$ rpki-client -vvf rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/C3BB51160DAC11EFB00E6B16C4F9AE02.roa File: C3BB51160DAC11EFB00E6B16C4F9AE02.roa (raw, json) Hash identifier: bSJAumrmvSViT3/Uy4pn21BwfUV4ya5RD0S3gd/4R3g= Subject key identifier: 3A:08:FC:B8:3A:5D:93:98:EF:DE:D5:52:1D:CD:1E:6E:F4:A0:9C:DD Certificate issuer: /CN=A9170C53/serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Certificate serial: 01F9 Authority key identifier: F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/C3BB51160DAC11EFB00E6B16C4F9AE02.roa Signing time: Sun 01 Mar 2026 06:34:18 +0000 ROA not before: Wed 19 Mar 2025 03:19:22 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 38079 IP address blocks: 192.122.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 505 (0x1f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170C53, serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Validity Not Before: Mar 19 03:19:22 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69a3dde9-ccfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:6f:94:0f:8c:0a:60:8b:fe:ff:22:f1:57:7f: 7a:10:b4:a5:3c:be:21:26:92:dc:ec:14:40:00:09: bd:1d:f1:fa:8a:6e:81:7e:45:09:83:ea:f8:5a:87: 52:75:9b:bf:65:b4:5d:13:40:1e:58:43:f1:4e:3e: 6b:64:7e:e3:bc:c6:27:d7:b8:1b:37:46:4a:fe:ca: 83:f6:7d:18:7b:45:40:96:b8:01:d5:8d:40:5a:0e: 70:82:31:7b:ae:76:9d:a5:c8:cf:a7:e8:7e:e1:d7: 6c:35:60:ea:6c:77:69:b4:e0:74:2f:11:d7:78:9c: 11:ce:d4:79:e1:fc:67:23:1d:10:1d:4c:db:91:e5: 22:c9:05:24:30:13:51:65:8f:75:63:0f:19:48:86: b8:d7:8a:27:8a:ba:f4:6c:01:66:05:1a:46:fa:3e: 60:f8:d0:9e:44:ff:e5:70:8f:5a:69:5a:8f:c7:7f: db:91:7e:c6:ea:ae:cc:14:da:a1:b6:42:b3:b2:1a: 24:8d:84:ab:ba:ce:55:fc:f3:d8:c1:43:b6:48:26: e6:15:2a:d0:3a:a9:b7:92:af:e8:bb:be:c8:34:56: cc:11:ec:e3:cd:40:d1:6d:50:06:6c:e3:99:45:09: d1:46:5d:92:68:27:da:44:25:f2:41:81:10:eb:7c: bd:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:08:FC:B8:3A:5D:93:98:EF:DE:D5:52:1D:CD:1E:6E:F4:A0:9C:DD X509v3 Authority Key Identifier: keyid:F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/C3BB51160DAC11EFB00E6B16C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 192.122.171.0/24 Signature Algorithm: sha256WithRSAEncryption 60:86:9c:15:af:77:fc:34:3e:b5:fc:48:84:77:80:c8:56:20: 55:3e:03:78:74:a0:99:80:65:84:3d:37:68:b8:48:01:07:79: 0d:60:aa:12:02:ac:67:fe:72:6b:7e:eb:64:f5:f9:2d:c7:d8: 0b:58:4e:95:13:17:1a:88:09:26:cb:fe:06:90:a4:08:5c:ee: fd:b3:a4:38:b6:21:92:51:a9:4a:ac:e0:92:ea:bb:d7:b0:86: 56:e1:97:d5:f3:e0:0c:c0:ac:29:11:a4:ad:cd:39:af:7d:ad: 1a:ce:20:e2:00:91:79:80:4b:07:57:69:bb:36:d8:e7:f6:fd: 55:bf:aa:35:45:b8:b4:8d:a9:35:a3:18:df:5e:90:30:93:89: 9a:fe:bc:e6:7b:b0:66:c2:4b:d0:72:1c:5d:7b:e8:1f:81:3a: 38:48:3a:66:f7:b4:86:4e:59:5c:6b:fc:46:c2:f0:bd:ac:28: a6:6b:de:ba:b8:1e:c5:78:fd:3c:f5:57:9e:76:86:3c:e6:6b: 86:78:4e:d0:38:2d:f9:60:0c:30:40:a7:1b:19:e0:17:3a:06: c3:16:db:80:03:94:38:39:d7:21:3e:0e:8a:1f:59:21:79:87: dc:e5:b6:fa:61:2f:55:76:f3:6c:28:2c:db:2d:b4:fc:af:82: 9b:0c:79:41 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAfkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBDNTMxMTAvBgNVBAUTKEY5NDA0QUE1MjRENDM1N0UwQ0NDNjlDN0Q0MEQzRTY2 QTJFNEU2REYwHhcNMjUwMzE5MDMxOTIyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZGRlOS1jY2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6m+UD4wKYIv+/yLxV396ELSlPL4hJpLc7BRAAAm9HfH6im6BfkUJg+r4WodS dZu/ZbRdE0AeWEPxTj5rZH7jvMYn17gbN0ZK/sqD9n0Ye0VAlrgB1Y1AWg5wgjF7 rnadpcjPp+h+4ddsNWDqbHdptOB0LxHXeJwRztR54fxnIx0QHUzbkeUiyQUkMBNR ZY91Yw8ZSIa414onirr0bAFmBRpG+j5g+NCeRP/lcI9aaVqPx3/bkX7G6q7MFNqh tkKzshokjYSrus5V/PPYwUO2SCbmFSrQOqm3kq/ou77INFbMEezjzUDRbVAGbOOZ RQnRRl2SaCfaRCXyQYEQ63y9RwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFDoI/Lg6 XZOY797VUh3NHm70oJzdMB8GA1UdIwQYMBaAFPlASqUk1DV+DMxpx9QNPmai5Obf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEM1My9EQjYzQzlBMjEx NzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5YNE16R25IMUEwLVpxTGs1 dDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLy1VQktwU1RVTlg0TXpHbkgxQTAtWnFMazV0OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzBDNTMvREI2M0M5QTIxMTc2MTFFRTlDNTU5QTNFQzRGOUFFMDIvQzNCQjUxMTYw REFDMTFFRkIwMEU2QjE2QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAwHqrMA0GCSqGSIb3DQEBCwUAA4IBAQBghpwVr3f8ND61/EiEd4DI ViBVPgN4dKCZgGWEPTdouEgBB3kNYKoSAqxn/nJrfutk9fktx9gLWE6VExcaiAkm y/4GkKQIXO79s6Q4tiGSUalKrOCS6rvXsIZW4ZfV8+AMwKwpEaStzTmvfa0aziDi AJF5gEsHV2m7Ntjn9v1Vv6o1Rbi0jak1oxjfXpAwk4ma/rzme7BmwkvQchxde+gf gTo4SDpm97SGTllca/xGwvC9rCima966uB7FeP089VeedoY85muGeE7QOC35YAww QKcbGeAXOgbDFtuAA5Q4OdchPg6KH1kheYfc5bb6YS9VdvNsKCzbLbT8r4KbDHlB -----END CERTIFICATE-----Generated at Mon Mar 2 11:17:54 2026 by rpki-client