$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4053/3EDB83FC50E111F091C4BB74C4F9AE02/D28B7DD450E411F081600061C4F9AE02.roa File: D28B7DD450E411F081600061C4F9AE02.roa (raw, json) Hash identifier: l4xDR8XfunCSdDdqhrbj6MNAoikH4sPGdjRT4Op4rI8= Subject key identifier: 73:17:66:89:F4:43:A1:AD:0D:C4:B3:D0:5E:66:2F:D4:34:5B:C6:62 Certificate issuer: /CN=A91B4053/serialNumber=D726E86F300B264A353C29673E07716F5454B5E2 Certificate serial: 03 Authority key identifier: D7:26:E8:6F:30:0B:26:4A:35:3C:29:67:3E:07:71:6F:54:54:B5:E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ybobzALJko1PClnPgdxb1RUteI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4053/3EDB83FC50E111F091C4BB74C4F9AE02/D28B7DD450E411F081600061C4F9AE02.roa Signing time: Tue 24 Jun 2025 10:20:16 +0000 ROA not before: Tue 24 Jun 2025 10:20:16 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 153996 IP address blocks: 2001:df5:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4053/3EDB83FC50E111F091C4BB74C4F9AE02/1ybobzALJko1PClnPgdxb1RUteI.crl rsync://rpki.apnic.net/member_repository/A91B4053/3EDB83FC50E111F091C4BB74C4F9AE02/1ybobzALJko1PClnPgdxb1RUteI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ybobzALJko1PClnPgdxb1RUteI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4053, serialNumber=D726E86F300B264A353C29673E07716F5454B5E2 Validity Not Before: Jun 24 10:20:16 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=685a7be0-2e85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:cd:f5:6c:d5:68:27:cd:c8:93:2e:c8:a1:94: 9b:ef:16:77:b2:69:12:42:03:03:ed:f1:94:78:99: 90:08:5a:39:d6:e3:0f:e6:59:85:46:08:6b:44:91: e5:76:7d:fd:c2:c5:e2:6a:04:4e:11:2f:01:5d:3b: da:a9:19:db:02:98:b5:57:10:a7:a2:aa:94:da:a3: c7:e5:3f:db:8c:74:7e:70:f2:15:75:e7:80:c0:a1: cd:b0:26:2b:c5:b3:9e:a2:f6:e0:93:23:55:65:37: 1c:6c:68:5e:91:7f:54:3a:e0:35:8b:5f:66:01:06: a3:3f:36:2f:a0:90:c1:e1:c9:ea:94:5e:dd:1f:c9: ad:4e:aa:6d:26:30:2d:23:6f:e6:7e:fa:14:bb:0e: 9b:9b:03:a4:a9:a7:b7:ab:da:2d:43:ce:80:c6:e0: dd:32:93:cd:27:77:9f:b7:b6:f8:61:a6:59:4f:de: 4e:64:d7:b7:9a:93:9c:8c:05:0b:97:68:01:0a:ee: 59:7a:ea:63:c5:ec:99:90:08:97:f9:6e:81:0a:50: 0d:f2:09:01:60:bb:ec:4b:9f:a0:12:e3:59:c3:85: 3e:cc:f7:31:29:88:97:48:c4:bb:d9:e5:c9:3a:e8: 19:3b:da:45:98:f4:37:31:7e:b7:95:a6:c7:f2:97: e6:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:17:66:89:F4:43:A1:AD:0D:C4:B3:D0:5E:66:2F:D4:34:5B:C6:62 X509v3 Authority Key Identifier: keyid:D7:26:E8:6F:30:0B:26:4A:35:3C:29:67:3E:07:71:6F:54:54:B5:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4053/3EDB83FC50E111F091C4BB74C4F9AE02/1ybobzALJko1PClnPgdxb1RUteI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ybobzALJko1PClnPgdxb1RUteI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4053/3EDB83FC50E111F091C4BB74C4F9AE02/D28B7DD450E411F081600061C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df5:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption a5:01:64:ff:24:3b:d5:aa:89:5f:49:99:36:1d:fb:b4:e8:82: be:1c:36:57:ae:40:a0:d0:0e:61:fa:3e:58:2c:a6:53:4b:17: dc:c7:f5:29:c9:5f:93:cd:00:0d:08:36:3f:d7:12:82:52:21: 8c:9d:71:57:09:f2:14:d2:3a:fc:8f:25:07:2c:4c:eb:47:eb: 08:90:7f:42:98:51:19:50:48:67:9f:8c:79:60:e7:be:c5:22: 78:6b:ee:5d:5e:20:4c:44:6a:65:70:9f:89:c1:b7:b0:b4:9b: 59:cd:b0:1d:1a:68:2e:3a:cf:37:0e:bc:ae:02:40:7a:b3:d8: 17:79:9d:41:23:c4:6c:6a:72:73:6f:e9:be:2b:e4:fc:6d:39: c8:44:93:66:9b:2e:54:2a:0f:ca:a0:4a:48:2c:27:16:44:10: 4a:2d:6a:5a:5e:f1:23:30:1d:e3:af:f0:ed:cb:d5:6f:01:8d: 41:59:84:b9:1c:91:3a:80:c3:f2:3e:cb:c3:27:60:09:6e:ed: aa:4b:70:9d:c5:e3:58:7c:e0:e0:5c:ef:7b:b7:eb:ff:6e:ff: c7:81:9b:fd:69:c4:67:63:90:1a:39:1f:a3:97:bd:17:61:a1: 0b:aa:60:49:d7:81:e2:00:0f:73:76:bc:95:91:68:0e:48:41: 31:d0:4d:34 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NDA1MzExMC8GA1UEBRMoRDcyNkU4NkYzMDBCMjY0QTM1M0MyOTY3M0UwNzcxNkY1 NDU0QjVFMjAeFw0yNTA2MjQxMDIwMTZaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4NWE3YmUwLTJlODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMzfVs1WgnzciTLsihlJvvFneyaRJCAwPt8ZR4mZAIWjnW4w/mWYVGCGtEkeV2 ff3CxeJqBE4RLwFdO9qpGdsCmLVXEKeiqpTao8flP9uMdH5w8hV154DAoc2wJivF s56i9uCTI1VlNxxsaF6Rf1Q64DWLX2YBBqM/Ni+gkMHhyeqUXt0fya1Oqm0mMC0j b+Z++hS7DpubA6Spp7er2i1DzoDG4N0yk80nd5+3tvhhpllP3k5k17eak5yMBQuX aAEK7ll66mPF7JmQCJf5boEKUA3yCQFgu+xLn6AS41nDhT7M9zEpiJdIxLvZ5ck6 6Bk72kWY9DcxfreVpsfyl+a/AgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUcxdmifRD oa0NxLPQXmYv1DRbxmIwHwYDVR0jBBgwFoAU1ybobzALJko1PClnPgdxb1RUteIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI0MDUzLzNFREI4M0ZDNTBF MTExRjA5MUM0QkI3NEM0RjlBRTAyLzF5Ym9iekFMSmtvMVBDbG5QZ2R4YjFSVXRl SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMXlib2J6QUxKa28xUENsblBnZHhiMVJVdGVJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDA1My8zRURCODNGQzUwRTExMUYwOTFDNEJCNzRDNEY5QUUwMi9EMjhCN0RENDUw RTQxMUYwODE2MDAwNjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT MBEwDwQCAAIwCQMHACABDfXIwDANBgkqhkiG9w0BAQsFAAOCAQEApQFk/yQ71aqJ X0mZNh37tOiCvhw2V65AoNAOYfo+WCymU0sX3Mf1Kclfk80ADQg2P9cSglIhjJ1x VwnyFNI6/I8lByxM60frCJB/QphRGVBIZ5+MeWDnvsUieGvuXV4gTERqZXCficG3 sLSbWc2wHRpoLjrPNw68rgJAerPYF3mdQSPEbGpyc2/pvivk/G05yESTZpsuVCoP yqBKSCwnFkQQSi1qWl7xIzAd46/w7cvVbwGNQVmEuRyROoDD8j7LwydgCW7tqktw ncXjWHzg4Fzve7fr/27/x4Gb/WnEZ2OQGjkfo5e9F2GhC6pgSdeB4gAPc3a8lZFo DkhBMdBNNA== -----END CERTIFICATE-----Generated at Fri Jul 4 00:46:48 2025 by rpki-client