$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa File: D0CDFEEA406E11EFA085272AC4F9AE02.roa (raw, json) Hash identifier: tezFkMvINZIT10T6DSqOZvxH2uZ604PG/XeQKOGYnuw= Subject key identifier: A9:FE:A8:45:B0:06:F9:37:D8:23:E9:74:9A:0E:11:F3:D0:A2:03:E0 Certificate issuer: /CN=A91F9E0A/serialNumber=3D5946003EEE548AD95D796CB188B751C57CDAC8 Certificate serial: 014B Authority key identifier: 3D:59:46:00:3E:EE:54:8A:D9:5D:79:6C:B1:88:B7:51:C5:7C:DA:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa Signing time: Mon 02 Mar 2026 14:23:28 +0000 ROA not before: Sun 05 Oct 2025 00:51:10 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 152900 IP address blocks: 2401:a4a0:1::/48 maxlen: 48 2401:a4a0:2::/48 maxlen: 48 2401:a4a0:3::/48 maxlen: 48 2401:a4a0:a4a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.crl rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 04:31:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 331 (0x14b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9E0A, serialNumber=3D5946003EEE548AD95D796CB188B751C57CDAC8 Validity Not Before: Oct 5 00:51:10 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=69a59d60-0c02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:2d:49:81:73:9e:5d:8a:8d:d8:68:ba:c0:5e: 7c:59:77:83:b8:5d:53:a8:c5:03:11:52:c3:17:8c: 1a:30:c7:87:7a:32:d6:15:f7:87:4f:2a:5b:f6:88: e6:58:f7:f2:a6:a3:e8:aa:fc:8d:cb:0b:2c:03:4f: 19:54:ed:9d:23:b8:91:c0:ed:1f:c8:38:5f:e7:93: 4a:14:c5:58:80:56:d3:26:30:ed:14:e5:08:e6:c0: d2:76:b9:64:cc:44:91:83:16:89:d4:26:58:3c:08: 85:2c:c5:ee:ae:f3:55:60:4b:94:da:5b:e4:1b:d0: a4:70:48:e2:21:55:45:be:f9:bb:2a:44:73:7a:01: bf:fc:c4:7c:d1:95:e3:2e:e7:06:4b:28:42:f7:72: 9d:1b:eb:17:6c:46:1f:b0:41:fb:ef:2d:a6:d8:56: a9:3c:d6:e1:ac:b3:d7:79:8b:04:31:e3:4e:48:f2: 6c:4f:1b:11:0a:a2:66:05:e8:56:1c:be:0b:42:78: 76:9e:4b:1b:d4:a2:35:de:57:40:2e:55:44:55:b8: af:35:22:78:c7:54:ae:da:b5:77:44:9e:4d:39:3a: 52:05:47:b5:e0:f4:6b:d0:6d:dc:47:ab:d5:66:36: fa:01:e5:0d:9c:3e:98:94:48:ad:a6:8f:28:8b:d8: 2e:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:FE:A8:45:B0:06:F9:37:D8:23:E9:74:9A:0E:11:F3:D0:A2:03:E0 X509v3 Authority Key Identifier: keyid:3D:59:46:00:3E:EE:54:8A:D9:5D:79:6C:B1:88:B7:51:C5:7C:DA:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/PVlGAD7uVIrZXXlssYi3UcV82sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PVlGAD7uVIrZXXlssYi3UcV82sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9E0A/0BD985E83E6911EFA2CE676AC4F9AE02/D0CDFEEA406E11EFA085272AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv6: 2401:a4a0:1::-2401:a4a0:3:ffff:ffff:ffff:ffff:ffff 2401:a4a0:a4a0::/48 Signature Algorithm: sha256WithRSAEncryption 2b:8b:67:0a:32:5d:5d:59:9b:ca:3d:93:6c:a1:92:2c:8f:e9: 96:b5:10:ca:66:a0:4c:c9:19:67:06:96:de:f0:55:51:02:89: b0:3d:06:63:c7:10:51:fc:44:b4:4d:06:2d:8a:2d:9e:42:ac: fa:18:4e:55:e5:04:b6:3f:ed:ee:ba:24:58:12:80:8c:fa:6a: 85:1c:cf:77:20:30:1c:ac:27:c4:42:9e:c5:e5:37:82:22:1b: 20:9a:95:e4:09:7a:be:af:95:75:99:9c:ef:5e:d4:c1:d3:29: 34:8b:a6:49:64:6f:6a:1a:68:c1:02:32:b3:95:13:36:d7:66: 52:c7:65:31:a9:3c:2a:e9:f8:42:c9:d6:79:e9:33:73:ca:41: cc:ae:25:89:d3:82:1f:41:59:cc:88:76:df:03:53:43:de:63: ea:cf:9a:99:ff:21:3a:ae:72:39:61:18:9a:72:fe:f5:14:9f: 08:29:17:a6:d5:e8:e7:49:83:08:05:6d:ac:db:7a:09:bf:29: a3:05:27:de:2a:e6:ae:e7:b8:03:92:21:d5:c0:6b:a2:d8:b8: 8f:b0:18:3f:89:1a:77:1b:53:42:c4:58:1f:f2:f4:24:7e:86: 1b:94:50:95:06:32:1f:ad:84:75:15:92:85:8f:e6:c6:4a:34: c8:2d:65:98 -----BEGIN CERTIFICATE----- MIIFUzCCBDugAwIBAgICAUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjlFMEExMTAvBgNVBAUTKDNENTk0NjAwM0VFRTU0OEFEOTVENzk2Q0IxODhCNzUx QzU3Q0RBQzgwHhcNMjUxMDA1MDA1MTEwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE1OWQ2MC0wYzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAri1JgXOeXYqN2Gi6wF58WXeDuF1TqMUDEVLDF4waMMeHejLWFfeHTypb9ojm WPfypqPoqvyNywssA08ZVO2dI7iRwO0fyDhf55NKFMVYgFbTJjDtFOUI5sDSdrlk zESRgxaJ1CZYPAiFLMXurvNVYEuU2lvkG9CkcEjiIVVFvvm7KkRzegG//MR80ZXj LucGSyhC93KdG+sXbEYfsEH77y2m2FapPNbhrLPXeYsEMeNOSPJsTxsRCqJmBehW HL4LQnh2nksb1KI13ldALlVEVbivNSJ4x1Su2rV3RJ5NOTpSBUe14PRr0G3cR6vV Zjb6AeUNnD6YlEitpo8oi9gufwIDAQABo4ICdzCCAnMwHQYDVR0OBBYEFKn+qEWw Bvk32CPpdJoOEfPQogPgMB8GA1UdIwQYMBaAFD1ZRgA+7lSK2V15bLGIt1HFfNrI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOUUwQS8wQkQ5ODVFODNF NjkxMUVGQTJDRTY3NkFDNEY5QUUwMi9QVmxHQUQ3dVZJclpYWGxzc1lpM1VjVjgy c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BWbEdBRDd1VklyWlhYbHNzWWkzVWNWODJzZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjlFMEEvMEJEOTg1RTgzRTY5MTFFRkEyQ0U2NzZBQzRGOUFFMDIvRDBDREZFRUE0 MDZFMTFFRkEwODUyNzJBQzRGOUFFMDIucm9hMDYGCCsGAQUFBwEHAQH/BCcwJTAj BAIAAjAdMBIDBwAkAaSgAAEDBwIkAaSgAAADBwAkAaSgpKAwDQYJKoZIhvcNAQEL BQADggEBACuLZwoyXV1Zm8o9k2yhkiyP6Za1EMpmoEzJGWcGlt7wVVECibA9BmPH EFH8RLRNBi2KLZ5CrPoYTlXlBLY/7e66JFgSgIz6aoUcz3cgMBysJ8RCnsXlN4Ii GyCaleQJer6vlXWZnO9e1MHTKTSLpklkb2oaaMECMrOVEzbXZlLHZTGpPCrp+ELJ 1nnpM3PKQcyuJYnTgh9BWcyIdt8DU0PeY+rPmpn/ITqucjlhGJpy/vUUnwgpF6bV 6OdJgwgFbazbegm/KaMFJ94q5q7nuAOSIdXAa6LYuI+wGD+JGncbU0LEWB/y9CR+ hhuUUJUGMh+thHUVkoWP5sZKNMgtZZg= -----END CERTIFICATE-----Generated at Thu Mar 26 08:43:06 2026 by rpki-client