$ rpki-client -vvf rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/1A52B0BA8A8811F0A0F59D1FC4F9AE02.roa File: 1A52B0BA8A8811F0A0F59D1FC4F9AE02.roa (raw, json) Hash identifier: 642qMptlwjFSXeZbijvnePZpTrHi9JK48jfMXFMB+wk= Subject key identifier: AE:AE:B3:DA:3E:AD:CC:C7:82:92:D9:5F:6E:B6:A7:C4:0C:33:8D:6C Certificate issuer: /CN=A9123059/serialNumber=497BB72718279DBCC985DBA6D39B36567F44E7AA Certificate serial: 70 Authority key identifier: 49:7B:B7:27:18:27:9D:BC:C9:85:DB:A6:D3:9B:36:56:7F:44:E7:AA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SXu3JxgnnbzJhdum05s2Vn9E56o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/1A52B0BA8A8811F0A0F59D1FC4F9AE02.roa Signing time: Mon 02 Mar 2026 13:18:22 +0000 ROA not before: Tue 27 Jan 2026 06:25:20 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 399480 IP address blocks: 192.138.118.0/23 maxlen: 24 192.138.120.0/22 maxlen: 24 192.138.124.0/23 maxlen: 24 192.153.221.0/24 maxlen: 24 192.153.222.0/23 maxlen: 24 192.153.224.0/22 maxlen: 24 192.153.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/SXu3JxgnnbzJhdum05s2Vn9E56o.crl rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/SXu3JxgnnbzJhdum05s2Vn9E56o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SXu3JxgnnbzJhdum05s2Vn9E56o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 13:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 112 (0x70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123059, serialNumber=497BB72718279DBCC985DBA6D39B36567F44E7AA Validity Not Before: Jan 27 06:25:20 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a58e1d-8e37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:52:55:e6:ac:8e:03:40:a7:7c:b0:8d:81:39: fd:dd:df:b7:cb:dc:91:c7:10:ac:4a:20:a0:af:eb: 3e:0c:d0:05:62:dd:59:be:93:60:0a:33:62:4a:e4: 3a:a9:78:31:1b:d8:30:73:9f:1a:57:f2:75:30:cf: ba:34:c3:8f:a1:8b:c5:bf:3f:eb:e8:db:93:a4:71: 6c:60:32:19:3c:61:f9:ec:cd:f7:07:89:4d:9e:6a: 77:8f:38:e6:4b:56:94:b0:62:77:ee:87:39:6a:e6: 33:22:9e:ef:8a:12:9b:9c:44:c4:c3:aa:ef:e2:04: f1:fd:4d:65:e4:8b:34:2d:7a:75:02:ba:93:8f:73: 2a:34:7b:58:8a:17:f3:d0:b0:06:65:a4:4d:3f:50: 5f:c8:6c:58:ce:8a:32:b3:48:f6:95:98:35:ef:e8: 98:86:93:51:f5:e4:8c:01:99:d7:5d:09:a5:15:42: 0d:54:ef:70:43:19:08:e5:c6:02:ce:c9:10:61:17: 45:d6:33:0c:a2:67:05:10:29:60:e9:d8:b4:de:c5: 41:29:41:30:82:c9:66:91:b4:78:35:32:ea:7f:c4: 1e:cc:5f:7e:a5:30:e3:bd:34:83:b4:31:90:ba:18: 5c:30:c1:2b:06:e9:4b:99:d2:b5:7f:e4:17:d2:67: 03:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:AE:B3:DA:3E:AD:CC:C7:82:92:D9:5F:6E:B6:A7:C4:0C:33:8D:6C X509v3 Authority Key Identifier: keyid:49:7B:B7:27:18:27:9D:BC:C9:85:DB:A6:D3:9B:36:56:7F:44:E7:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/SXu3JxgnnbzJhdum05s2Vn9E56o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/SXu3JxgnnbzJhdum05s2Vn9E56o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123059/B2CEA7F679F611F09CE9C328C4F9AE02/1A52B0BA8A8811F0A0F59D1FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 192.138.118.0-192.138.125.255 192.153.221.0-192.153.228.255 Signature Algorithm: sha256WithRSAEncryption 31:9f:76:5f:46:aa:07:25:f1:cc:7d:e2:ee:e6:bd:9a:99:a4: 36:53:b7:3d:ec:5a:44:55:e5:55:82:7f:e9:ff:52:ca:27:d1: 21:bb:2c:a3:88:f5:25:1e:35:a7:77:4f:35:62:fc:d8:b0:3b: 56:f2:81:a1:1d:56:a7:f8:d5:8f:6a:4c:61:0e:7b:dd:72:6d: 04:9c:b5:e5:3f:ee:67:44:1c:f0:f8:6a:ad:96:35:38:21:b3: 6d:4a:c9:59:c3:2f:fc:2c:c7:c1:66:8f:17:17:b9:9b:66:b0: b5:0b:66:d9:a2:1c:7c:4c:22:9a:e1:8e:38:17:c8:a6:36:59: a0:9b:eb:b3:ec:91:8d:2b:9e:70:e2:a0:16:ab:4e:38:a3:a3: de:68:59:35:25:54:f1:ee:2b:de:45:54:71:27:b9:b2:ce:92: 8a:7b:83:3b:06:5c:a3:b9:9e:e6:7a:2c:eb:5f:b8:8a:19:be: 5f:17:02:ba:38:41:40:71:03:e6:68:d5:dd:e7:97:0e:69:50: a0:1e:ec:00:51:07:86:52:1a:3a:d2:6c:a3:6e:3c:aa:4d:bc: c6:a9:19:42:d6:9c:5d:b2:e1:43:b4:04:78:aa:88:c8:07:ca: 6e:0d:d2:91:8e:e9:51:87:59:bc:c7:d0:40:e0:db:ca:36:54: 32:cd:45:99 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy MzA1OTExMC8GA1UEBRMoNDk3QkI3MjcxODI3OURCQ0M5ODVEQkE2RDM5QjM2NTY3 RjQ0RTdBQTAeFw0yNjAxMjcwNjI1MjBaFw0yNzAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTU4ZTFkLThlMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCjUlXmrI4DQKd8sI2BOf3d37fL3JHHEKxKIKCv6z4M0AVi3Vm+k2AKM2JK5Dqp eDEb2DBznxpX8nUwz7o0w4+hi8W/P+vo25OkcWxgMhk8YfnszfcHiU2eanePOOZL VpSwYnfuhzlq5jMinu+KEpucRMTDqu/iBPH9TWXkizQtenUCupOPcyo0e1iKF/PQ sAZlpE0/UF/IbFjOijKzSPaVmDXv6JiGk1H15IwBmdddCaUVQg1U73BDGQjlxgLO yRBhF0XWMwyiZwUQKWDp2LTexUEpQTCCyWaRtHg1Mup/xB7MX36lMOO9NIO0MZC6 GFwwwSsG6UuZ0rV/5BfSZwPxAgMBAAGjggJ2MIICcjAdBgNVHQ4EFgQUrq6z2j6t zMeCktlfbranxAwzjWwwHwYDVR0jBBgwFoAUSXu3JxgnnbzJhdum05s2Vn9E56ow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIzMDU5L0IyQ0VBN0Y2NzlG NjExRjA5Q0U5QzMyOEM0RjlBRTAyL1NYdTNKeGdubmJ6SmhkdW0wNXMyVm45RTU2 by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvU1h1M0p4Z25uYnpKaGR1bTA1czJWbjlFNTZvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzA1OS9CMkNFQTdGNjc5RjYxMUYwOUNFOUMzMjhDNEY5QUUwMi8xQTUyQjBCQThB ODgxMUYwQTBGNTlEMUZDNEY5QUUwMi5yb2EwNQYIKwYBBQUHAQcBAf8EJjAkMCIE AgABMBwwDAMEAcCKdgMEAcCKfDAMAwQAwJndAwQAwJnkMA0GCSqGSIb3DQEBCwUA A4IBAQAxn3ZfRqoHJfHMfeLu5r2amaQ2U7c97FpEVeVVgn/p/1LKJ9EhuyyjiPUl HjWnd081YvzYsDtW8oGhHVan+NWPakxhDnvdcm0EnLXlP+5nRBzw+GqtljU4IbNt SslZwy/8LMfBZo8XF7mbZrC1C2bZohx8TCKa4Y44F8imNlmgm+uz7JGNK55w4qAW q044o6PeaFk1JVTx7iveRVRxJ7myzpKKe4M7BlyjuZ7meizrX7iKGb5fFwK6OEFA cQPmaNXd55cOaVCgHuwAUQeGUho60myjbjyqTbzGqRlC1pxdsuFDtAR4qojIB8pu DdKRjulRh1m8x9BA4NvKNlQyzUWZ -----END CERTIFICATE-----Generated at Mon Mar 2 20:15:26 2026 by rpki-client