$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0B6B/75A92230FE3F11EF8FA27752C4F9AE02/CBB83D902F1E11F09BFFB056C4F9AE02.roa File: CBB83D902F1E11F09BFFB056C4F9AE02.roa (raw, json) Hash identifier: pyDccoxQQCInnCAtVt40DDMgxlsFoS9iakn/+FoSyug= Subject key identifier: 05:25:56:99:CF:57:60:C3:11:84:4D:AF:DF:DC:17:79:FA:97:8A:82 Certificate issuer: /CN=A91D0B6B/serialNumber=C1EE69AA6AA1ACBA32E16764DA81BF7A4168A60D Certificate serial: 22 Authority key identifier: C1:EE:69:AA:6A:A1:AC:BA:32:E1:67:64:DA:81:BF:7A:41:68:A6:0D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/we5pqmqhrLoy4Wdk2oG_ekFopg0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0B6B/75A92230FE3F11EF8FA27752C4F9AE02/CBB83D902F1E11F09BFFB056C4F9AE02.roa Signing time: Mon 12 May 2025 10:49:36 +0000 ROA not before: Mon 12 May 2025 10:49:36 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 153518 IP address blocks: 161.248.141.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0B6B/75A92230FE3F11EF8FA27752C4F9AE02/we5pqmqhrLoy4Wdk2oG_ekFopg0.crl rsync://rpki.apnic.net/member_repository/A91D0B6B/75A92230FE3F11EF8FA27752C4F9AE02/we5pqmqhrLoy4Wdk2oG_ekFopg0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/we5pqmqhrLoy4Wdk2oG_ekFopg0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0B6B, serialNumber=C1EE69AA6AA1ACBA32E16764DA81BF7A4168A60D Validity Not Before: May 12 10:49:36 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=6821d240-97ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:96:cd:2e:53:d6:75:8c:10:25:a3:a4:da:f4: 73:e6:d5:ce:15:3f:29:ac:61:b4:25:57:29:59:83: 39:ab:87:90:21:b7:ee:cc:ea:e8:94:90:51:b1:2f: 80:cb:7f:91:7a:07:0d:93:16:b0:33:2b:48:be:69: 41:ae:35:29:39:d1:dd:75:0f:ed:62:57:d3:2e:54: bf:20:14:c3:9d:08:bf:ff:6e:3b:2b:b5:ae:98:60: d6:02:02:ae:2b:d3:3b:c4:a0:b5:86:af:73:7d:58: d3:8d:45:64:d2:6d:a7:19:32:34:53:0f:2e:73:ef: 44:da:4a:ac:54:d4:bc:12:9c:fd:98:81:dc:2e:f7: 52:9d:c5:9e:3f:b8:c0:7b:37:4f:eb:ed:a4:15:0d: 55:59:ae:d8:2c:b9:13:41:47:a1:20:81:c6:3f:6f: b8:cb:67:1d:2f:92:e3:9f:1e:d8:83:e9:0a:26:98: f3:52:70:c6:9b:b1:38:c6:01:9b:36:f7:7c:4c:2a: 58:32:d8:18:a0:f3:ad:f8:9a:9d:3e:34:98:44:64: 81:fd:a4:34:e7:75:7a:ea:e2:69:30:94:ea:93:5f: 83:8b:24:42:a9:60:fd:e1:91:09:1e:f7:d4:f0:80: ca:61:44:0a:cf:7c:9c:9b:60:c9:70:b1:36:2b:43: eb:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:25:56:99:CF:57:60:C3:11:84:4D:AF:DF:DC:17:79:FA:97:8A:82 X509v3 Authority Key Identifier: keyid:C1:EE:69:AA:6A:A1:AC:BA:32:E1:67:64:DA:81:BF:7A:41:68:A6:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/75A92230FE3F11EF8FA27752C4F9AE02/we5pqmqhrLoy4Wdk2oG_ekFopg0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/we5pqmqhrLoy4Wdk2oG_ekFopg0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0B6B/75A92230FE3F11EF8FA27752C4F9AE02/CBB83D902F1E11F09BFFB056C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.141.0/24 Signature Algorithm: sha256WithRSAEncryption 34:f1:59:bb:65:9e:e5:63:25:7c:a3:41:68:b9:f2:b5:26:0d: 9f:03:bb:0d:65:83:e0:68:33:a7:7a:bb:83:34:e5:65:aa:06: 23:aa:2e:f3:26:ef:ac:d3:6f:77:1b:b0:9d:f0:52:94:11:38: ee:fe:e9:c6:32:ef:00:a5:19:d1:0a:93:fa:5a:0e:ae:45:b4: 6e:96:9d:3a:c8:0d:c1:13:01:6b:80:42:ec:a0:94:80:42:11: 25:b9:4f:51:db:fe:2b:9a:72:47:7b:72:34:b2:10:82:00:b7: 1e:5b:ee:01:ae:fb:50:d3:95:5b:0f:0b:86:ac:97:ed:cb:bb: e0:b3:26:50:15:b8:a9:2a:61:da:bd:68:bf:e5:f4:77:22:bb: bb:e3:5f:bb:68:b8:af:aa:cd:01:25:d4:d6:dc:d8:8a:e5:09: 40:d0:d8:fb:c0:6f:fb:d0:4a:83:64:23:eb:c4:3d:3f:da:fb: b3:2c:bb:cd:8d:5b:18:ca:27:dd:47:96:97:0e:6e:0d:d4:31: 38:f2:01:7d:ce:f6:a0:e4:f4:32:c0:b7:a5:1a:ad:d1:50:2e: d3:1f:31:5c:ce:b5:81:a3:80:dd:62:5a:9c:b7:25:54:1e:e1: 4b:63:4b:4c:03:12:19:76:6b:9b:f9:11:cd:a3:c6:08:93:87: 2e:bb:45:21 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MEI2QjExMC8GA1UEBRMoQzFFRTY5QUE2QUExQUNCQTMyRTE2NzY0REE4MUJGN0E0 MTY4QTYwRDAeFw0yNTA1MTIxMDQ5MzZaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MjFkMjQwLTk3ZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5ls0uU9Z1jBAlo6Ta9HPm1c4VPymsYbQlVylZgzmrh5Aht+7M6uiUkFGxL4DL f5F6Bw2TFrAzK0i+aUGuNSk50d11D+1iV9MuVL8gFMOdCL//bjsrta6YYNYCAq4r 0zvEoLWGr3N9WNONRWTSbacZMjRTDy5z70TaSqxU1LwSnP2Ygdwu91KdxZ4/uMB7 N0/r7aQVDVVZrtgsuRNBR6EggcY/b7jLZx0vkuOfHtiD6QommPNScMabsTjGAZs2 93xMKlgy2Big8634mp0+NJhEZIH9pDTndXrq4mkwlOqTX4OLJEKpYP3hkQke99Tw gMphRArPfJybYMlwsTYrQ+u3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUBSVWmc9X YMMRhE2v39wXefqXioIwHwYDVR0jBBgwFoAUwe5pqmqhrLoy4Wdk2oG/ekFopg0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQwQjZCLzc1QTkyMjMwRkUz RjExRUY4RkEyNzc1MkM0RjlBRTAyL3dlNXBxbXFockxveTRXZGsyb0dfZWtGb3Bn MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvd2U1cHFtcWhyTG95NFdkazJvR19la0ZvcGcwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MEI2Qi83NUE5MjIzMEZFM0YxMUVGOEZBMjc3NTJDNEY5QUUwMi9DQkI4M0Q5MDJG MUUxMUYwOUJGRkIwNTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAKH4jTANBgkqhkiG9w0BAQsFAAOCAQEANPFZu2We5WMlfKNB aLnytSYNnwO7DWWD4Ggzp3q7gzTlZaoGI6ou8ybvrNNvdxuwnfBSlBE47v7pxjLv AKUZ0QqT+loOrkW0bpadOsgNwRMBa4BC7KCUgEIRJblPUdv+K5pyR3tyNLIQggC3 HlvuAa77UNOVWw8LhqyX7cu74LMmUBW4qSph2r1ov+X0dyK7u+Nfu2i4r6rNASXU 1tzYiuUJQNDY+8Bv+9BKg2Qj68Q9P9r7syy7zY1bGMon3UeWlw5uDdQxOPIBfc72 oOT0MsC3pRqt0VAu0x8xXM61gaOA3WJanLclVB7hS2NLTAMSGXZrm/kRzaPGCJOH LrtFIQ== -----END CERTIFICATE-----Generated at Tue May 13 13:24:47 2025 by rpki-client