$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/52BF1CA809B111EAB045B31EC4F9AE02.roa File: 52BF1CA809B111EAB045B31EC4F9AE02.roa (raw, json) Hash identifier: Xr65mHCatC6pICiwcQZa5i/oCzPDi7V6RY15OS4Gnwg= Subject key identifier: FE:D1:6F:A5:94:00:62:61:83:9F:65:2A:F3:81:5A:F7:AB:D8:A6:6D Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0F76 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/52BF1CA809B111EAB045B31EC4F9AE02.roa Signing time: Fri 28 Feb 2025 19:29:47 +0000 ROA not before: Fri 28 Feb 2025 19:29:47 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397216 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:24:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3958 (0xf76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 28 19:29:47 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20eab-8b16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:20:fd:eb:60:49:e1:28:70:8f:4b:8a:c5:dc: 1c:2d:7c:05:7a:64:ed:c2:fd:af:65:34:29:82:b6: de:9d:10:78:fb:6a:64:28:e7:de:25:d4:43:3c:e8: ff:20:18:f3:64:bb:94:da:2c:c9:27:c8:21:5c:83: ea:eb:96:d4:ce:aa:6f:26:a8:fc:4b:91:83:7c:89: 6e:7d:d7:75:ec:0a:d1:e1:ac:61:6e:86:d0:8b:fb: c3:5c:72:84:4f:41:11:ce:40:c2:a3:1f:1e:d3:bf: b0:69:11:00:68:d5:c2:fa:ef:79:4d:76:96:7b:86: 1b:c8:f6:55:e2:24:71:00:7f:40:4a:af:4f:72:41: e7:13:5f:e5:7d:d0:05:de:85:c6:e1:f5:20:d4:59: 81:cb:66:8c:0e:c0:15:fe:a6:eb:fc:63:7c:48:01: 02:16:59:ad:33:7f:74:66:f5:4e:b5:82:d8:2f:97: a1:74:e3:69:3d:75:40:49:09:86:d4:e1:47:6d:3d: 92:5b:e4:91:23:c4:8b:21:e4:ec:6f:0d:01:ca:bc: 2c:3d:a5:0d:b3:cd:02:5d:e8:48:6c:6d:89:e2:60: eb:0c:88:9f:23:0e:ff:30:e2:94:83:d9:42:b3:ee: 78:15:14:47:43:27:d4:f6:87:87:71:88:fe:62:b4: 84:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:D1:6F:A5:94:00:62:61:83:9F:65:2A:F3:81:5A:F7:AB:D8:A6:6D X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/52BF1CA809B111EAB045B31EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 2f:40:b4:ca:1c:c5:de:af:2e:04:61:e7:25:58:1b:73:a7:90: c0:cc:5c:7d:b2:4f:c9:32:89:61:96:09:de:c2:eb:99:f8:ef: b0:48:a9:1d:ed:61:e0:4a:1b:95:10:62:a5:c7:d1:79:0a:20: b3:de:83:fe:29:6a:e9:bc:de:33:9f:23:42:58:d3:5c:45:5e: 5e:9f:ac:63:e5:2b:a0:39:02:b6:a3:5a:d2:77:fa:71:01:35: 90:ff:e8:22:89:e8:07:3f:ae:4e:29:e6:0d:3e:7d:15:6c:e1: 26:df:ea:9c:0d:80:67:06:3f:74:b0:2c:a4:d4:5c:0f:26:8d: d6:1c:38:44:84:a7:2f:e9:81:63:e8:04:30:75:0f:13:20:36: 0c:fb:6f:cc:02:86:89:cf:8e:04:6c:b8:70:26:08:37:8f:6e: de:00:df:7f:48:6e:08:e1:b0:f0:b2:dc:c4:b2:d0:80:c9:51: dd:3e:ed:82:83:98:73:3d:1d:23:07:10:44:75:fc:ae:bd:b7: 79:b2:79:3e:7a:0d:23:a9:d9:a0:0e:07:3d:a7:16:b9:78:9f: 0f:a8:30:26:96:aa:aa:41:a7:cc:68:3d:30:ee:d6:09:30:b8: 89:d0:e3:4b:a8:1f:2a:f4:ef:52:5f:bc:ad:6b:c3:9c:ed:9a: bd:01:6a:72 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICD3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkyOTQ3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGVhYi04YjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArSD962BJ4Shwj0uKxdwcLXwFemTtwv2vZTQpgrbenRB4+2pkKOfeJdRDPOj/ IBjzZLuU2izJJ8ghXIPq65bUzqpvJqj8S5GDfIlufdd17ArR4axhbobQi/vDXHKE T0ERzkDCox8e07+waREAaNXC+u95TXaWe4YbyPZV4iRxAH9ASq9PckHnE1/lfdAF 3oXG4fUg1FmBy2aMDsAV/qbr/GN8SAECFlmtM390ZvVOtYLYL5ehdONpPXVASQmG 1OFHbT2SW+SRI8SLIeTsbw0ByrwsPaUNs80CXehIbG2J4mDrDIifIw7/MOKUg9lC s+54FRRHQyfU9oeHcYj+YrSEkwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFP7Rb6WU AGJhg59lKvOBWver2KZtMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNTJCRjFDQTgw OUIxMTFFQUIwNDVCMzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAC9AtMocxd6v LgRh5yVYG3OnkMDMXH2yT8kyiWGWCd7C65n477BIqR3tYeBKG5UQYqXH0XkKILPe g/4paum83jOfI0JY01xFXl6frGPlK6A5ArajWtJ3+nEBNZD/6CKJ6Ac/rk4p5g0+ fRVs4Sbf6pwNgGcGP3SwLKTUXA8mjdYcOESEpy/pgWPoBDB1DxMgNgz7b8wChonP jgRsuHAmCDePbt4A339IbgjhsPCy3MSy0IDJUd0+7YKDmHM9HSMHEER1/K69t3my eT56DSOp2aAOBz2nFrl4nw+oMCaWqqpBp8xoPTDu1gkwuInQ40uoHyr071JfvK1r w5ztmr0BanI= -----END CERTIFICATE-----Generated at Wed Nov 5 16:44:26 2025 by rpki-client