$ rpki-client -vvf rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CB42F018F7C311EA8A722484C4F9AE02.roa File: CB42F018F7C311EA8A722484C4F9AE02.roa (raw, json) Hash identifier: IxYVxX1BoFCHdIOrjAwAEmnCO+dNiZSE2wEYWsIxYD4= Subject key identifier: 89:A2:5E:E6:70:C5:60:4F:43:34:9D:74:C2:1F:60:3E:AD:76:3A:13 Certificate issuer: /CN=A917AAAD/serialNumber=D617D4710482C7F775752057DC8682259B319C78 Certificate serial: 0869 Authority key identifier: D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CB42F018F7C311EA8A722484C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:51:18 +0000 ROA not before: Wed 22 Oct 2025 22:10:09 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 7473 IP address blocks: 120.72.64.0/20 maxlen: 20 120.72.64.0/24 maxlen: 24 120.72.65.0/24 maxlen: 24 203.173.64.0/20 maxlen: 20 2404:1000::/32 maxlen: 32 2404:1000::/48 maxlen: 48 2404:1000:1::/48 maxlen: 48 2404:1000:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 22:45:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2153 (0x869) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AAAD, serialNumber=D617D4710482C7F775752057DC8682259B319C78 Validity Not Before: Oct 22 22:10:09 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a45266-bb2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c4:9f:35:6a:a2:c8:8f:62:ef:3a:2a:b0:30: 24:13:49:d4:8d:14:7a:bf:2b:ce:4a:69:4e:31:47: cc:30:d3:62:66:f2:c7:ee:ab:ab:87:29:12:53:2a: f5:6a:7c:f3:49:05:c6:8b:38:b9:37:81:3d:39:60: 78:22:90:41:5d:f4:9b:3c:59:61:39:b9:56:9e:84: 50:6a:79:24:b6:b1:0a:b9:1b:d3:69:36:b6:36:f4: eb:50:a6:6d:45:0a:ba:a5:52:6c:89:50:d4:ee:2b: ca:3b:ec:11:25:d4:5b:f1:7e:2c:c3:f3:24:0c:a7: 51:53:8e:40:37:f2:34:6a:ef:f0:8b:d5:6c:88:0a: 20:79:8f:17:77:6c:19:ae:b8:7b:ea:af:91:7c:93: 3c:10:ed:1f:87:8e:d2:6d:58:b4:1c:4a:db:d0:12: f4:8c:ed:7a:a4:91:a2:0d:ee:3a:6d:24:a9:45:04: 57:0c:2e:be:4e:d0:66:77:3e:6f:3b:7f:81:aa:3b: 5e:6a:b2:cb:7c:45:2f:32:32:92:16:02:e7:7a:df: ef:01:55:7c:ab:27:67:e2:40:8a:cf:f7:52:ac:2e: f0:0c:8f:90:57:2a:5d:b9:aa:fa:62:1f:08:ae:8f: 34:6c:e7:46:2b:06:fd:8b:e7:f0:4d:85:6c:47:1d: 59:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:A2:5E:E6:70:C5:60:4F:43:34:9D:74:C2:1F:60:3E:AD:76:3A:13 X509v3 Authority Key Identifier: keyid:D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/CB42F018F7C311EA8A722484C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.72.64.0/20 203.173.64.0/20 IPv6: 2404:1000::/32 Signature Algorithm: sha256WithRSAEncryption 6a:72:85:67:5a:04:77:71:0d:e5:18:49:5f:8e:dc:ba:b5:ed: 5c:50:1f:06:68:d3:53:a9:3f:f3:22:f1:90:28:41:38:60:00: 27:ce:ce:45:81:c1:c2:27:1e:5f:9a:1e:37:03:c8:08:8f:f5: f3:6c:a6:98:21:ba:ec:f2:80:3d:74:96:28:4a:49:a9:95:80: 4b:48:e1:9b:a7:67:aa:08:df:74:41:f2:d5:32:60:3b:94:52: 12:d2:b5:89:e3:ec:04:b6:7f:27:3d:76:66:f0:d9:8c:8a:cd: d9:e3:03:b6:ee:40:49:e1:03:68:55:da:fa:57:6a:e5:88:bc: f2:63:12:6e:75:e4:eb:c0:a4:7d:3f:6b:e2:20:c0:72:ce:23: 93:ff:da:cc:f8:18:34:6f:bb:08:79:ba:02:4c:cf:df:49:6f: 75:78:e8:1c:51:d3:42:bf:90:37:27:5a:0a:f6:74:e5:2f:93: 17:d5:61:fd:e4:e4:06:de:84:89:f0:dc:e2:ed:52:ef:13:49: bd:44:bc:4c:49:7b:00:a5:ab:0c:d2:66:48:de:a0:82:be:60: fb:21:ca:39:e4:8d:b2:6f:d5:51:47:32:7a:c7:fa:76:01:28: ac:91:07:0e:55:dc:e7:7e:24:e2:23:fe:15:6e:38:07:40:37: 9b:4b:3b:ec -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICCGkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FBQUQxMTAvBgNVBAUTKEQ2MTdENDcxMDQ4MkM3Rjc3NTc1MjA1N0RDODY4MjI1 OUIzMTlDNzgwHhcNMjUxMDIyMjIxMDA5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NTI2Ni1iYjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvsSfNWqiyI9i7zoqsDAkE0nUjRR6vyvOSmlOMUfMMNNiZvLH7qurhykSUyr1 anzzSQXGizi5N4E9OWB4IpBBXfSbPFlhOblWnoRQankktrEKuRvTaTa2NvTrUKZt RQq6pVJsiVDU7ivKO+wRJdRb8X4sw/MkDKdRU45AN/I0au/wi9VsiAogeY8Xd2wZ rrh76q+RfJM8EO0fh47SbVi0HErb0BL0jO16pJGiDe46bSSpRQRXDC6+TtBmdz5v O3+BqjtearLLfEUvMjKSFgLnet/vAVV8qydn4kCKz/dSrC7wDI+QVypduar6Yh8I ro80bOdGKwb9i+fwTYVsRx1ZNQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFImiXuZw xWBPQzSddMIfYD6tdjoTMB8GA1UdIwQYMBaAFNYX1HEEgsf3dXUgV9yGgiWbMZx4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUFBRC9FM0IyQjY0NEY3 QzExMUVBODI3NUNCNjZDNEY5QUUwMi8xaGZVY1FTQ3hfZDFkU0JYM0lhQ0pac3hu SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFoZlVjUVNDeF9kMWRTQlgzSWFDSlpzeG5IZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0FBQUQvRTNCMkI2NDRGN0MxMTFFQTgyNzVDQjY2QzRGOUFFMDIvQ0I0MkYwMThG N0MzMTFFQThBNzIyNDg0QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQEeEhAAwQEy61AMA0EAgACMAcDBQAkBBAAMA0GCSqGSIb3DQEBCwUA A4IBAQBqcoVnWgR3cQ3lGElfjty6te1cUB8GaNNTqT/zIvGQKEE4YAAnzs5FgcHC Jx5fmh43A8gIj/XzbKaYIbrs8oA9dJYoSkmplYBLSOGbp2eqCN90QfLVMmA7lFIS 0rWJ4+wEtn8nPXZm8NmMis3Z4wO27kBJ4QNoVdr6V2rliLzyYxJudeTrwKR9P2vi IMByziOT/9rM+Bg0b7sIeboCTM/fSW91eOgcUdNCv5A3J1oK9nTlL5MX1WH95OQG 3oSJ8Nzi7VLvE0m9RLxMSXsApasM0mZI3qCCvmD7Ico55I2yb9VRRzJ6x/p2ASis kQcOVdznfiTiI/4VbjgHQDebSzvs -----END CERTIFICATE-----Generated at Mon Mar 2 08:34:28 2026 by rpki-client