$ rpki-client -vvf rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa File: 0D491000A64811EA939A7F67C4F9AE02.roa (raw, json) Hash identifier: G8tEalgIYlF459jNjIZOJNDqLr5DDsJR+CWVbE3khX8= Subject key identifier: 99:A2:53:A4:1B:12:A7:B5:89:BD:C5:C8:F9:F9:83:B4:CA:09:AC:17 Certificate issuer: /CN=A9118D0F/serialNumber=43E1E8C4261CE07D4F8E4CFB7A3F833FBB46B88C Certificate serial: 09D7 Authority key identifier: 43:E1:E8:C4:26:1C:E0:7D:4F:8E:4C:FB:7A:3F:83:3F:BB:46:B8:8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa Signing time: Sun 01 Mar 2026 17:02:49 +0000 ROA not before: Fri 16 Jan 2026 08:08:42 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 59268 IP address blocks: 49.128.64.0/24 maxlen: 24 49.128.65.0/24 maxlen: 24 49.128.66.0/24 maxlen: 24 49.128.67.0/24 maxlen: 24 49.128.68.0/24 maxlen: 24 49.128.69.0/24 maxlen: 24 49.128.70.0/24 maxlen: 24 49.128.71.0/24 maxlen: 24 49.128.72.0/24 maxlen: 24 49.128.73.0/24 maxlen: 24 49.128.74.0/24 maxlen: 24 49.128.75.0/24 maxlen: 24 49.128.76.0/24 maxlen: 24 49.128.77.0/24 maxlen: 24 49.128.78.0/24 maxlen: 24 49.128.79.0/24 maxlen: 24 49.128.80.0/24 maxlen: 24 49.128.81.0/24 maxlen: 24 49.128.82.0/24 maxlen: 24 49.128.83.0/24 maxlen: 24 49.128.84.0/24 maxlen: 24 49.128.85.0/24 maxlen: 24 49.128.86.0/24 maxlen: 24 49.128.87.0/24 maxlen: 24 49.128.88.0/24 maxlen: 24 49.128.89.0/24 maxlen: 24 49.128.90.0/24 maxlen: 24 49.128.91.0/24 maxlen: 24 49.128.92.0/24 maxlen: 24 49.128.93.0/24 maxlen: 24 49.128.94.0/24 maxlen: 24 49.128.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.crl rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:09:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2519 (0x9d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118D0F, serialNumber=43E1E8C4261CE07D4F8E4CFB7A3F833FBB46B88C Validity Not Before: Jan 16 08:08:42 2026 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a47139-3674 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:39:34:40:f5:a3:bd:74:d5:73:25:fe:b9:92: 91:84:7b:42:5f:fd:31:f5:09:c9:28:78:02:b5:33: 67:66:0e:cd:7a:e2:1e:83:99:de:9c:59:e8:8b:1f: 2c:5b:c7:db:84:de:9f:02:25:42:35:45:b1:d5:05: 45:b5:ab:d2:af:de:34:32:30:ec:81:55:2d:3e:58: e7:ca:90:3b:73:40:54:ad:12:80:1f:e4:71:cb:dd: 03:61:32:22:c2:5c:b3:ea:b4:97:15:f0:df:0a:f6: 56:14:84:cc:d6:93:15:96:e9:42:72:84:5a:92:3e: d6:c9:45:2b:83:ca:41:7a:eb:ec:e0:42:82:7a:d4: 40:42:f2:b0:f6:1c:ca:9f:0e:09:93:5e:d7:c6:e2: d0:d8:d3:c1:0e:3c:2c:4e:19:86:bb:c5:59:3d:ca: bd:6a:f0:35:54:0e:5d:d8:42:68:5e:02:d3:aa:4e: 2b:17:cf:c2:89:d6:1e:4a:2c:c5:1a:33:79:0d:6e: b8:24:5e:37:11:be:37:02:b2:82:e9:a6:71:fc:91: 38:66:f2:46:77:15:14:ca:10:fe:cb:dc:8c:76:02: af:53:bd:58:aa:0c:5e:5b:8a:0f:0b:04:f2:0b:76: 04:69:a6:9c:4f:ca:ba:4a:a3:94:aa:8c:d5:61:b1: 09:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:A2:53:A4:1B:12:A7:B5:89:BD:C5:C8:F9:F9:83:B4:CA:09:AC:17 X509v3 Authority Key Identifier: keyid:43:E1:E8:C4:26:1C:E0:7D:4F:8E:4C:FB:7A:3F:83:3F:BB:46:B8:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 49.128.64.0/19 Signature Algorithm: sha256WithRSAEncryption 0a:25:0e:82:96:50:fb:42:11:7d:2a:58:eb:8e:85:4d:9a:83: 1a:f7:c9:96:19:29:b7:ba:61:70:c2:e2:02:67:f1:81:3a:75: db:c5:9f:6b:3e:29:5b:b0:61:58:b9:fb:f9:ca:3f:eb:46:86: 58:a2:b3:d4:45:e5:d3:fa:26:ab:e7:08:5b:e2:12:06:2b:88: 04:f3:0d:b2:e6:48:e8:2f:ba:1f:d7:78:84:67:a1:30:89:67: c0:4e:2a:09:9d:fa:e8:3f:eb:74:8c:11:9c:7e:87:01:c5:1f: 15:aa:84:41:82:2f:b5:82:e6:2f:7d:77:a7:43:7d:16:f0:e7: e9:27:25:dc:df:3e:9a:26:65:44:de:5a:46:aa:5e:6b:a7:d3: a8:2b:7c:1f:4f:69:2d:2d:00:68:a5:6a:12:26:b9:c1:a6:d4: 1f:a0:67:02:53:24:28:c2:2f:2c:9d:b5:6c:ba:75:fd:be:f0: 80:ac:9f:3d:f7:a0:8d:7a:57:e3:1d:59:09:82:ac:66:0a:dd: d7:37:15:74:38:7e:cb:92:83:11:80:48:ec:3a:00:94:b9:12: e4:78:fe:5c:06:03:45:f2:2a:b5:d8:0b:f4:a5:92:82:93:e8: cd:ed:41:45:56:e3:e7:a8:d7:67:f1:42:96:13:aa:51:b6:40: 99:54:99:ee -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICCdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MThEMEYxMTAvBgNVBAUTKDQzRTFFOEM0MjYxQ0UwN0Q0RjhFNENGQjdBM0Y4MzNG QkI0NkI4OEMwHhcNMjYwMTE2MDgwODQyWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NzEzOS0zNjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmzk0QPWjvXTVcyX+uZKRhHtCX/0x9QnJKHgCtTNnZg7NeuIeg5nenFnoix8s W8fbhN6fAiVCNUWx1QVFtavSr940MjDsgVUtPljnypA7c0BUrRKAH+Rxy90DYTIi wlyz6rSXFfDfCvZWFITM1pMVlulCcoRakj7WyUUrg8pBeuvs4EKCetRAQvKw9hzK nw4Jk17XxuLQ2NPBDjwsThmGu8VZPcq9avA1VA5d2EJoXgLTqk4rF8/CidYeSizF GjN5DW64JF43Eb43ArKC6aZx/JE4ZvJGdxUUyhD+y9yMdgKvU71YqgxeW4oPCwTy C3YEaaacT8q6SqOUqozVYbEJqwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFJmiU6Qb Eqe1ib3FyPn5g7TKCawXMB8GA1UdIwQYMBaAFEPh6MQmHOB9T45M+3o/gz+7RriM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEQwRi83RDIyNzNCNEE2 NDYxMUVBQUY5RTkxNjJDNEY5QUUwMi9RLUhveENZYzRIMVBqa3o3ZWotRFA3dEd1 SXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1EtSG94Q1ljNEgxUGprejdlai1EUDd0R3VJdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MThEMEYvN0QyMjczQjRBNjQ2MTFFQUFGOUU5MTYyQzRGOUFFMDIvMEQ0OTEwMDBB NjQ4MTFFQTkzOUE3RjY3QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQFMYBAMA0GCSqGSIb3DQEBCwUAA4IBAQAKJQ6CllD7QhF9KljrjoVN moMa98mWGSm3umFwwuICZ/GBOnXbxZ9rPilbsGFYufv5yj/rRoZYorPUReXT+iar 5whb4hIGK4gE8w2y5kjoL7of13iEZ6EwiWfATioJnfroP+t0jBGcfocBxR8VqoRB gi+1guYvfXenQ30W8OfpJyXc3z6aJmVE3lpGql5rp9OoK3wfT2ktLQBopWoSJrnB ptQfoGcCUyQowi8snbVsunX9vvCArJ8996CNelfjHVkJgqxmCt3XNxV0OH7LkoMR gEjsOgCUuRLkeP5cBgNF8iq12Av0pZKCk+jN7UFFVuPnqNdn8UKWE6pRtkCZVJnu -----END CERTIFICATE-----Generated at Mon Mar 2 10:25:50 2026 by rpki-client