$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/DFBA2ED05EA611ECB7A8FE42C4F9AE02.roa File: DFBA2ED05EA611ECB7A8FE42C4F9AE02.roa (raw, json) Hash identifier: JT15a+4ClKlkKcBCUj32x1l/TnIkdyV9MyMPtGz48Vg= Subject key identifier: EC:51:51:21:01:DD:A1:04:20:08:1B:A7:59:34:0B:F5:74:EA:9C:46 Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Certificate serial: 2BBA Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/DFBA2ED05EA611ECB7A8FE42C4F9AE02.roa Signing time: Sun 01 Mar 2026 19:22:59 +0000 ROA not before: Fri 02 Jan 2026 16:13:05 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 136538 IP address blocks: 49.229.120.0/22 maxlen: 24 49.229.124.0/22 maxlen: 24 49.229.128.0/21 maxlen: 24 49.229.136.0/21 maxlen: 24 49.229.144.0/22 maxlen: 24 49.229.148.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 15:46:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11194 (0x2bba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911BD54, serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C Validity Not Before: Jan 2 16:13:05 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a49213-1fe6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:bf:8b:e5:85:5e:fa:90:d8:b3:d8:69:07:ce: ac:db:4a:f2:31:2d:21:91:9e:3a:13:4d:6a:45:ee: a4:77:fd:cc:a9:3b:a7:53:e0:ce:3e:fd:a5:bd:85: d7:86:b5:39:7a:37:72:fc:d9:4a:71:e9:78:97:20: 14:76:c8:68:51:d9:a8:0b:4a:a1:77:97:df:23:0a: da:f2:23:3d:27:32:5a:ff:c9:30:63:d0:2c:0b:41: 7a:59:ad:8c:04:87:71:cf:fa:ca:a4:0c:0f:5e:71: 2a:b5:4b:36:4a:67:59:c0:f0:2a:2e:52:d9:80:d6: 65:ea:8d:30:1f:2b:e3:d4:7b:c9:60:de:f0:fc:97: 82:eb:12:36:95:f3:42:82:a8:31:00:a1:32:1c:47: a2:34:a2:f0:01:63:90:95:03:94:90:d5:42:e3:8a: 7b:57:13:05:7e:ca:fe:7a:4b:59:a9:02:34:9b:d2: bb:a4:cd:56:35:7a:ce:1f:02:37:69:6f:5c:3b:4a: 71:69:b2:8d:32:1c:52:ac:19:ec:e8:b1:51:2e:58: c8:c0:0a:78:d6:98:f0:5c:ae:b0:5a:fc:bc:7a:4b: 5f:c1:51:76:64:c2:3f:27:d7:c5:80:5d:bc:e7:31: 21:02:1f:1c:82:b4:72:49:c9:51:94:72:63:d1:80: fc:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:51:51:21:01:DD:A1:04:20:08:1B:A7:59:34:0B:F5:74:EA:9C:46 X509v3 Authority Key Identifier: keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/DFBA2ED05EA611ECB7A8FE42C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 49.229.120.0-49.229.151.255 Signature Algorithm: sha256WithRSAEncryption ab:c8:39:27:99:4c:31:30:7c:10:b3:5c:82:7c:5d:b1:d4:14: 33:32:ab:fd:69:35:48:5f:08:cd:51:a4:21:f4:92:c1:0a:0b: 0c:d8:24:5f:09:5e:5f:f2:a5:87:77:92:47:f2:66:31:a9:86: 28:2a:8e:2b:e4:5b:62:48:b1:4c:16:b2:1f:3f:93:b2:15:9d: f8:74:32:8c:47:9d:d0:9d:79:d4:e2:15:25:71:ab:cc:4d:11: d7:1c:14:44:11:97:2c:b5:7d:de:76:bd:08:09:37:3c:b8:eb: c2:bc:41:a5:b5:2c:a4:97:86:af:31:a6:d6:82:ff:68:f1:66: 15:34:2e:50:b6:d7:f3:17:86:60:e6:aa:56:e0:6e:a3:fc:69: de:3a:2b:6e:38:04:c3:ea:3a:16:a9:9e:e0:e0:5a:69:9c:b2: 48:60:ce:a4:90:ec:6d:12:51:ea:fe:d7:70:cf:e5:fb:a8:dd: eb:a6:70:c1:14:1c:5a:66:0b:8e:de:a7:bc:9f:07:ca:25:fa: 57:b4:76:03:ba:0f:cf:64:c6:e3:01:93:28:1f:d0:51:97:7a: f6:e4:e1:70:57:d3:6b:f3:0e:fc:bd:01:cb:0e:39:39:ab:fb: ca:39:a0:da:68:5b:58:11:97:0d:56:90:8b:3e:cd:0c:1e:fe: c2:e0:7d:64 -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgICK7owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2 QUYyMDcxNUMwHhcNMjYwMTAyMTYxMzA1WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OTIxMy0xZmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1b+L5YVe+pDYs9hpB86s20ryMS0hkZ46E01qRe6kd/3MqTunU+DOPv2lvYXX hrU5ejdy/NlKcel4lyAUdshoUdmoC0qhd5ffIwra8iM9JzJa/8kwY9AsC0F6Wa2M BIdxz/rKpAwPXnEqtUs2SmdZwPAqLlLZgNZl6o0wHyvj1HvJYN7w/JeC6xI2lfNC gqgxAKEyHEeiNKLwAWOQlQOUkNVC44p7VxMFfsr+ektZqQI0m9K7pM1WNXrOHwI3 aW9cO0pxabKNMhxSrBns6LFRLljIwAp41pjwXK6wWvy8ektfwVF2ZMI/J9fFgF28 5zEhAh8cgrRySclRlHJj0YD8oQIDAQABo4ICaDCCAmQwHQYDVR0OBBYEFOxRUSEB 3aEEIAgbp1k0C/V06pxGMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvREZCQTJFRDA1 RUE2MTFFQ0I3QThGRTQyQzRGOUFFMDIucm9hMCcGCCsGAQUFBwEHAQH/BBgwFjAU BAIAATAOMAwDBAMx5XgDBAMx5ZAwDQYJKoZIhvcNAQELBQADggEBAKvIOSeZTDEw fBCzXIJ8XbHUFDMyq/1pNUhfCM1RpCH0ksEKCwzYJF8JXl/ypYd3kkfyZjGphigq jivkW2JIsUwWsh8/k7IVnfh0MoxHndCdedTiFSVxq8xNEdccFEQRlyy1fd52vQgJ Nzy468K8QaW1LKSXhq8xptaC/2jxZhU0LlC21/MXhmDmqlbgbqP8ad46K244BMPq OhapnuDgWmmcskhgzqSQ7G0SUer+13DP5fuo3eumcMEUHFpmC47ep7yfB8ol+le0 dgO6D89kxuMBkygf0FGXevbk4XBX02vzDvy9AcsOOTmr+8o5oNpoW1gRlw1WkIs+ zQwe/sLgfWQ= -----END CERTIFICATE-----Generated at Mon Mar 2 19:26:09 2026 by rpki-client