$ rpki-client -vvf rpki.apnic.net/member_repository/A912598D/AE883668C8EC11F099D8AB45C4F9AE02/B17823E6C92411F09DCC8126C4F9AE02.roa File: B17823E6C92411F09DCC8126C4F9AE02.roa (raw, json) Hash identifier: d4byGVZuBDPHHV4mRW8FS73gbpeL9gIriIfIPhZnw/0= Subject key identifier: 04:30:E1:11:B7:64:BB:57:B1:EF:88:97:85:A0:C9:32:3C:98:BF:3A Certificate issuer: /CN=A912598D/serialNumber=1A5B00597C8D7B61FBBEFEC5B944FE6F9C63E220 Certificate serial: 3F Authority key identifier: 1A:5B:00:59:7C:8D:7B:61:FB:BE:FE:C5:B9:44:FE:6F:9C:63:E2:20 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GlsAWXyNe2H7vv7FuUT-b5xj4iA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912598D/AE883668C8EC11F099D8AB45C4F9AE02/B17823E6C92411F09DCC8126C4F9AE02.roa Signing time: Sun 01 Mar 2026 06:06:53 +0000 ROA not before: Mon 24 Nov 2025 10:59:48 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 139591 IP address blocks: 209.15.120.0/24 maxlen: 24 209.15.121.0/24 maxlen: 24 209.15.122.0/24 maxlen: 24 209.15.123.0/24 maxlen: 24 209.15.124.0/24 maxlen: 24 209.15.125.0/24 maxlen: 24 209.15.126.0/24 maxlen: 24 209.15.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912598D/AE883668C8EC11F099D8AB45C4F9AE02/GlsAWXyNe2H7vv7FuUT-b5xj4iA.crl rsync://rpki.apnic.net/member_repository/A912598D/AE883668C8EC11F099D8AB45C4F9AE02/GlsAWXyNe2H7vv7FuUT-b5xj4iA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GlsAWXyNe2H7vv7FuUT-b5xj4iA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:16:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63 (0x3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912598D, serialNumber=1A5B00597C8D7B61FBBEFEC5B944FE6F9C63E220 Validity Not Before: Nov 24 10:59:48 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a3d77d-0b58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:d4:bf:b1:7b:fe:39:59:fc:62:bc:4c:6a:69: 7c:b5:13:eb:79:be:2a:9c:6d:a9:77:b2:4f:8c:72: 59:7e:10:45:d6:43:ef:f1:af:aa:30:82:1f:d4:22: 28:9f:11:9d:cb:f7:f2:46:f3:9c:28:bf:23:3b:e4: eb:c6:9d:07:cc:08:58:ed:08:cf:00:50:d8:c8:f2: bc:da:9b:fb:72:28:a9:86:4f:5d:c7:66:9b:b7:6f: cb:4e:72:73:70:4f:10:61:3d:7a:86:e1:66:e0:d5: 3f:34:a6:ed:85:63:2f:25:0d:ed:43:8c:da:77:3d: 76:63:1d:96:6c:f9:dc:78:3c:80:43:6a:87:65:6a: 32:19:5e:e8:d8:c3:1f:8b:b9:63:1b:4a:d2:9d:33: fe:8c:94:ef:2d:ff:b4:db:a1:2b:ea:46:6f:97:a2: 32:0b:c9:88:aa:02:e9:1c:9f:aa:07:13:eb:36:e4: 3b:8d:b4:b6:04:27:46:65:d5:bc:07:8c:bc:68:c2: 32:93:1f:58:1d:ec:dd:84:3f:c6:ea:66:19:75:aa: 37:48:87:9f:4d:4d:68:2b:a6:05:77:42:5c:ec:d9: 12:a4:cf:dd:0a:72:46:7a:ae:c5:b2:ec:78:54:e8: a0:c7:98:f9:d1:65:b3:f1:ce:3a:ee:f7:82:63:0a: 95:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:30:E1:11:B7:64:BB:57:B1:EF:88:97:85:A0:C9:32:3C:98:BF:3A X509v3 Authority Key Identifier: keyid:1A:5B:00:59:7C:8D:7B:61:FB:BE:FE:C5:B9:44:FE:6F:9C:63:E2:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912598D/AE883668C8EC11F099D8AB45C4F9AE02/GlsAWXyNe2H7vv7FuUT-b5xj4iA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/GlsAWXyNe2H7vv7FuUT-b5xj4iA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912598D/AE883668C8EC11F099D8AB45C4F9AE02/B17823E6C92411F09DCC8126C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 209.15.120.0/21 Signature Algorithm: sha256WithRSAEncryption 4f:37:b4:95:77:f0:42:5e:21:8f:e4:31:ac:9b:02:9a:1d:d5: 31:28:e9:ab:9f:45:6f:43:78:50:ad:19:ef:7a:58:e7:39:0e: c1:c5:73:c6:4c:bb:ac:c9:4e:98:16:7f:5c:aa:48:98:5c:09: 29:88:86:62:74:7c:3e:ad:82:2c:00:62:77:36:2c:07:f0:26: 8f:08:91:54:8c:9f:78:d9:0c:62:84:7d:7c:63:37:5b:fb:8a: bb:64:0a:aa:29:7f:67:83:ce:0c:f5:0d:61:50:8f:0e:80:cc: 14:9f:cb:bf:fc:ff:75:73:f9:f6:d2:ad:1b:6f:90:68:7a:84: 76:5a:e6:78:dd:db:2a:03:2d:6c:ba:95:e7:18:d7:c7:b1:28: a5:cc:ad:47:c6:2c:3b:b5:f9:7b:66:03:ce:62:e2:34:e8:0e: 8a:59:f5:b8:b5:52:cb:ef:1d:e5:26:1f:84:29:6d:c8:71:bc: 13:6f:24:f5:bf:98:e3:89:a7:8d:9a:2d:5c:ce:f5:5e:a2:e6: 46:28:62:47:9c:dd:1d:7e:e7:2d:95:ac:df:80:ca:d2:8d:00: a9:0c:11:25:0c:4e:c1:c1:d2:3a:b9:ec:f0:a0:c8:1d:d8:0b: a8:4f:9b:f3:b0:3b:19:52:16:cd:da:68:86:9b:22:69:56:53: 0c:2e:77:77 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy NTk4RDExMC8GA1UEBRMoMUE1QjAwNTk3QzhEN0I2MUZCQkVGRUM1Qjk0NEZFNkY5 QzYzRTIyMDAeFw0yNTExMjQxMDU5NDhaFw0yNzAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTNkNzdkLTBiNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCU1L+xe/45WfxivExqaXy1E+t5viqcbal3sk+Mcll+EEXWQ+/xr6owgh/UIiif EZ3L9/JG85wovyM75OvGnQfMCFjtCM8AUNjI8rzam/tyKKmGT13HZpu3b8tOcnNw TxBhPXqG4Wbg1T80pu2FYy8lDe1DjNp3PXZjHZZs+dx4PIBDaodlajIZXujYwx+L uWMbStKdM/6MlO8t/7TboSvqRm+XojILyYiqAukcn6oHE+s25DuNtLYEJ0Zl1bwH jLxowjKTH1gd7N2EP8bqZhl1qjdIh59NTWgrpgV3Qlzs2RKkz90KckZ6rsWy7HhU 6KDHmPnRZbPxzjru94JjCpVlAgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUBDDhEbdk u1ex74iXhaDJMjyYvzowHwYDVR0jBBgwFoAUGlsAWXyNe2H7vv7FuUT+b5xj4iAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI1OThEL0FFODgzNjY4QzhF QzExRjA5OUQ4QUI0NUM0RjlBRTAyL0dsc0FXWHlOZTJIN3Z2N0Z1VVQtYjV4ajRp QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvR2xzQVdYeU5lMkg3dnY3RnVVVC1iNXhqNGlBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NTk4RC9BRTg4MzY2OEM4RUMxMUYwOTlEOEFCNDVDNEY5QUUwMi9CMTc4MjNFNkM5 MjQxMUYwOURDQzgxMjZDNEY5QUUwMi5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBAPRD3gwDQYJKoZIhvcNAQELBQADggEBAE83tJV38EJeIY/kMaybApod 1TEo6aufRW9DeFCtGe96WOc5DsHFc8ZMu6zJTpgWf1yqSJhcCSmIhmJ0fD6tgiwA Ync2LAfwJo8IkVSMn3jZDGKEfXxjN1v7irtkCqopf2eDzgz1DWFQjw6AzBSfy7/8 /3Vz+fbSrRtvkGh6hHZa5njd2yoDLWy6lecY18exKKXMrUfGLDu1+XtmA85i4jTo DopZ9bi1UsvvHeUmH4QpbchxvBNvJPW/mOOJp42aLVzO9V6i5kYoYkec3R1+5y2V rN+AytKNAKkMESUMTsHB0jq57PCgyB3YC6hPm/OwOxlSFs3aaIabImlWUwwud3c= -----END CERTIFICATE-----Generated at Mon Mar 2 05:59:28 2026 by rpki-client