$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/2FC3DE84B15B11EB8CCCD624C4F9AE02.roa File: 2FC3DE84B15B11EB8CCCD624C4F9AE02.roa (raw, json) Hash identifier: e/Kuo5QdtsaM/mztDHYG4XkizjKIPPrgUEb1ap1W45w= Subject key identifier: 29:F6:B6:70:D6:D2:AC:A1:D4:B5:E5:7A:3E:C4:9D:B5:C9:E8:F8:B1 Certificate issuer: /CN=A91BBA80/serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A Certificate serial: 0C9E Authority key identifier: 06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/2FC3DE84B15B11EB8CCCD624C4F9AE02.roa Signing time: Wed 30 Apr 2025 18:28:14 +0000 ROA not before: Wed 30 Apr 2025 18:28:14 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 132458 IP address blocks: 2001:df1:b401::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.crl rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 18:17:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3230 (0xc9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BBA80, serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A Validity Not Before: Apr 30 18:28:14 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68126bbe-a09b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d9:89:43:4a:d7:8f:92:b6:56:75:e3:6e:fd: 6c:6c:ac:de:f8:5a:17:a0:a2:d4:9e:d8:60:aa:d2: a7:29:53:0a:64:cd:78:15:c1:14:fb:37:ec:d6:43: 1d:4e:f7:b2:4c:ec:af:c4:49:fb:16:ce:3d:01:73: e1:d3:0e:47:14:93:a8:ad:bf:73:1b:3c:7f:6e:8a: 18:a8:ae:01:4f:69:7d:35:ec:8e:65:b6:06:55:3c: 20:56:c0:91:5b:0d:49:24:50:f7:33:7b:e8:32:c8: 07:39:c0:8d:c8:9b:20:df:8d:38:7e:2e:3a:c8:ae: 6a:86:db:07:da:a7:52:c7:8c:67:65:cc:3f:b4:e3: bb:0e:9a:a8:5b:d7:d6:d1:14:88:eb:46:45:0a:75: 5c:e5:91:c7:de:43:10:83:a0:0c:9d:b8:2c:13:78: ce:8b:5b:e7:f9:bb:65:fa:25:26:14:35:a6:95:b8: c9:3d:f0:6f:a2:ec:3e:07:95:08:65:d1:4a:02:2e: b0:04:2f:c1:c6:ec:8f:e6:1a:7a:ee:7a:ea:1f:29: 74:f7:41:9b:2e:89:45:36:99:d6:6f:58:0b:5b:ec: 2e:b2:3f:24:9d:89:23:0b:b0:d9:7e:d3:e2:6a:77: af:38:2f:a6:8a:8b:76:94:f0:91:18:49:38:bf:d5: 20:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:F6:B6:70:D6:D2:AC:A1:D4:B5:E5:7A:3E:C4:9D:B5:C9:E8:F8:B1 X509v3 Authority Key Identifier: keyid:06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/2FC3DE84B15B11EB8CCCD624C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df1:b401::/48 Signature Algorithm: sha256WithRSAEncryption 53:03:eb:31:ba:51:86:e3:07:cb:2f:cd:e3:33:60:57:22:12: d7:3e:3b:74:d2:ea:1f:3c:97:b7:d9:1c:2a:fc:a0:27:b7:87: e8:a9:ab:3e:a3:86:39:8f:d9:d2:f0:e6:37:85:dd:c1:4b:4b: 26:55:f6:60:0d:87:f1:ff:0c:71:58:97:44:cd:e9:8b:4b:bb: 14:5f:b7:d9:49:ec:51:d8:8d:bc:0b:c8:de:22:c0:7c:24:eb: 19:00:eb:c4:5f:d5:09:2f:fb:eb:98:4b:0c:74:ec:e7:78:e4: 9e:f8:08:1b:27:96:99:51:9a:d1:a9:51:c9:34:68:e1:63:a7: 19:65:d3:f6:fe:53:00:28:82:c2:64:d7:19:7c:0a:e5:67:3b: 3f:51:77:19:ca:ad:9f:45:2b:29:81:5c:19:55:a8:a8:d6:37: b2:9b:66:dc:88:75:a7:4f:44:ed:75:d4:95:f4:d6:f8:85:9f: 6d:0c:c9:63:34:32:40:06:c6:de:6b:8b:dc:2f:a2:aa:2c:58: 94:85:98:4a:50:01:f4:05:ef:42:22:c0:67:93:53:e3:29:21: 9f:9f:2a:b1:60:7d:40:51:43:e2:3c:59:2b:99:14:f6:02:d9: 79:f2:8e:84:3d:d5:3c:79:84:97:ba:c7:1e:9b:6b:86:66:d5: 06:63:4d:f2 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICDJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkJBODAxMTAvBgNVBAUTKDA2MEY3RTc3QzAwQUNCRTA4NjhEQzBCOEZDQTIzRDRB NUYwN0Q3N0EwHhcNMjUwNDMwMTgyODE0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODEyNmJiZS1hMDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAytmJQ0rXj5K2VnXjbv1sbKze+FoXoKLUnthgqtKnKVMKZM14FcEU+zfs1kMd TveyTOyvxEn7Fs49AXPh0w5HFJOorb9zGzx/booYqK4BT2l9NeyOZbYGVTwgVsCR Ww1JJFD3M3voMsgHOcCNyJsg3404fi46yK5qhtsH2qdSx4xnZcw/tOO7DpqoW9fW 0RSI60ZFCnVc5ZHH3kMQg6AMnbgsE3jOi1vn+btl+iUmFDWmlbjJPfBvouw+B5UI ZdFKAi6wBC/BxuyP5hp67nrqHyl090GbLolFNpnWb1gLW+wusj8knYkjC7DZftPi anevOC+miot2lPCRGEk4v9Ug5wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFCn2tnDW 0qyh1LXlej7EnbXJ6PixMB8GA1UdIwQYMBaAFAYPfnfACsvgho3AuPyiPUpfB9d6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkE4MC9COThFODFENjA1 QjkxMUVBODIwODk5NkVDNEY5QUUwMi9CZzktZDhBS3ktQ0dqY0M0X0tJOVNsOEgx M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JnOS1kOEFLeS1DR2pjQzRfS0k5U2w4SDEzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkJBODAvQjk4RTgxRDYwNUI5MTFFQTgyMDg5OTZFQzRGOUFFMDIvMkZDM0RFODRC MTVCMTFFQjhDQ0NENjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ3xtAEwDQYJKoZIhvcNAQELBQADggEBAFMD6zG6UYbj B8svzeMzYFciEtc+O3TS6h88l7fZHCr8oCe3h+ipqz6jhjmP2dLw5jeF3cFLSyZV 9mANh/H/DHFYl0TN6YtLuxRft9lJ7FHYjbwLyN4iwHwk6xkA68Rf1Qkv++uYSwx0 7Od45J74CBsnlplRmtGpUck0aOFjpxll0/b+UwAogsJk1xl8CuVnOz9RdxnKrZ9F KymBXBlVqKjWN7KbZtyIdadPRO111JX01viFn20MyWM0MkAGxt5ri9wvoqosWJSF mEpQAfQF70IiwGeTU+MpIZ+fKrFgfUBRQ+I8WSuZFPYC2XnyjoQ91Tx5hJe6xx6b a4Zm1QZjTfI= -----END CERTIFICATE-----Generated at Mon May 12 14:41:44 2025 by rpki-client