$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/2D89110A9A5311EE9CB13140C4F9AE02.roa File: 2D89110A9A5311EE9CB13140C4F9AE02.roa (raw, json) Hash identifier: Jj1NVOgg11V9rBHXb/ngLI6yeEIfUQhi8bFPhl/4/hg= Subject key identifier: 39:E1:DE:CB:FB:D7:C2:03:2A:92:31:50:14:B7:3D:8A:2A:D2:70:83 Certificate issuer: /CN=A91DCAE8/serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C Certificate serial: 3513 Authority key identifier: AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/2D89110A9A5311EE9CB13140C4F9AE02.roa Signing time: Sat 20 Sep 2025 15:00:59 +0000 ROA not before: Sat 20 Sep 2025 15:00:59 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 131203 IP address blocks: 2001:df2:a980::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.crl rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:49:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13587 (0x3513) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DCAE8, serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C Validity Not Before: Sep 20 15:00:59 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68cec1ab-eae6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:f1:04:d4:41:2a:c1:2c:8f:6a:23:40:c1:e6: 52:be:b6:b9:cd:a2:e2:d3:0c:85:eb:79:45:3c:20: 14:74:1b:ce:62:e6:21:0c:99:7a:e6:1e:65:57:42: 41:c4:3b:84:77:a6:3d:38:ed:e3:1c:52:6f:1a:ed: 52:36:91:c6:f7:44:11:32:1f:8d:dd:41:44:f4:a8: 30:b4:00:be:23:6f:22:e7:85:48:c3:1a:94:0e:b6: e2:25:85:d0:c0:6d:64:ae:75:b5:14:bb:e3:b1:2f: a2:28:1f:93:fa:b6:f3:9b:33:71:30:18:63:8d:22: d9:d6:00:11:65:36:54:89:f4:4c:71:f6:29:eb:25: e8:38:f8:25:22:80:c4:86:bf:b2:41:f7:ec:38:4e: f2:c7:a8:a3:d3:22:84:70:a1:a5:8a:96:cb:55:c4: 19:ce:f0:51:f3:cc:c1:38:97:d0:ee:8d:da:11:5d: 32:1a:f4:26:5a:fb:50:c6:09:2c:56:20:e5:6e:d5: bd:0c:41:6a:f6:4b:ef:2f:b7:71:88:a0:29:04:3e: 60:64:03:50:4a:f7:34:95:02:d3:05:4c:98:28:25: ce:08:73:d6:34:e7:37:74:6d:c6:55:f2:f6:bf:b0: 94:99:03:d8:6c:ac:c6:a9:62:2e:1d:94:5a:1c:cb: b5:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:E1:DE:CB:FB:D7:C2:03:2A:92:31:50:14:B7:3D:8A:2A:D2:70:83 X509v3 Authority Key Identifier: keyid:AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/2D89110A9A5311EE9CB13140C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2001:df2:a980::/48 Signature Algorithm: sha256WithRSAEncryption 8e:13:e6:6a:16:20:56:3a:c8:05:f0:00:14:c3:90:ab:38:6a: ad:e8:39:78:4e:71:0b:a4:a3:62:b4:64:c3:0e:08:64:65:a9: 20:c3:37:33:11:06:9e:2a:df:ec:42:44:79:1d:b7:46:93:5f: 4e:bf:ef:9b:a0:0f:55:29:c9:07:05:4f:e6:e2:09:25:ca:98: 0c:1a:a7:12:69:d4:53:12:19:76:5e:6d:a6:6d:c5:b4:0f:22: ab:7f:bc:70:79:22:ac:86:56:a4:0c:9c:ad:ba:0f:1c:87:26: 8e:28:bd:c1:19:ae:2f:a4:d0:24:22:f3:9f:85:31:82:fd:f1: a9:fe:b3:47:33:fb:8a:35:98:d9:9f:fe:eb:7f:56:d4:1a:bf: cd:86:11:3f:4b:a4:63:4d:5c:a1:e1:22:cb:d4:f6:39:c0:1f: e5:24:4c:49:ba:ba:e4:df:2c:19:a0:9a:2c:0c:88:5c:fd:c2: cf:79:42:37:cc:1e:d7:7f:a3:7e:86:4c:b9:72:c4:a9:87:ec: 96:af:94:4a:31:32:cf:cb:77:50:a3:b9:14:11:97:f7:b1:35: df:23:6e:85:20:69:58:b1:6c:b4:67:3b:af:e7:57:89:fa:44: 1a:e7:e9:86:e7:13:ad:03:d3:e2:52:56:f0:b5:76:b3:8b:95: db:ac:ca:e6 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICNRMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RENBRTgxMTAvBgNVBAUTKEFBQjBFMkI2MkY2MzQzODk1NzMwQzA1NDg4RTdGQzRF MjZDNTFBNkMwHhcNMjUwOTIwMTUwMDU5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGNlYzFhYi1lYWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzvEE1EEqwSyPaiNAweZSvra5zaLi0wyF63lFPCAUdBvOYuYhDJl65h5lV0JB xDuEd6Y9OO3jHFJvGu1SNpHG90QRMh+N3UFE9KgwtAC+I28i54VIwxqUDrbiJYXQ wG1krnW1FLvjsS+iKB+T+rbzmzNxMBhjjSLZ1gARZTZUifRMcfYp6yXoOPglIoDE hr+yQffsOE7yx6ij0yKEcKGlipbLVcQZzvBR88zBOJfQ7o3aEV0yGvQmWvtQxgks ViDlbtW9DEFq9kvvL7dxiKApBD5gZANQSvc0lQLTBUyYKCXOCHPWNOc3dG3GVfL2 v7CUmQPYbKzGqWIuHZRaHMu1HwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFDnh3sv7 18IDKpIxUBS3PYoq0nCDMB8GA1UdIwQYMBaAFKqw4rYvY0OJVzDAVIjn/E4mxRps MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0FFOC84QjZBREUxNDFE OTMxMUUyOTJDQjIzRjcwOEIwMkNEMi9xckRpdGk5alE0bFhNTUJVaU9mOFRpYkZH bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FyRGl0aTlqUTRsWE1NQlVpT2Y4VGliRkdtdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RENBRTgvOEI2QURFMTQxRDkzMTFFMjkyQ0IyM0Y3MDhCMDJDRDIvMkQ4OTExMEE5 QTUzMTFFRTlDQjEzMTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwAgAQ3yqYAwDQYJKoZIhvcNAQELBQADggEBAI4T5moWIFY6 yAXwABTDkKs4aq3oOXhOcQuko2K0ZMMOCGRlqSDDNzMRBp4q3+xCRHkdt0aTX06/ 75ugD1UpyQcFT+biCSXKmAwapxJp1FMSGXZebaZtxbQPIqt/vHB5IqyGVqQMnK26 DxyHJo4ovcEZri+k0CQi85+FMYL98an+s0cz+4o1mNmf/ut/VtQav82GET9LpGNN XKHhIsvU9jnAH+UkTEm6uuTfLBmgmiwMiFz9ws95QjfMHtd/o36GTLlyxKmH7Jav lEoxMs/Ld1CjuRQRl/exNd8jboUgaVixbLRnO6/nV4n6RBrn6YbnE60D0+JSVvC1 drOLldusyuY= -----END CERTIFICATE-----Generated at Tue Oct 21 01:36:58 2025 by rpki-client