:ee:f7:75:a8:3e:12:13:65:e6:60:e5:0c:17:68: 02:48:a8:26:35:32:d1:3b:eb:ac:48:ae:d9:37:6a: d4:75:8c:2b:36:bb:ce:6b:52:22:ed:10:74:2b:ef: f7:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:40:95:F0:25:EA:2F:45:E8:69:0A:1B:80:DD:CB:7E:F7:06:A8:E7 X509v3 Authority Key Identifier: keyid:FF:06:34:3C:A9:9A:64:10:00:C7:11:F3:2D:69:F5:9C:19:AC:F0:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/_wY0PKmaZBAAxxHzLWn1nBms8EM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_wY0PKmaZBAAxxHzLWn1nBms8EM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF2D9/B31201E067AA11EF8F498A27C4F9AE02/971BD34C68FB11EFB3A4CD61C4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2001:df4:27c0::/48 Signature Algorithm: sha256WithRSAEncryption 6d:c1:17:f9:49:88:7c:b4:99:13:51:e3:7e:70:73:13:5e:cc: 27:56:34:77:e0:ad:9b:ee:1e:06:f9:b9:61:f8:62:7d:7d:60: 6e:a3:a5:7c:48:39:fc:bc:10:c0:f2:8f:a3:c6:ed:89:5a:71: f2:ab:0d:a8:ca:c8:1e:31:c4:98:36:e3:75:bd:48:54:b0:39: 10:5a:b9:4a:e1:49:74:a5:3d:07:a9:30:68:00:f1:29:f0:4c: 4a:87:0c:ac:16:14:01:ca:02:e5:5a:61:09:ee:dd:cf:29:87: b9:f7:99:dc:9f:32:e9:8e:43:ae:b1:4b:cd:94:98:32:ee:de: 40:d0:a2:f2:27:dc:c8:02:d9:da:90:fc:9e:97:09:72:f1:47: 0d:93:6b:51:fc:4a:1f:80:4f:5e:99:d3:f0:2e:35:cd:ee:32: a6:81:8c:01:91:37:2b:ce:da:94:86:ea:c3:04:90:58:ad:bb: 79:5d:22:c7:60:c7:84:5c:1d:5e:36:44:97:a5:79:9f:57:77: e7:8a:f8:79:57:4e:a3:41:8f:89:75:62:e3:40:d7:d9:ba:e1: 96:8a:22:9a:4c:06:79:dc:75:b7:ba:a7:d5:9f:a1:4f:8d:de: 9e:48:b2:1b:cb:2d:07:18:26:c6:80:6a:3f:6d:60:74:3b:c0: ca:a7:54:cf -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgICASIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYyRDkxMTAvBgNVBAUTKEZGMDYzNDNDQTk5QTY0MTAwMEM3MTFGMzJENjlGNTlD MTlBQ0YwNDMwHhcNMjUwOTIzMDYyNjAwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OTg3NS00MWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqrziTeqM2+9hVuP2qAzwwFC3LK8yiV3f3iFGCDxX2lDZzCtHoOH5WCwNi7W/ +JO3jEyDfO3ZxQpQV09y7f0Cu8xW814SMQo5vHe3JwvKo+xSBvicEm6Gk3iSr5vy JLzv0djWHr78FVOk9VCdoE0KoF8PoNJm+NViarM5X8kPE6X+RAGkQFNvoT2qSjoR 57vZbmAWskZKMBGYBD4FlTkG0oLu+mooCF48TNp4hO9kLQ/jvDMHbUEYY9ACa482 coLNt8xExgTeY0lmunG6ay1+PcMH7vd1qD4SE2XmYOUMF2gCSKgmNTLRO+usSK7Z N2rUdYwrNrvOa1Ii7RB0K+/3oQIDAQABo4ICYzCCAl8wHQYDVR0OBBYEFGhAlfAl 6i9F6GkKG4Ddy373BqjnMB8GA1UdIwQYMBaAFP8GNDypmmQQAMcR8y1p9ZwZrPBD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjJEOS9CMzEyMDFFMDY3 QUExMUVGOEY0OThBMjdDNEY5QUUwMi9fd1kwUEttYVpCQUF4eEh6TFduMW5CbXM4 RU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL193WTBQS21hWkJBQXh4SHpMV24xbkJtczhFTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QUYyRDkvQjMxMjAxRTA2N0FBMTFFRjhGNDk4QTI3QzRGOUFFMDIvOTcxQkQzNEM2 OEZCMTFFRkIzQTRDRDYxQzRGOUFFMDIucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAIAEN9CfAMA0GCSqGSIb3DQEBCwUAA4IBAQBtwRf5SYh8tJkTUeN+ cHMTXswnVjR34K2b7h4G+blh+GJ9fWBuo6V8SDn8vBDA8o+jxu2JWnHyqw2oysge McSYNuN1vUhUsDkQWrlK4Ul0pT0HqTBoAPEp8ExKhwysFhQBygLlWmEJ7t3PKYe5 95ncnzLpjkOusUvNlJgy7t5A0KLyJ9zIAtnakPyelwly8UcNk2tR/EofgE9emdPw LjXN7jKmgYwBkTcrztqUhurDBJBYrbt5XSLHYMeEXB1eNkSXpXmfV3fnivh5V06j QY+JdWLjQNfZuuGWiiKaTAZ53HW3uqfVn6FPjd6eSLIbyy0HGCbGgGo/bWB0O8DK p1TP -----END CERTIFICATE-----Generated at Thu Mar 26 19:31:05 2026 by rpki-client