$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/52BF1CA809B111EAB045B31EC4F9AE02.roa File: 52BF1CA809B111EAB045B31EC4F9AE02.roa (raw, json) Hash identifier: sIFzi05CsaIpI6IXbPoMavOg8v+lG8SCiHW5mc9xYYo= Subject key identifier: B6:3A:08:E1:CA:6B:D4:F9:BB:5A:46:79:31:91:6C:3A:FE:AF:42:41 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 106C Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/52BF1CA809B111EAB045B31EC4F9AE02.roa Signing time: Sun 01 Mar 2026 18:31:37 +0000 ROA not before: Fri 28 Feb 2025 19:29:47 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397216 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:53:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4204 (0x106c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 28 19:29:47 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a48609-705b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f3:26:bb:29:a0:fd:56:2a:fd:e5:8b:66:a3: 3a:e4:20:10:2c:07:a7:77:d4:78:fb:41:c0:7b:55: 65:a7:ef:d3:8b:e4:7c:ca:0b:cd:ba:2b:e2:73:94: 89:00:5a:f1:41:64:fe:25:f2:cd:0e:77:a0:13:d0: d2:6b:12:97:d2:b9:9d:32:f1:58:c9:0f:e8:9d:28: 43:0f:2a:08:22:5c:ff:5a:f4:a1:df:5f:8a:32:5f: 3e:ee:c4:df:c9:59:7a:9d:bf:51:f8:7f:98:cc:b6: 46:e1:eb:2c:e8:04:38:1f:ea:2d:f2:3f:00:60:50: 8c:67:6b:5f:18:bf:9e:ed:77:60:94:14:02:30:4c: 24:74:07:cc:41:d9:61:4e:68:f8:77:a8:6a:14:ef: 64:67:7c:30:3e:02:03:94:25:35:3a:ca:a7:20:79: c6:fc:f2:49:af:a2:c0:e0:01:2b:b7:ca:71:cf:8d: 45:be:10:b7:63:48:9c:3c:e0:ed:98:8f:c7:92:4e: 56:91:7a:80:3c:72:14:7b:ce:40:76:08:ec:c1:0b: 2c:da:b8:0f:1a:8e:30:d6:f7:5f:66:97:7d:a4:1f: 57:63:81:6a:5d:75:c5:ae:7f:da:35:c2:06:7b:13: a6:9a:a4:4f:d8:3b:a4:13:75:3f:9b:a9:41:28:e4: 39:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:3A:08:E1:CA:6B:D4:F9:BB:5A:46:79:31:91:6C:3A:FE:AF:42:41 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/52BF1CA809B111EAB045B31EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 85:14:b9:c8:e6:28:2e:ca:0c:f1:a8:46:b1:8c:7b:ab:52:4a: 92:3c:48:8b:21:50:13:3e:01:41:f2:66:48:55:1e:7a:df:84: 25:d9:2f:6a:f5:97:f7:96:54:5f:20:87:7a:da:96:f8:9b:ac: 29:aa:53:89:f4:5b:c8:9f:44:bf:ce:fd:86:29:ce:4a:32:1f: 88:5f:54:aa:5a:07:69:dc:c5:11:36:45:15:2c:83:95:bf:ae: f1:5a:47:80:1d:58:28:f3:cd:6f:a6:6b:ed:6e:94:75:42:29: 5a:5f:16:d4:23:25:48:f6:9b:a6:53:be:67:13:5f:68:3e:63: cf:4d:52:30:77:0d:9a:1a:c2:98:a5:72:b8:be:1c:23:6b:eb: 31:26:24:71:14:2f:38:a7:62:e6:01:9e:ce:ea:c9:13:f8:0f: 4a:09:0a:b6:66:f4:4f:33:5a:28:91:3e:72:17:65:f9:8a:fd: db:f0:45:7c:85:ae:af:5b:72:47:2e:b8:69:b8:1a:ec:8b:7f: f6:31:1a:7a:d1:3b:02:d2:7d:4c:45:ea:b6:59:6c:6d:9d:9e: 8f:5b:1c:cd:75:2a:4c:35:ac:8b:8c:42:bf:a7:b5:fb:72:78: 9b:c8:d6:d4:cc:57:e7:ed:b8:76:7f:5d:65:a6:ac:38:3a:65: ff:55:cd:ea -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgICEGwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkyOTQ3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODYwOS03MDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsvMmuymg/VYq/eWLZqM65CAQLAend9R4+0HAe1Vlp+/Ti+R8ygvNuivic5SJ AFrxQWT+JfLNDnegE9DSaxKX0rmdMvFYyQ/onShDDyoIIlz/WvSh31+KMl8+7sTf yVl6nb9R+H+YzLZG4ess6AQ4H+ot8j8AYFCMZ2tfGL+e7XdglBQCMEwkdAfMQdlh Tmj4d6hqFO9kZ3wwPgIDlCU1OsqnIHnG/PJJr6LA4AErt8pxz41FvhC3Y0icPODt mI/Hkk5WkXqAPHIUe85AdgjswQss2rgPGo4w1vdfZpd9pB9XY4FqXXXFrn/aNcIG exOmmqRP2DukE3U/m6lBKOQ5JwIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFLY6COHK a9T5u1pGeTGRbDr+r0JBMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNTJCRjFDQTgw OUIxMTFFQUIwNDVCMzFFQzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAa BAIAATAUMAwDBAJ4HfwDBAB4Hf4DBADLEUgwIwQCAAIwHTASAwcAIAENzQABAwcD IAENzQAAAwcAIAENzd0FMA0GCSqGSIb3DQEBCwUAA4IBAQCFFLnI5iguygzxqEax jHurUkqSPEiLIVATPgFB8mZIVR5634Ql2S9q9Zf3llRfIId62pb4m6wpqlOJ9FvI n0S/zv2GKc5KMh+IX1SqWgdp3MURNkUVLIOVv67xWkeAHVgo881vpmvtbpR1Qila XxbUIyVI9pumU75nE19oPmPPTVIwdw2aGsKYpXK4vhwja+sxJiRxFC84p2LmAZ7O 6skT+A9KCQq2ZvRPM1ookT5yF2X5iv3b8EV8ha6vW3JHLrhpuBrsi3/2MRp60TsC 0n1MReq2WWxtnZ6PWxzNdSpMNayLjEK/p7X7cnibyNbUzFfn7bh2f11lpqw4OmX/ Vc3q -----END CERTIFICATE-----Generated at Mon Mar 2 14:59:10 2026 by rpki-client