$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/CB4E186A30E111F09B76D311C4F9AE02.roa File: CB4E186A30E111F09B76D311C4F9AE02.roa (raw, json) Hash identifier: xPkqxoVSxyXeKSaq5jtn4/m5jr8BJckiAgNe5WWb60U= Subject key identifier: 4B:AF:99:C2:1C:84:28:58:E6:6F:A9:13:4E:41:FC:EF:4E:16:77:62 Certificate issuer: /CN=A911DFC9/serialNumber=7665E2835D160085E31EC245222D4B2F7E484409 Certificate serial: 0B Authority key identifier: 76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/CB4E186A30E111F09B76D311C4F9AE02.roa Signing time: Wed 14 May 2025 16:37:59 +0000 ROA not before: Wed 14 May 2025 16:37:59 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 35876 IP address blocks: 165.99.42.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Jun 2025 07:29:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911DFC9, serialNumber=7665E2835D160085E31EC245222D4B2F7E484409 Validity Not Before: May 14 16:37:59 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6824c6e6-6aec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9a:e6:31:d6:a5:1e:60:8f:71:f2:54:22:ec: 6c:b9:29:e6:84:ca:c6:d8:0e:08:97:00:4e:87:e1: fe:84:15:96:8d:0e:31:11:cb:51:67:85:08:ab:2c: a0:97:26:57:cb:ce:92:45:71:55:0a:3b:73:9d:98: 35:92:1d:bc:f6:7a:e0:ab:8b:06:1a:08:f0:e3:3f: ef:d6:59:6f:8b:d3:ec:f2:63:d4:98:e8:0c:7a:11: d0:01:a4:2d:c4:84:ab:9d:1f:75:f1:29:96:a3:d6: dd:0e:52:84:de:25:47:ff:42:29:f3:f0:66:2b:bf: 09:27:c3:b5:d7:b1:8e:e9:5d:04:3d:00:7b:c6:b6: 99:8b:39:88:d4:c7:dd:64:02:38:2e:eb:aa:c7:d6: ba:a6:61:22:37:f0:6a:e2:1d:f2:43:b7:13:07:1b: 83:7c:31:d2:40:2a:ae:b5:c2:1c:2c:50:9c:9d:be: de:02:a8:52:fb:3a:21:71:a0:de:e0:62:a4:67:af: 37:e2:81:0d:89:be:75:e5:e8:2b:60:47:a8:f3:cc: cb:38:40:eb:fc:6f:fb:e3:bc:31:9b:43:d1:5c:1d: 86:89:78:cf:8d:53:64:c7:b7:38:67:84:63:32:9d: 63:6e:17:74:14:c7:5a:69:ec:9e:21:91:01:b0:f5: 14:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:AF:99:C2:1C:84:28:58:E6:6F:A9:13:4E:41:FC:EF:4E:16:77:62 X509v3 Authority Key Identifier: keyid:76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/CB4E186A30E111F09B76D311C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 165.99.42.0/23 Signature Algorithm: sha256WithRSAEncryption 17:80:bf:5b:63:36:f3:a9:14:7f:78:b8:ff:bf:58:04:08:f1: 7d:5c:d8:6b:49:87:64:09:4d:52:12:14:16:e4:cd:ca:2b:7c: 92:26:6c:ce:7c:e5:23:b2:c6:9c:77:dd:6c:55:b0:c1:bb:98: 55:0b:76:ec:72:b1:66:3e:bb:a0:0d:d5:a6:48:3a:10:6e:1a: a1:ab:1c:84:c2:f6:db:84:d2:41:a6:d7:7a:3e:e4:3d:7c:73: 35:58:c3:e8:71:a9:85:52:be:a4:9d:20:75:45:a8:e4:67:dc: a2:43:41:b6:3b:b1:c5:f5:4a:49:3b:12:31:98:c1:b5:05:2d: 30:51:80:11:e5:58:75:65:23:b3:b3:13:97:58:7c:20:75:e7: d8:b6:eb:26:6d:91:e9:e8:d3:46:62:81:44:bb:20:68:91:d9: 24:fe:bc:26:ef:21:5d:18:9e:35:6b:51:4e:d0:47:fe:ac:a6: e6:67:0b:15:ea:34:45:a9:09:1c:d6:78:e7:3a:e1:18:f4:e3: 95:a5:0b:50:ea:1a:55:52:c1:fd:dd:e0:97:6e:7c:b7:c4:10: fd:a9:a5:f7:b8:d0:e4:b7:a2:c9:f6:24:dc:b7:03:8c:3a:53: a5:99:41:ff:fc:5c:f4:89:9f:39:e9:19:bf:71:11:b6:e3:32: ac:7b:ce:90 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx REZDOTExMC8GA1UEBRMoNzY2NUUyODM1RDE2MDA4NUUzMUVDMjQ1MjIyRDRCMkY3 RTQ4NDQwOTAeFw0yNTA1MTQxNjM3NTlaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MjRjNmU2LTZhZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5muYx1qUeYI9x8lQi7Gy5KeaEysbYDgiXAE6H4f6EFZaNDjERy1FnhQirLKCX JlfLzpJFcVUKO3OdmDWSHbz2euCriwYaCPDjP+/WWW+L0+zyY9SY6Ax6EdABpC3E hKudH3XxKZaj1t0OUoTeJUf/Qinz8GYrvwknw7XXsY7pXQQ9AHvGtpmLOYjUx91k Ajgu66rH1rqmYSI38GriHfJDtxMHG4N8MdJAKq61whwsUJydvt4CqFL7OiFxoN7g YqRnrzfigQ2JvnXl6CtgR6jzzMs4QOv8b/vjvDGbQ9FcHYaJeM+NU2THtzhnhGMy nWNuF3QUx1pp7J4hkQGw9RSZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUS6+ZwhyE KFjmb6kTTkH8704Wd2IwHwYDVR0jBBgwFoAUdmXig10WAIXjHsJFIi1LL35IRAkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFERkM5LzhEMzVFODJFMzAy QzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlYakhzSkZJaTFMTDM1SVJB ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvZG1YaWcxMFdBSVhqSHNKRklpMUxMMzVJUkFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx REZDOS84RDM1RTgyRTMwMkMxMUYwODc3NjRBMkJDNEY5QUUwMi9DQjRFMTg2QTMw RTExMUYwOUI3NkQzMTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaVjKjANBgkqhkiG9w0BAQsFAAOCAQEAF4C/W2M286kUf3i4 /79YBAjxfVzYa0mHZAlNUhIUFuTNyit8kiZsznzlI7LGnHfdbFWwwbuYVQt27HKx Zj67oA3Vpkg6EG4aoaschML224TSQabXej7kPXxzNVjD6HGphVK+pJ0gdUWo5Gfc okNBtjuxxfVKSTsSMZjBtQUtMFGAEeVYdWUjs7MTl1h8IHXn2LbrJm2R6ejTRmKB RLsgaJHZJP68Ju8hXRieNWtRTtBH/qym5mcLFeo0RakJHNZ45zrhGPTjlaULUOoa VVLB/d3gl258t8QQ/aml97jQ5LeiyfYk3LcDjDpTpZlB//xc9ImfOekZv3ERtuMy rHvOkA== -----END CERTIFICATE-----Generated at Fri Jun 6 16:43:34 2025 by rpki-client