$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/2EFFC95471DC11F0B648E61EC4F9AE02.roa File: 2EFFC95471DC11F0B648E61EC4F9AE02.roa (raw, json) Hash identifier: imzzgK2jkD8mtGVZSU5UK2u7UGX3PSejQBat9sn+BNw= Subject key identifier: 4D:DA:BD:81:68:F0:18:0C:5C:3D:3C:44:A1:AD:10:1C:4C:BA:AE:F3 Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49 Certificate serial: 1074 Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/2EFFC95471DC11F0B648E61EC4F9AE02.roa Signing time: Sun 01 Mar 2026 17:39:31 +0000 ROA not before: Tue 05 Aug 2025 15:55:23 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 14618 IP address blocks: 2401:df00:301::/48 maxlen: 48 2401:df00:331::/48 maxlen: 48 2401:df00:341::/48 maxlen: 48 2401:df00:351::/48 maxlen: 48 2401:df00:421::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 17:24:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4212 (0x1074) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49 Validity Not Before: Aug 5 15:55:23 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a479d3-1c46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:22:2b:e3:09:ef:17:52:e0:28:af:8e:49:8b: de:d5:20:4c:a1:7e:40:15:1c:25:c3:9d:d2:da:3a: 5f:86:eb:f1:00:6e:83:8f:4a:3a:05:80:9d:c1:6b: 51:e0:ac:fc:43:3f:bc:58:47:49:09:65:2f:db:e1: 86:0a:98:e9:5a:fb:59:93:05:a1:3a:06:39:3b:e8: d7:4b:aa:b1:31:84:e8:fc:29:cb:5c:3f:e0:14:23: 0e:b6:1d:9d:90:d5:99:6f:8d:9f:2c:b8:09:c8:e5: 77:7e:92:6c:62:3d:f8:41:62:9b:cb:fb:7b:25:c9: 65:77:fe:eb:ef:63:6f:5a:cc:ee:60:a0:56:a6:e9: 98:4d:2d:97:0a:89:ed:46:c3:cc:af:af:c5:59:c7: 91:81:df:4d:b6:78:e3:26:82:c1:1c:c1:99:4d:a9: 5b:24:e9:9b:cb:7b:f9:55:96:a5:59:01:dc:9f:f9: 83:9f:b8:cb:7b:7b:47:10:47:e0:5f:56:27:76:3c: 4b:f4:4f:98:4a:2d:8c:8d:ad:c2:e5:fb:7b:1c:b9: eb:e9:5d:9d:e2:4d:43:92:73:f8:aa:b5:8f:30:29: 67:7a:70:1d:8e:48:9f:fe:c0:68:f8:d1:b1:c9:1e: 30:b5:71:cf:c8:ae:a0:7d:d4:aa:e4:eb:0a:d8:6b: 91:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:DA:BD:81:68:F0:18:0C:5C:3D:3C:44:A1:AD:10:1C:4C:BA:AE:F3 X509v3 Authority Key Identifier: keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/2EFFC95471DC11F0B648E61EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2401:df00:301::/48 2401:df00:331::/48 2401:df00:341::/48 2401:df00:351::/48 2401:df00:421::/48 Signature Algorithm: sha256WithRSAEncryption 73:09:38:0c:2b:d3:da:b6:86:79:7c:3c:13:32:82:ed:b2:d2: 30:e4:a1:b8:6d:11:72:ba:a1:66:6a:2b:ff:3b:df:bc:cc:75: 89:11:1e:7c:5f:bc:dc:5d:28:61:b5:9e:44:5f:92:2d:1f:5d: 80:86:05:24:a8:e8:5b:6f:c5:22:51:a5:10:fe:89:c1:53:18: de:03:fd:4c:d7:ec:ed:8a:68:fb:19:59:b1:2d:49:eb:b8:3a: b8:a9:66:c1:99:21:b6:8a:62:23:18:2a:4c:15:6c:58:e8:34: c1:31:ce:f7:d5:31:0c:22:64:8f:a3:5e:9c:98:4c:90:99:b2: be:d6:6a:c3:b2:f5:d1:4e:b1:70:3a:b7:7f:c1:9c:a6:f6:df: 80:73:51:35:7a:81:3e:f3:2e:44:59:c2:cb:6b:42:96:e1:0f: 5f:2e:6c:3c:e4:45:1b:73:3c:8b:2a:12:fd:9e:50:9f:0f:b4: 96:c8:b7:67:db:83:57:86:0d:d7:80:54:0a:94:74:7c:7f:4a: 7e:a8:cd:13:04:c0:22:08:b3:bc:94:f8:89:b2:78:62:84:8e: 61:ac:ec:0b:f4:b1:7b:c0:6d:5e:58:c8:8c:d7:ee:54:9f:e5: 3a:cc:ca:c1:59:cf:4c:9b:7e:00:7e:16:ec:09:29:a0:90:41: 9c:02:5f:c9 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICEHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw MUYxOEZGNDkwHhcNMjUwODA1MTU1NTIzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzlkMy0xYzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7CIr4wnvF1LgKK+OSYve1SBMoX5AFRwlw53S2jpfhuvxAG6Dj0o6BYCdwWtR 4Kz8Qz+8WEdJCWUv2+GGCpjpWvtZkwWhOgY5O+jXS6qxMYTo/CnLXD/gFCMOth2d kNWZb42fLLgJyOV3fpJsYj34QWKby/t7Jclld/7r72NvWszuYKBWpumYTS2XCont RsPMr6/FWceRgd9NtnjjJoLBHMGZTalbJOmby3v5VZalWQHcn/mDn7jLe3tHEEfg X1YndjxL9E+YSi2Mja3C5ft7HLnr6V2d4k1DknP4qrWPMClnenAdjkif/sBo+NGx yR4wtXHPyK6gfdSq5OsK2GuROwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFE3avYFo 8BgMXD08RKGtEBxMuq7zMB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvMkVGRkM5NTQ3 MURDMTFGMEI2NDhFNjFFQzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAz BAIAAjAtAwcAJAHfAAMBAwcAJAHfAAMxAwcAJAHfAANBAwcAJAHfAANRAwcAJAHf AAQhMA0GCSqGSIb3DQEBCwUAA4IBAQBzCTgMK9PatoZ5fDwTMoLtstIw5KG4bRFy uqFmaiv/O9+8zHWJER58X7zcXShhtZ5EX5ItH12AhgUkqOhbb8UiUaUQ/onBUxje A/1M1+ztimj7GVmxLUnruDq4qWbBmSG2imIjGCpMFWxY6DTBMc731TEMImSPo16c mEyQmbK+1mrDsvXRTrFwOrd/wZym9t+Ac1E1eoE+8y5EWcLLa0KW4Q9fLmw85EUb czyLKhL9nlCfD7SWyLdn24NXhg3XgFQKlHR8f0p+qM0TBMAiCLO8lPiJsnhihI5h rOwL9LF7wG1eWMiM1+5Un+U6zMrBWc9Mm34AfhbsCSmgkEGcAl/J -----END CERTIFICATE-----Generated at Thu Mar 26 03:34:19 2026 by rpki-client