$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa File: 1D1E9F72A05011ED8B25FE52C4F9AE02.roa (raw, json) Hash identifier: 1hjdoFw4rcv2l/rRs9fuQoHEhsiVtOchmWuAcXp6ln0= Subject key identifier: A6:BB:B7:68:8D:18:BF:4B:B4:C5:5A:B1:7F:72:5E:09:C2:B9:EA:E6 Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 2BB4 Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa Signing time: Sun 01 Mar 2026 19:22:54 +0000 ROA not before: Fri 02 Jan 2026 16:12:59 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 133848 IP address blocks: 49.0.124.0/24 maxlen: 24 49.231.72.0/21 maxlen: 23 49.231.73.0/24 maxlen: 24 49.231.75.0/24 maxlen: 24 49.231.76.0/22 maxlen: 24 49.231.128.0/22 maxlen: 24 49.231.132.0/22 maxlen: 24 58.137.39.0/24 maxlen: 24 110.49.2.0/24 maxlen: 24 110.49.99.0/24 maxlen: 24 110.49.112.0/23 maxlen: 24 210.1.35.0/24 maxlen: 24 2405:9800:d003::/48 maxlen: 48 2405:9800:d007::/48 maxlen: 48 2405:9800:d008::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:40:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11188 (0x2bb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54, serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: Jan 2 16:12:59 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a4920e-6752 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b9:c6:fd:8b:83:5d:d0:ae:74:8c:81:ad:6c: aa:28:b4:a1:12:91:a3:8d:2d:95:7b:34:71:53:b7: 09:7c:4e:07:ff:16:72:c7:d2:e2:d3:07:04:39:20: aa:4c:c4:3e:2f:22:d8:11:74:4d:5b:a2:77:55:55: 4e:98:c3:b3:95:60:8b:20:f6:11:95:45:2f:75:eb: 30:8f:3d:9a:55:d5:57:65:26:f3:53:10:7a:4b:e2: d6:5d:65:99:2b:89:98:f2:49:f1:00:94:4d:16:e7: b4:20:3c:01:99:ad:91:89:7e:e6:2e:70:51:87:65: dc:b5:22:ee:86:85:73:23:95:c0:f5:1e:5c:5d:44: 75:12:bd:f2:6c:39:cb:53:58:64:0a:1d:16:aa:85: b1:63:85:ca:ae:75:81:8b:7a:20:bd:47:b8:06:17: 30:72:22:04:bb:ad:e3:22:c5:c5:9f:2d:e1:ae:a4: 26:e9:23:1f:00:39:b3:1d:05:c1:0e:0b:cb:e7:dd: eb:01:ad:47:4d:93:15:2e:65:6e:b0:00:d8:9a:a3: 4a:28:11:85:f0:1e:b2:7d:18:57:ed:df:44:fb:41: bc:0a:fb:fc:56:c5:11:0c:2c:23:a5:b6:5b:07:6f: 49:ff:61:fb:8c:ef:fe:80:3f:92:3f:dd:6c:b9:1a: 02:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:BB:B7:68:8D:18:BF:4B:B4:C5:5A:B1:7F:72:5E:09:C2:B9:EA:E6 X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/1D1E9F72A05011ED8B25FE52C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 49.0.124.0/24 49.231.72.0/21 49.231.128.0/21 58.137.39.0/24 110.49.2.0/24 110.49.99.0/24 110.49.112.0/23 210.1.35.0/24 IPv6: 2405:9800:d003::/48 2405:9800:d007::-2405:9800:d008:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 34:84:5f:33:68:94:56:19:36:a1:1d:00:fc:14:4f:62:34:04: bd:aa:be:0e:33:a1:b5:0c:03:a8:92:e1:9f:70:a0:95:ea:44: e1:0b:e6:bc:a9:7c:0e:82:84:2d:0d:5a:27:68:fa:dc:b2:7e: 4f:a2:1d:70:d2:4b:f3:c8:74:8c:bd:1c:c2:c7:4c:fb:f9:34: 0d:bf:66:b9:ed:d0:cb:b2:bb:6a:01:72:56:d6:08:f4:2f:48: 83:b5:fa:06:55:ee:60:30:30:e2:35:a6:33:8f:08:26:f2:eb: b3:59:42:15:d8:a4:2b:27:1e:94:d5:fc:83:a9:0a:e0:2b:3a: 5c:e0:12:b6:e8:8f:68:b7:f5:89:5e:e6:dd:3c:13:d0:2b:ca: c6:cf:9f:6e:37:ba:86:6b:cc:92:68:d1:a8:ef:0b:f7:b6:66: 80:43:77:33:eb:9a:bc:f6:77:0a:2f:8c:67:30:ce:bf:b9:8e: d7:81:d9:1c:37:d4:9a:9b:5a:1f:0d:d9:d9:45:fd:f3:d4:b8: e4:52:c6:d2:3d:64:b3:46:c3:1e:12:2b:41:8e:21:a7:2f:63: a5:42:0b:d7:99:69:15:f8:3c:54:d5:57:c4:5e:8a:58:f5:68: fc:32:ee:d1:1e:72:73:b7:ce:f7:c7:6b:8c:3e:16:b9:e9:04: 3c:0a:a3:13 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICK7QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjYwMTAyMTYxMjU5WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OTIwZS02NzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwLnG/YuDXdCudIyBrWyqKLShEpGjjS2VezRxU7cJfE4H/xZyx9Li0wcEOSCq TMQ+LyLYEXRNW6J3VVVOmMOzlWCLIPYRlUUvdeswjz2aVdVXZSbzUxB6S+LWXWWZ K4mY8knxAJRNFue0IDwBma2RiX7mLnBRh2XctSLuhoVzI5XA9R5cXUR1Er3ybDnL U1hkCh0WqoWxY4XKrnWBi3ogvUe4BhcwciIEu63jIsXFny3hrqQm6SMfADmzHQXB DgvL593rAa1HTZMVLmVusADYmqNKKBGF8B6yfRhX7d9E+0G8Cvv8VsURDCwjpbZb B29J/2H7jO/+gD+SP91suRoCKwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFKa7t2iN GL9LtMVasX9yXgnCuermMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvMUQxRTlGNzJB MDUwMTFFRDhCMjVGRTUyQzRGOUFFMDIucm9hMG4GCCsGAQUFBwEHAQH/BF8wXTA2 BAIAATAwAwQAMQB8AwQDMedIAwQDMeeAAwQAOoknAwQAbjECAwQAbjFjAwQBbjFw AwQA0gEjMCMEAgACMB0DBwAkBZgA0AMwEgMHACQFmADQBwMHACQFmADQCDANBgkq hkiG9w0BAQsFAAOCAQEANIRfM2iUVhk2oR0A/BRPYjQEvaq+DjOhtQwDqJLhn3Cg lepE4QvmvKl8DoKELQ1aJ2j63LJ+T6IdcNJL88h0jL0cwsdM+/k0Db9mue3Qy7K7 agFyVtYI9C9Ig7X6BlXuYDAw4jWmM48IJvLrs1lCFdikKycelNX8g6kK4Cs6XOAS tuiPaLf1iV7m3TwT0CvKxs+fbje6hmvMkmjRqO8L97ZmgEN3M+uavPZ3Ci+MZzDO v7mO14HZHDfUmptaHw3Z2UX989S45FLG0j1ks0bDHhIrQY4hpy9jpUIL15lpFfg8 VNVXxF6KWPVo/DLu0R5yc7fO98drjD4WuekEPAqjEw== -----END CERTIFICATE-----Generated at Mon Mar 2 11:59:54 2026 by rpki-client