$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/5A6EF3DCF25811ECB8BB9A10C4F9AE02.roa File: 5A6EF3DCF25811ECB8BB9A10C4F9AE02.roa (raw, json) Hash identifier: 3y3qqttRNzkIA0ZSdQR8r2uGIjunaPuppRaKb4v6wu0= Subject key identifier: A1:B9:D5:2F:95:AA:F9:97:D2:D3:76:35:A2:FB:89:84:21:21:4D:F8 Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 2BD9 Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/5A6EF3DCF25811ECB8BB9A10C4F9AE02.roa Signing time: Sun 01 Mar 2026 19:23:26 +0000 ROA not before: Fri 02 Jan 2026 16:13:36 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 38444 IP address blocks: 49.229.0.0/23 maxlen: 23 49.229.2.0/23 maxlen: 23 110.49.0.0/16 maxlen: 16 110.49.128.0/17 maxlen: 23 110.49.128.0/19 maxlen: 24 110.49.160.0/21 maxlen: 24 110.49.168.0/24 maxlen: 24 110.49.170.0/23 maxlen: 24 110.49.172.0/22 maxlen: 24 110.49.176.0/20 maxlen: 24 110.49.192.0/18 maxlen: 24 119.31.0.0/17 maxlen: 24 202.149.24.0/21 maxlen: 24 2001:44c8:a000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:40:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11225 (0x2bd9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54, serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: Jan 2 16:13:36 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a4922e-bbe7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:a8:d3:68:4c:9d:75:a5:b8:fb:ce:49:77:37: a5:13:81:23:30:ef:01:78:d7:12:e7:9f:90:23:33: 3b:dc:48:eb:5e:e5:b0:b7:c7:d5:7a:bc:f0:ed:bc: 88:1c:5c:09:77:97:fa:ff:04:f2:36:1e:ab:20:83: e6:fd:a3:d8:62:8d:36:a3:34:83:57:40:ba:23:a6: 21:5d:dd:51:5d:f3:27:e4:d5:71:16:a4:ba:df:e3: 4c:78:ac:45:19:67:e3:41:ec:4b:e6:21:62:a4:ec: ff:57:0d:83:30:ef:c2:df:62:8c:52:44:e7:1b:31: f7:27:b9:ed:63:cf:e5:3f:6d:26:21:5f:ba:55:20: fd:66:33:8c:53:d1:51:c1:88:8c:cd:ca:75:c2:fa: 8c:00:fb:77:e0:40:3f:b1:f4:e0:c8:b5:fd:ec:b8: ba:ad:47:9b:a2:c0:ba:16:af:f6:32:bd:76:f7:7e: e1:df:93:69:cc:49:84:b6:d1:76:ac:2d:2c:b1:d8: 3b:8e:02:18:d2:d9:fb:ed:de:43:0c:e4:fd:d9:dd: 8c:b0:4a:ec:39:b6:bb:b3:95:21:8d:f2:e7:82:03: 3b:e6:ad:0f:94:37:ac:3a:a8:ac:4a:aa:2a:6f:55: 30:ff:11:29:52:b0:ba:38:02:83:07:19:cd:1f:c8: ea:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:B9:D5:2F:95:AA:F9:97:D2:D3:76:35:A2:FB:89:84:21:21:4D:F8 X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/5A6EF3DCF25811ECB8BB9A10C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 49.229.0.0/22 110.49.0.0/16 119.31.0.0/17 202.149.24.0/21 IPv6: 2001:44c8:a000::/36 Signature Algorithm: sha256WithRSAEncryption 32:73:4b:51:3f:71:a1:a7:b0:ef:e9:e6:33:3e:8f:f2:cf:d2: 86:da:9b:f6:36:4c:2c:58:38:f0:0c:68:42:89:09:fc:0f:8d: a2:c2:07:46:3c:80:af:af:fd:9e:23:ca:31:e3:08:16:6b:1a: bf:a9:2e:b3:02:56:ce:2a:de:f0:87:95:86:29:4f:91:a7:30: c4:66:f6:d5:c9:23:10:ff:6a:d1:56:27:6a:46:57:74:04:fa: a8:07:4d:53:1c:a9:b7:7d:84:ca:4d:94:a3:e7:ff:87:a3:01: 57:28:82:44:9c:7e:86:0d:b7:0b:4f:10:5f:87:b3:80:b3:b1: 50:66:35:a3:f5:81:5b:bf:5f:2c:e6:41:9f:4b:f5:77:3b:6b: 56:7e:36:ce:34:86:3b:d7:92:10:6b:c0:e6:a7:d8:4f:ca:37: 29:47:ca:f4:2b:d5:f2:04:c2:02:8a:e8:a0:f3:f6:2c:28:a0: 3e:d8:4c:1b:b2:da:84:3e:4e:94:6b:1a:d7:1a:0e:b3:0b:db: e5:06:f6:eb:2e:ff:62:e2:28:7f:b0:0d:78:82:ab:52:a5:52: 46:ad:03:fb:ad:e3:2d:2e:7e:62:7f:64:cf:19:cd:f4:0b:4d: 6d:82:54:ac:33:8a:05:a1:43:95:eb:a0:cc:12:24:26:b2:b6: 0a:2c:3b:04 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgICK9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjYwMTAyMTYxMzM2WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OTIyZS1iYmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAhKjTaEyddaW4+85JdzelE4EjMO8BeNcS55+QIzM73EjrXuWwt8fVerzw7byI HFwJd5f6/wTyNh6rIIPm/aPYYo02ozSDV0C6I6YhXd1RXfMn5NVxFqS63+NMeKxF GWfjQexL5iFipOz/Vw2DMO/C32KMUkTnGzH3J7ntY8/lP20mIV+6VSD9ZjOMU9FR wYiMzcp1wvqMAPt34EA/sfTgyLX97Li6rUebosC6Fq/2Mr12937h35NpzEmEttF2 rC0ssdg7jgIY0tn77d5DDOT92d2MsErsOba7s5UhjfLnggM75q0PlDesOqisSqoq b1Uw/xEpUrC6OAKDBxnNH8jqewIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFKG51S+V qvmX0tN2NaL7iYQhIU34MB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvNUE2RUYzRENG MjU4MTFFQ0I4QkI5QTEwQzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAd BAIAATAXAwQCMeUAAwMAbjEDBAd3HwADBAPKlRgwDgQCAAIwCAMGBCABRMigMA0G CSqGSIb3DQEBCwUAA4IBAQAyc0tRP3Ghp7Dv6eYzPo/yz9KG2pv2NkwsWDjwDGhC iQn8D42iwgdGPICvr/2eI8ox4wgWaxq/qS6zAlbOKt7wh5WGKU+RpzDEZvbVySMQ /2rRVidqRld0BPqoB01THKm3fYTKTZSj5/+HowFXKIJEnH6GDbcLTxBfh7OAs7FQ ZjWj9YFbv18s5kGfS/V3O2tWfjbONIY715IQa8Dmp9hPyjcpR8r0K9XyBMICiuig 8/YsKKA+2EwbstqEPk6UaxrXGg6zC9vlBvbrLv9i4ih/sA14gqtSpVJGrQP7reMt Ln5if2TPGc30C01tglSsM4oFoUOV66DMEiQmsrYKLDsE -----END CERTIFICATE-----Generated at Mon Mar 2 06:36:15 2026 by rpki-client