$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/B3F95F9A24C411F0A4C45287C4F9AE02.roa File: B3F95F9A24C411F0A4C45287C4F9AE02.roa (raw, json) Hash identifier: SpbPHZ/krAG/WpD65rr9pmBtHMuwVfhmB9bAKCP8oRU= Subject key identifier: D6:02:1A:27:1B:07:8F:55:0C:D8:7A:97:70:95:30:86:EC:4C:CD:11 Certificate issuer: /CN=A91B6B4B/serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Certificate serial: 02 Authority key identifier: 2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/B3F95F9A24C411F0A4C45287C4F9AE02.roa Signing time: Tue 29 Apr 2025 06:39:30 +0000 ROA not before: Tue 29 Apr 2025 06:39:30 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 139698 IP address blocks: 161.248.58.0/24 maxlen: 24 161.248.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 07:54:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6B4B, serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Validity Not Before: Apr 29 06:39:30 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68107422-1a69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:03:85:e9:2f:ed:da:0d:ec:f7:09:71:fc:94: 8b:20:9a:55:7f:3c:f3:51:5c:f1:82:e5:6d:d2:af: 3d:70:4d:0b:24:5f:6f:ba:2a:1b:3e:7e:71:e0:72: a2:64:73:86:be:54:58:5f:1b:68:e9:74:ff:9c:0f: 2a:a3:57:af:8b:31:c3:98:b2:09:ce:b9:d8:e4:48: ef:6f:35:65:f0:9b:b6:a2:36:8a:3b:c0:0b:3d:c8: b5:86:0e:30:dc:43:0e:4f:e6:0d:75:12:17:37:67: 39:8a:4a:cf:a9:33:16:d8:37:71:12:74:a0:bb:14: 04:77:64:b2:29:de:21:3d:61:49:fe:5f:c9:14:7b: de:63:07:15:57:a6:e6:19:50:4f:f1:3d:c3:28:1d: b2:ad:68:7f:19:fc:dd:3e:0a:f5:80:71:63:e2:ee: 31:54:20:51:80:d0:db:c9:50:82:61:ae:66:b6:2e: 22:7c:e8:a4:69:0d:a7:48:ae:99:7d:b7:8e:9f:dd: de:17:40:ce:ae:42:10:6f:6e:7f:d5:9f:58:7f:d7: de:67:38:b1:b0:20:98:aa:e4:1b:82:fe:9e:72:4f: 4d:c0:e2:87:1a:22:31:37:ed:5b:16:92:ee:41:c3: e1:63:b2:12:aa:fd:5b:4e:20:87:74:94:60:1f:12: 21:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:02:1A:27:1B:07:8F:55:0C:D8:7A:97:70:95:30:86:EC:4C:CD:11 X509v3 Authority Key Identifier: keyid:2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/B3F95F9A24C411F0A4C45287C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.58.0/23 Signature Algorithm: sha256WithRSAEncryption 39:da:6a:2e:e8:b9:8f:c6:47:5b:ba:de:3a:c4:ac:82:e9:3b: 5f:e3:52:46:62:38:5e:dd:08:a4:53:c1:35:34:03:2c:47:0a: 1a:c5:cf:42:9c:fa:3d:e5:97:6b:2c:e2:ed:b4:b9:b2:49:51: 64:16:da:de:dc:f9:b5:79:d0:13:da:6a:b3:74:a8:9a:96:f2: 2b:ad:d4:22:9e:4a:c2:93:65:8a:7f:76:6a:4b:cc:9f:60:5b: 46:86:50:de:48:ec:6c:20:80:49:fe:18:00:40:59:4b:50:87: 6a:e3:f8:f5:da:63:23:b9:7f:de:4f:1e:43:87:3e:41:bf:74: 59:76:2e:03:47:6b:76:0a:c2:80:f0:49:16:0b:05:a3:57:ec: 13:9b:9b:29:7b:73:a8:8d:b6:95:5a:96:46:39:23:ce:15:11: b3:c6:9a:76:40:14:6d:b2:60:d3:18:aa:e9:ce:11:19:8f:75: 1c:d1:63:f3:8e:db:d2:7b:99:96:ca:94:47:57:ac:43:7f:17: 36:ec:27:f4:f0:52:7d:e1:5e:cd:8e:c1:35:6c:f8:65:86:72: 65:d8:f4:e8:db:1f:86:27:6b:5c:92:eb:77:0a:77:7d:73:ab: 39:5d:00:d2:11:b9:13:5a:0f:d8:2d:64:24:21:af:52:a0:ff: 43:9a:78:7e -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NkI0QjExMC8GA1UEBRMoMkEwMEZENUQ1RUFFRjgxRjMyQjAwQjJFNUM4MkM1RUNE QUMxMjY5MzAeFw0yNTA0MjkwNjM5MzBaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4MTA3NDIyLTFhNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDwA4XpL+3aDez3CXH8lIsgmlV/PPNRXPGC5W3Srz1wTQskX2+6Khs+fnHgcqJk c4a+VFhfG2jpdP+cDyqjV6+LMcOYsgnOudjkSO9vNWXwm7aiNoo7wAs9yLWGDjDc Qw5P5g11Ehc3ZzmKSs+pMxbYN3ESdKC7FAR3ZLIp3iE9YUn+X8kUe95jBxVXpuYZ UE/xPcMoHbKtaH8Z/N0+CvWAcWPi7jFUIFGA0NvJUIJhrma2LiJ86KRpDadIrpl9 t46f3d4XQM6uQhBvbn/Vn1h/195nOLGwIJiq5BuC/p5yT03A4ocaIjE37VsWku5B w+FjshKq/VtOIId0lGAfEiFjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU1gIaJxsH j1UM2HqXcJUwhuxMzREwHwYDVR0jBBgwFoAUKgD9XV6u+B8ysAsuXILF7NrBJpMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2QjRCL0JCNDJDMURFMjRD MzExRjA5NkM2ODQ4MUM0RjlBRTAyL0tnRDlYVjZ1LUI4eXNBc3VYSUxGN05yQkpw TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS2dEOVhWNnUtQjh5c0FzdVhJTEY3TnJCSnBNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NkI0Qi9CQjQyQzFERTI0QzMxMUYwOTZDNjg0ODFDNEY5QUUwMi9CM0Y5NUY5QTI0 QzQxMUYwQTRDNDUyODdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH4OjANBgkqhkiG9w0BAQsFAAOCAQEAOdpqLui5j8ZHW7re OsSsguk7X+NSRmI4Xt0IpFPBNTQDLEcKGsXPQpz6PeWXayzi7bS5sklRZBba3tz5 tXnQE9pqs3SompbyK63UIp5KwpNlin92akvMn2BbRoZQ3kjsbCCASf4YAEBZS1CH auP49dpjI7l/3k8eQ4c+Qb90WXYuA0drdgrCgPBJFgsFo1fsE5ubKXtzqI22lVqW RjkjzhURs8aadkAUbbJg0xiq6c4RGY91HNFj847b0nuZlsqUR1esQ38XNuwn9PBS feFezY7BNWz4ZYZyZdj06NsfhidrXJLrdwp3fXOrOV0A0hG5E1oP2C1kJCGvUqD/ Q5p4fg== -----END CERTIFICATE-----Generated at Wed Jun 4 12:30:29 2025 by rpki-client