$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/42C9FE0C77ED11EBBFBAF568C4F9AE02.roa File: 42C9FE0C77ED11EBBFBAF568C4F9AE02.roa (raw, json) Hash identifier: FuSNDD+xnlKKj3JZ4a4xS6pO5oxAeYpmSs5sAAlMl3E= Subject key identifier: 83:0E:1C:32:E2:BD:23:BC:3B:0B:A5:D3:80:48:D8:7D:16:23:88:8A Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 1068 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/42C9FE0C77ED11EBBFBAF568C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:31:34 +0000 ROA not before: Fri 28 Feb 2025 19:29:43 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 19905 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:53:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4200 (0x1068) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 28 19:29:43 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a48606-2627 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:81:0f:1f:c9:79:78:dd:54:1f:25:f2:32:25: 9c:d9:2e:59:f8:bd:c4:00:34:8a:7f:ef:bb:db:b0: a1:27:29:63:15:00:1c:97:1d:fd:5c:58:e0:b9:ae: 62:37:c7:44:ce:98:80:8b:7b:fc:db:26:70:0f:b5: 2b:fb:62:90:a9:97:a8:f7:00:13:e9:b1:ea:e7:b4: 85:4b:dd:e8:b7:4d:a6:66:95:f8:21:9e:9d:bd:13: e5:19:79:54:f0:c7:ed:cf:8f:0a:8a:57:2a:80:b4: 1d:92:85:67:df:e8:db:9b:19:fc:52:c2:89:ed:7b: d9:21:d2:ca:fa:c5:1d:ef:f9:07:fc:ce:c3:a6:8b: 19:e1:10:a1:04:65:09:08:51:bf:49:ef:17:71:12: 17:9f:69:01:8c:4a:50:72:c1:f4:8f:d8:3a:b1:bd: c4:cf:f8:71:dd:07:c6:e7:ab:93:32:1f:57:55:85: c1:ce:b5:ff:4f:b5:59:ac:04:d3:a7:48:8f:61:b3: 29:6f:5f:5d:4a:30:30:14:e6:f0:da:2d:33:f8:11: c4:2c:fd:30:f5:b3:bf:5c:48:64:93:36:23:50:44: 3d:25:ba:6a:2e:d5:58:4d:e8:d3:7f:e3:8d:a2:6f: 1b:c6:e0:cd:8a:d9:ce:91:ff:5d:4a:64:a2:ef:48: c0:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:0E:1C:32:E2:BD:23:BC:3B:0B:A5:D3:80:48:D8:7D:16:23:88:8A X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/42C9FE0C77ED11EBBFBAF568C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 17:f1:21:16:d0:f7:61:52:94:bf:dc:37:7d:de:43:3b:ed:2d: ac:59:ca:b9:c9:46:84:cb:a7:b9:2f:1d:e5:c4:c3:43:71:61: 99:7d:af:88:eb:e8:46:51:18:a1:0a:79:c1:57:39:a5:b8:b3: 63:05:77:ef:ea:b4:60:ba:03:bc:d3:4b:4b:cd:6c:ec:07:1d: f8:35:6c:f9:74:2b:d1:bb:59:d7:44:5c:bf:07:cd:aa:9e:9b: e0:e2:95:9c:11:86:ce:e1:ac:af:aa:35:db:98:54:86:9c:46: b5:ce:0a:50:a9:62:5f:ed:c1:38:e9:0e:cc:6e:eb:25:39:da: be:e3:81:f5:a4:5b:3d:24:d7:6d:43:07:f2:07:de:c1:b3:a0: e4:19:9f:87:e4:65:63:66:1a:57:e5:39:96:dd:63:ca:be:2e: 20:b3:b7:6c:3c:3e:49:fd:cc:62:21:44:fd:a0:b6:d3:0b:64: 47:84:2b:7c:62:d6:dc:ba:18:7a:d8:81:c1:ec:10:80:da:c7: 66:fc:f8:91:21:c8:79:00:8e:4b:87:6c:53:76:b2:77:50:ca: da:91:9d:e3:3e:b8:12:97:2e:8a:63:1b:50:0d:1a:3c:e1:e2: b6:02:d8:93:2c:c7:ec:09:ad:f5:a0:9a:19:2e:79:b3:8d:59: 8d:fc:67:e3 -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgICEGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkyOTQzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODYwNi0yNjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoIEPH8l5eN1UHyXyMiWc2S5Z+L3EADSKf++727ChJyljFQAclx39XFjgua5i N8dEzpiAi3v82yZwD7Ur+2KQqZeo9wAT6bHq57SFS93ot02mZpX4IZ6dvRPlGXlU 8Mftz48KilcqgLQdkoVn3+jbmxn8UsKJ7XvZIdLK+sUd7/kH/M7DposZ4RChBGUJ CFG/Se8XcRIXn2kBjEpQcsH0j9g6sb3Ez/hx3QfG56uTMh9XVYXBzrX/T7VZrATT p0iPYbMpb19dSjAwFObw2i0z+BHELP0w9bO/XEhkkzYjUEQ9JbpqLtVYTejTf+ON om8bxuDNitnOkf9dSmSi70jAfQIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFIMOHDLi vSO8Owul04BI2H0WI4iKMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNDJDOUZFMEM3 N0VEMTFFQkJGQkFGNTY4QzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAa BAIAATAUMAwDBAJ4HfwDBAB4Hf4DBADLEUgwIwQCAAIwHTASAwcAIAENzQABAwcD IAENzQAAAwcAIAENzd0FMA0GCSqGSIb3DQEBCwUAA4IBAQAX8SEW0PdhUpS/3Dd9 3kM77S2sWcq5yUaEy6e5Lx3lxMNDcWGZfa+I6+hGURihCnnBVzmluLNjBXfv6rRg ugO800tLzWzsBx34NWz5dCvRu1nXRFy/B82qnpvg4pWcEYbO4ayvqjXbmFSGnEa1 zgpQqWJf7cE46Q7MbuslOdq+44H1pFs9JNdtQwfyB97Bs6DkGZ+H5GVjZhpX5TmW 3WPKvi4gs7dsPD5J/cxiIUT9oLbTC2RHhCt8Ytbcuhh62IHB7BCA2sdm/PiRIch5 AI5Lh2xTdrJ3UMrakZ3jPrgSly6KYxtQDRo84eK2AtiTLMfsCa31oJoZLnmzjVmN /Gfj -----END CERTIFICATE-----Generated at Mon Mar 2 14:58:34 2026 by rpki-client