$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/CED9053CE35211EDB7F6B44EC4F9AE02.roa File: CED9053CE35211EDB7F6B44EC4F9AE02.roa (raw, json) Hash identifier: xTtZn9aZIB/fSzr6F1pFXv9qqXV1JjTBS40WClRRCIw= Subject key identifier: 4A:7A:77:A5:47:34:7B:BC:01:B3:06:10:DA:54:2B:78:E6:77:10:86 Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Certificate serial: 0C1C Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/CED9053CE35211EDB7F6B44EC4F9AE02.roa Signing time: Tue 30 Sep 2025 20:22:12 +0000 ROA not before: Tue 30 Sep 2025 20:22:12 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 9387 IP address blocks: 2401:4100::/32 maxlen: 32 2401:4100::/33 maxlen: 33 2401:4100:8000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 21:01:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3100 (0xc1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F69E7, serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190 Validity Not Before: Sep 30 20:22:12 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68dc3bf3-43de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:0b:c6:34:e1:da:65:e6:c6:16:2e:5a:54:b1: e0:ce:0c:1c:44:66:0e:58:1f:c9:e1:aa:7f:8c:e4: 5d:94:75:ef:2a:4f:7a:64:ff:6b:90:fa:2b:dd:bd: be:fa:1e:3d:20:43:9a:74:ae:1f:d6:41:d5:a2:1e: 8a:6d:0e:bc:17:86:c5:71:b4:86:0f:28:15:76:42: 78:f4:5c:50:c6:e0:6e:8d:a0:b5:cf:fd:74:32:db: 01:9f:77:cf:71:85:db:c8:51:4c:a6:e2:27:1c:81: f3:7a:49:e6:06:d2:92:d2:cf:81:85:10:f4:31:99: f5:eb:cb:2a:14:4c:fb:78:e3:d1:00:24:4e:6a:ac: 21:9f:08:f7:1a:e0:e5:49:2b:dc:64:39:b9:58:c6: e7:0b:5e:f7:73:07:af:8d:a4:ef:30:eb:7e:6e:68: 8e:0f:d3:15:cc:6d:f6:cd:1c:31:13:73:f0:80:9d: ed:f1:e0:f4:c3:f4:b9:a5:88:bd:1e:5c:2b:60:4a: 46:08:c7:d4:44:71:93:76:62:f1:7a:ec:83:28:2e: 74:c3:1c:ec:10:c5:4f:a3:bc:5b:f7:bd:1f:6e:0e: 34:d3:92:c7:e2:bb:94:cb:15:1c:af:b5:31:38:79: 0d:99:7f:27:9d:40:10:19:87:f8:a8:a7:5b:ef:47: f0:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:7A:77:A5:47:34:7B:BC:01:B3:06:10:DA:54:2B:78:E6:77:10:86 X509v3 Authority Key Identifier: keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/CED9053CE35211EDB7F6B44EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:4100::/32 Signature Algorithm: sha256WithRSAEncryption 3e:8d:e6:17:7e:1d:44:ff:48:8a:c0:db:90:c8:30:ff:6c:e3: af:e1:da:81:35:b6:5d:bb:bb:41:ff:a1:c4:1e:fb:b2:2c:3b: 21:67:bc:ec:1a:1f:4e:1c:0f:70:f2:a1:7e:e9:aa:83:85:9e: 69:bd:5a:1e:2f:c9:4f:ea:b1:fd:96:66:34:87:cf:41:da:7b: 00:39:e8:9e:4c:58:b9:e2:b7:67:f5:4f:e3:ab:40:5c:30:38: dc:fa:c5:7e:35:6a:35:ed:21:c2:8d:b3:c1:73:6d:c8:90:7b: db:f3:73:71:b1:16:59:43:89:6a:95:e9:c5:fc:3c:74:96:67: df:d3:90:2c:1e:72:40:a0:d7:f3:24:09:38:0f:a8:7f:be:8b: 57:6d:c2:00:a6:c9:07:ff:73:6d:27:e9:03:d6:9e:a4:ad:54: 62:d3:2c:b0:42:72:af:73:2b:7b:28:5a:76:17:1c:d0:0f:c5: cd:c3:f1:7d:74:49:34:d4:b8:fe:3e:15:90:61:91:b1:1a:c1: d9:aa:84:a3:aa:68:11:70:c7:d9:51:5b:3d:5c:11:8b:2b:17: 8c:c3:cb:16:a9:e3:98:2a:18:7b:99:b0:08:7d:d6:96:c2:3e: 02:dd:ed:0c:bb:7f:6c:04:4a:50:79:26:7e:c0:7b:5c:35:32: d0:5e:20:b4 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICDBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB MURFRjcxOTAwHhcNMjUwOTMwMjAyMjEyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGRjM2JmMy00M2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArwvGNOHaZebGFi5aVLHgzgwcRGYOWB/J4ap/jORdlHXvKk96ZP9rkPor3b2+ +h49IEOadK4f1kHVoh6KbQ68F4bFcbSGDygVdkJ49FxQxuBujaC1z/10MtsBn3fP cYXbyFFMpuInHIHzeknmBtKS0s+BhRD0MZn168sqFEz7eOPRACROaqwhnwj3GuDl SSvcZDm5WMbnC173cwevjaTvMOt+bmiOD9MVzG32zRwxE3PwgJ3t8eD0w/S5pYi9 HlwrYEpGCMfURHGTdmLxeuyDKC50wxzsEMVPo7xb970fbg4005LH4ruUyxUcr7Ux OHkNmX8nnUAQGYf4qKdb70fw7wIDAQABo4ICljCCApIwHQYDVR0OBBYEFEp6d6VH NHu8AbMGENpUK3jmdxCGMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQ0VEOTA1M0NF MzUyMTFFREI3RjZCNDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkAUEAMA0GCSqGSIb3DQEBCwUAA4IBAQA+jeYXfh1E/0iK wNuQyDD/bOOv4dqBNbZdu7tB/6HEHvuyLDshZ7zsGh9OHA9w8qF+6aqDhZ5pvVoe L8lP6rH9lmY0h89B2nsAOeieTFi54rdn9U/jq0BcMDjc+sV+NWo17SHCjbPBc23I kHvb83NxsRZZQ4lqlenF/Dx0lmff05AsHnJAoNfzJAk4D6h/votXbcIApskH/3Nt J+kD1p6krVRi0yywQnKvcyt7KFp2FxzQD8XNw/F9dEk01Lj+PhWQYZGxGsHZqoSj qmgRcMfZUVs9XBGLKxeMw8sWqeOYKhh7mbAIfdaWwj4C3e0Mu39sBEpQeSZ+wHtc NTLQXiC0 -----END CERTIFICATE-----Generated at Mon Oct 20 08:49:47 2025 by rpki-client