$ rpki-client -vvf rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/2ECF71C4B0A111F0B537573FC4F9AE02.roa File: 2ECF71C4B0A111F0B537573FC4F9AE02.roa (raw, json) Hash identifier: 2OKnQg5qjmkKGEleLvBDwSd2bcC+02+QaHkt9b4fvyA= Subject key identifier: 73:3E:90:1A:25:8E:E7:1E:E0:59:4F:25:4C:22:55:CC:10:DC:29:AC Certificate issuer: /CN=A91A423D/serialNumber=3CCEEB9D2059CFE9F6085677D4B7FA264F533A0F Certificate serial: 7A Authority key identifier: 3C:CE:EB:9D:20:59:CF:E9:F6:08:56:77:D4:B7:FA:26:4F:53:3A:0F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/2ECF71C4B0A111F0B537573FC4F9AE02.roa Signing time: Wed 27 May 2026 08:40:51 +0000 ROA not before: Wed 27 May 2026 08:40:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 154319 IP address blocks: 161.229.208.0/20 maxlen: 20 161.229.208.0/24 maxlen: 24 161.229.209.0/24 maxlen: 24 161.229.210.0/24 maxlen: 24 161.229.211.0/24 maxlen: 24 161.229.212.0/24 maxlen: 24 161.229.213.0/24 maxlen: 24 161.229.214.0/24 maxlen: 24 161.229.215.0/24 maxlen: 24 161.229.216.0/24 maxlen: 24 161.229.217.0/24 maxlen: 24 161.229.218.0/24 maxlen: 24 161.229.219.0/24 maxlen: 24 161.229.220.0/24 maxlen: 24 161.229.221.0/24 maxlen: 24 161.229.222.0/24 maxlen: 24 161.229.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.crl rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Jun 2026 01:32:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 122 (0x7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A423D, serialNumber=3CCEEB9D2059CFE9F6085677D4B7FA264F533A0F Validity Not Before: May 27 08:40:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a16ae13-a7ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:5d:5a:7a:d7:72:5b:4c:d5:00:5f:2a:86:f5: ff:46:04:a1:26:2e:69:41:8d:d5:76:e3:eb:65:ce: fe:fd:ae:fc:0c:a5:6b:fd:f1:6a:d4:c4:b9:a5:4a: 2a:e2:ef:83:55:ac:46:46:a3:2a:d6:1f:8c:ec:6b: af:f7:2f:83:c8:75:3e:3b:ee:49:9f:36:23:7f:59: 20:27:11:7a:43:8a:a1:46:e0:16:15:49:93:28:aa: 12:15:4a:43:f2:e8:ef:77:5b:22:e0:75:ef:a2:05: 8e:ef:4a:df:f3:18:48:88:70:5e:af:33:c2:c8:e0: b9:4e:75:1d:d9:87:22:37:63:08:a6:6a:93:24:a8: 95:af:53:49:b4:09:90:46:71:00:df:e2:53:63:ac: ff:e9:6f:1c:af:01:da:d9:1e:4f:1a:d2:5d:72:8f: 32:87:73:b6:38:84:39:90:65:5f:ff:b7:f0:9c:61: c0:38:c3:54:df:c8:c7:84:c0:e6:11:87:a2:73:15: 84:47:93:b7:70:c9:9b:10:67:c8:78:e3:b4:b1:73: 48:37:51:a1:3f:06:94:f5:95:0d:d1:e6:10:11:fc: 5b:8d:44:fc:74:c7:d0:6c:52:1e:75:76:f5:c9:3a: c3:18:8d:a4:aa:24:c3:bb:4c:a0:6c:2b:5a:6f:a3: 86:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:3E:90:1A:25:8E:E7:1E:E0:59:4F:25:4C:22:55:CC:10:DC:29:AC X509v3 Authority Key Identifier: keyid:3C:CE:EB:9D:20:59:CF:E9:F6:08:56:77:D4:B7:FA:26:4F:53:3A:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PM7rnSBZz-n2CFZ31Lf6Jk9TOg8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A423D/B9769BD8B09511F08C152778C4F9AE02/2ECF71C4B0A111F0B537573FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 161.229.208.0/20 Signature Algorithm: sha256WithRSAEncryption 48:da:a4:c8:fc:b4:57:5e:43:4f:71:63:70:d8:2a:84:0d:7c: 39:6c:59:e7:83:31:bf:a4:cd:d3:fe:b9:9c:e7:a7:e8:09:97: 2a:99:32:94:85:1d:5b:d9:a9:5b:a0:32:1b:f4:63:fd:13:30: e6:dc:d5:97:04:fa:51:4f:ba:05:c3:f2:f4:b3:3b:a6:34:8b: 54:a3:cd:3b:94:9f:96:a2:af:49:bf:5d:59:5d:3c:70:d0:5c: 98:cb:e5:6e:ad:77:ee:9a:e7:f6:77:86:dc:e2:d6:e4:d6:a4: 92:28:0d:ef:78:d8:d2:48:67:08:e4:4d:2f:64:eb:07:ba:88: 5a:3f:51:42:2b:c4:45:2d:b7:38:fa:2d:3c:ea:09:6c:a1:c2: 6d:13:45:df:10:7f:1e:4c:ca:2a:b1:1b:3c:8f:a6:a1:05:dd: 51:7b:5e:2c:de:01:0d:82:5d:ca:3c:9b:5d:ad:94:d9:d7:bf: a1:a5:97:d1:40:3d:d0:85:a1:89:6d:10:6a:73:79:82:b0:22: 7e:52:01:5a:0b:87:91:60:04:e8:3f:10:69:69:7d:4b:d2:ee: d1:b4:47:c1:11:2e:ca:6a:8c:a6:f5:0a:89:39:23:b3:2e:17: ec:bb:2c:7b:43:bb:7f:f9:86:03:e0:7f:86:cb:aa:b6:da:52: e5:a6:e6:40 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIBejANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NDIzRDExMC8GA1UEBRMoM0NDRUVCOUQyMDU5Q0ZFOUY2MDg1Njc3RDRCN0ZBMjY0 RjUzM0EwRjAeFw0yNjA1MjcwODQwNTFaFw0yNzA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTZhMTZhZTEzLWE3ZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCSXVp613JbTNUAXyqG9f9GBKEmLmlBjdV24+tlzv79rvwMpWv98WrUxLmlSiri 74NVrEZGoyrWH4zsa6/3L4PIdT477kmfNiN/WSAnEXpDiqFG4BYVSZMoqhIVSkPy 6O93WyLgde+iBY7vSt/zGEiIcF6vM8LI4LlOdR3ZhyI3YwimapMkqJWvU0m0CZBG cQDf4lNjrP/pbxyvAdrZHk8a0l1yjzKHc7Y4hDmQZV//t/CcYcA4w1TfyMeEwOYR h6JzFYRHk7dwyZsQZ8h447Sxc0g3UaE/BpT1lQ3R5hAR/FuNRPx0x9BsUh51dvXJ OsMYjaSqJMO7TKBsK1pvo4a/AgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUcz6QGiWO 5x7gWU8lTCJVzBDcKawwHwYDVR0jBBgwFoAUPM7rnSBZz+n2CFZ31Lf6Jk9TOg8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0MjNEL0I5NzY5QkQ4QjA5 NTExRjA4QzE1Mjc3OEM0RjlBRTAyL1BNN3JuU0Jaei1uMkNGWjMxTGY2Sms5VE9n OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUE03cm5TQlp6LW4yQ0ZaMzFMZjZKazlUT2c4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDIzRC9COTc2OUJEOEIwOTUxMUYwOEMxNTI3NzhDNEY5QUUwMi8yRUNGNzFDNEIw QTExMUYwQjUzNzU3M0ZDNEY5QUUwMi5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBASh5dAwDQYJKoZIhvcNAQELBQADggEBAEjapMj8tFdeQ09xY3DYKoQN fDlsWeeDMb+kzdP+uZznp+gJlyqZMpSFHVvZqVugMhv0Y/0TMObc1ZcE+lFPugXD 8vSzO6Y0i1SjzTuUn5air0m/XVldPHDQXJjL5W6td+6a5/Z3htzi1uTWpJIoDe94 2NJIZwjkTS9k6we6iFo/UUIrxEUttzj6LTzqCWyhwm0TRd8Qfx5MyiqxGzyPpqEF 3VF7XizeAQ2CXco8m12tlNnXv6Gll9FAPdCFoYltEGpzeYKwIn5SAVoLh5FgBOg/ EGlpfUvS7tG0R8ERLspqjKb1Cok5I7MuF+y7LHtDu3/5hgPgf4bLqrbaUuWm5kA= -----END CERTIFICATE-----Generated at Wed Jun 17 12:04:38 2026 by rpki-client