$ rpki-client -vvf rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CAB0B6B2F7C311EA8A722484C4F9AE02.roa File: CAB0B6B2F7C311EA8A722484C4F9AE02.roa (raw, json) Hash identifier: /xCNBqLNz0L8cDqpYEQMnHLgfzVahak+S8dk9Uan5oM= Subject key identifier: 3D:15:AE:0A:8D:E6:79:6A:69:46:14:23:3D:37:13:FE:67:E4:F0:53 Certificate issuer: /CN=A917AAAD/serialNumber=D617D4710482C7F775752057DC8682259B319C78 Certificate serial: 0868 Authority key identifier: D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CAB0B6B2F7C311EA8A722484C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:51:17 +0000 ROA not before: Wed 22 Oct 2025 22:10:08 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 17977 IP address blocks: 120.72.64.0/20 maxlen: 20 203.173.64.0/20 maxlen: 20 2404:1000::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 22:45:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2152 (0x868) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AAAD, serialNumber=D617D4710482C7F775752057DC8682259B319C78 Validity Not Before: Oct 22 22:10:08 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a45265-9e6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:06:02:d1:fe:ab:16:83:a0:a7:90:c8:36:07: a2:b0:3e:28:4d:8a:9f:4e:ee:a6:f5:c1:f7:7d:fe: 0d:cc:bc:4a:18:76:db:3b:74:2c:e4:8a:11:0f:25: 7b:0d:0e:39:3c:36:49:ae:39:0f:ff:92:5c:78:1d: d4:cd:5f:aa:f2:7a:e4:a5:0d:77:99:a5:73:cd:40: 30:6f:43:4f:ec:34:00:05:79:78:3d:db:65:7a:d2: b4:c9:b1:62:be:ff:c5:53:52:33:fe:bb:04:ee:1e: a4:2d:83:3f:b5:3d:76:d8:7d:95:f1:ff:a5:d1:39: 5b:57:2e:39:ef:ad:ae:df:9f:30:c2:66:a5:9a:81: 85:62:9d:e6:e9:8c:0f:cd:7b:a5:02:62:1a:16:93: ee:80:e4:f8:50:af:b8:95:0d:c9:be:cf:31:9e:dc: 0e:ce:24:3a:00:67:41:5b:8d:c7:33:8d:21:11:b5: 81:46:7a:df:3f:34:88:50:cf:06:39:17:0e:49:33: 4b:24:c9:1f:92:eb:d5:33:bb:b1:7a:98:4b:96:11: 7e:f2:5d:b5:0d:da:fa:7c:5e:3b:15:a3:d5:0f:3a: 5d:e0:95:4d:81:e6:a3:4f:78:57:8e:55:99:e0:df: d6:20:52:2f:26:42:46:c7:fc:e9:94:4a:97:ce:59: e2:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:15:AE:0A:8D:E6:79:6A:69:46:14:23:3D:37:13:FE:67:E4:F0:53 X509v3 Authority Key Identifier: keyid:D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CAB0B6B2F7C311EA8A722484C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.72.64.0/20 203.173.64.0/20 IPv6: 2404:1000::/32 Signature Algorithm: sha256WithRSAEncryption 3e:f1:3e:f1:c4:b1:c9:92:8a:f9:3f:10:83:41:57:8e:d9:d6: d5:14:ea:ee:24:d6:e3:75:bf:ba:5a:d0:6a:2b:36:54:6b:c5: dc:d2:f3:8d:04:a4:87:57:64:4e:48:6a:c2:be:24:00:1d:53: 8d:48:69:00:4b:1d:fb:e8:a5:cd:45:0e:ad:ba:7c:fd:fc:bb: 24:29:2e:10:36:1f:13:da:29:e1:23:7b:70:3f:6f:f2:cf:e7: b7:5f:74:3e:5b:31:f3:81:c2:25:1d:55:fe:3f:42:56:06:c2: 45:a9:ec:ec:f4:d0:61:6a:2c:99:c9:49:cb:0d:b1:11:b5:90: 7b:c1:48:49:30:91:66:5f:ef:82:4a:18:3b:63:9f:76:40:a0: 95:dc:3b:66:3b:f8:94:df:12:a8:80:3e:52:e7:b1:e0:6d:e6: c7:ee:49:f2:b7:3a:e9:2b:b3:94:3a:fd:a9:c5:57:35:5e:26: ee:66:60:a6:e1:47:69:e8:29:47:08:02:ae:52:da:85:80:e3: b9:42:6c:ff:d3:b7:d9:f1:52:d8:79:e1:cc:cb:52:78:97:63: b9:13:a9:13:1e:8d:b5:8e:aa:29:f3:59:ec:90:48:34:3d:1e: 09:65:77:54:ac:a8:00:0a:fc:c2:60:c1:f6:f3:04:de:25:16: 3d:11:87:50 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICCGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FBQUQxMTAvBgNVBAUTKEQ2MTdENDcxMDQ4MkM3Rjc3NTc1MjA1N0RDODY4MjI1 OUIzMTlDNzgwHhcNMjUxMDIyMjIxMDA4WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTI2NS05ZTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5gYC0f6rFoOgp5DINgeisD4oTYqfTu6m9cH3ff4NzLxKGHbbO3Qs5IoRDyV7 DQ45PDZJrjkP/5JceB3UzV+q8nrkpQ13maVzzUAwb0NP7DQABXl4PdtletK0ybFi vv/FU1Iz/rsE7h6kLYM/tT122H2V8f+l0TlbVy45762u358wwmalmoGFYp3m6YwP zXulAmIaFpPugOT4UK+4lQ3Jvs8xntwOziQ6AGdBW43HM40hEbWBRnrfPzSIUM8G ORcOSTNLJMkfkuvVM7uxephLlhF+8l21Ddr6fF47FaPVDzpd4JVNgeajT3hXjlWZ 4N/WIFIvJkJGx/zplEqXzlniiwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFD0VrgqN 5nlqaUYUIz03E/5n5PBTMB8GA1UdIwQYMBaAFNYX1HEEgsf3dXUgV9yGgiWbMZx4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUFBRC9FM0IyQjY0NEY3 QzExMUVBODI3NUNCNjZDNEY5QUUwMi8xaGZVY1FTQ3hfZDFkU0JYM0lhQ0pac3hu SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFoZlVjUVNDeF9kMWRTQlgzSWFDSlpzeG5IZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0FBQUQvRTNCMkI2NDRGN0MxMTFFQTgyNzVDQjY2QzRGOUFFMDIvQ0FCMEI2QjJG N0MzMTFFQThBNzIyNDg0QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQEeEhAAwQEy61AMA0EAgACMAcDBQAkBBAAMA0GCSqGSIb3DQEBCwUA A4IBAQA+8T7xxLHJkor5PxCDQVeO2dbVFOruJNbjdb+6WtBqKzZUa8Xc0vONBKSH V2ROSGrCviQAHVONSGkASx376KXNRQ6tunz9/LskKS4QNh8T2inhI3twP2/yz+e3 X3Q+WzHzgcIlHVX+P0JWBsJFqezs9NBhaiyZyUnLDbERtZB7wUhJMJFmX++CShg7 Y592QKCV3DtmO/iU3xKogD5S57HgbebH7knytzrpK7OUOv2pxVc1XibuZmCm4Udp 6ClHCAKuUtqFgOO5Qmz/07fZ8VLYeeHMy1J4l2O5E6kTHo21jqop81nskEg0PR4J ZXdUrKgACvzCYMH28wTeJRY9EYdQ -----END CERTIFICATE-----Generated at Mon Mar 2 22:19:38 2026 by rpki-client