$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/537DDF3A09B111EAB045B31EC4F9AE02.roa File: 537DDF3A09B111EAB045B31EC4F9AE02.roa (raw, json) Hash identifier: uvtnzYWMOZmNgT9qWZTLmh1qcon+poPvQt4vFLki1wE= Subject key identifier: 09:E2:DA:2C:92:47:AF:41:0E:70:5B:EC:A4:70:AA:3E:8C:B1:22:51 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 106D Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/537DDF3A09B111EAB045B31EC4F9AE02.roa Signing time: Sun 01 Mar 2026 18:31:38 +0000 ROA not before: Fri 28 Feb 2025 19:29:48 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397217 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:53:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4205 (0x106d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 28 19:29:48 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a4860a-6c4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3a:e7:ea:10:b0:44:d5:0b:25:7d:94:24:4f: 86:dc:85:44:63:3b:64:7b:20:13:e5:4f:d1:79:14: 23:2b:01:67:f1:bf:ff:2a:fd:af:80:98:72:ff:0f: 70:52:a5:0c:23:b4:9f:34:56:3f:91:48:69:cf:96: ae:0c:e5:b1:25:c6:e8:00:5d:c5:bf:09:6e:d7:36: 3c:67:64:af:0c:36:68:82:e7:4d:64:6b:a7:4b:f1: 2b:87:aa:98:c5:78:17:f3:41:54:a1:65:cc:e2:de: d0:01:89:f6:df:ff:06:cf:e0:71:0f:1e:ac:cb:af: 60:8a:23:92:02:a3:8d:7f:cb:28:6b:b7:81:a0:03: 35:36:2e:be:8a:da:61:4c:0c:88:75:13:07:0e:1b: a1:8a:d4:0a:bd:a5:92:6a:65:87:12:ad:fe:92:34: 3a:0e:a1:73:da:16:3e:f2:5a:b0:18:9d:5c:8b:21: 6c:f8:88:8f:f6:50:34:4e:7f:a1:83:f1:78:a7:7b: 56:73:cc:39:96:d2:90:47:07:e5:8d:81:ff:5f:6c: 83:a8:61:d9:b1:d6:5f:7e:dc:cd:42:43:cc:3f:38: 72:7d:ce:c4:30:da:1c:90:e5:18:fb:d9:1b:fa:a8: f1:aa:65:12:ea:ae:82:2a:1b:2e:64:15:22:ca:37: dd:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:E2:DA:2C:92:47:AF:41:0E:70:5B:EC:A4:70:AA:3E:8C:B1:22:51 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/537DDF3A09B111EAB045B31EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:5:ffff:ffff:ffff:ffff:ffff 2001:dcd:7::/48 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 51:e1:91:cc:8d:33:fd:70:69:87:c8:3a:9a:7d:24:42:05:6f: bf:80:74:04:f3:0a:7e:d0:33:3d:2e:57:7f:5c:a7:16:be:f3: e2:92:4a:aa:9b:7e:19:70:2b:3a:11:ba:2b:f2:0f:6a:ae:79: 9f:32:38:22:61:a4:34:a5:8b:a0:bc:a7:95:75:72:cb:33:2c: 5a:e2:17:a8:95:0b:5f:03:b9:fe:97:a7:0c:b5:be:23:79:bb: 71:7a:cc:e2:7f:20:12:b6:6e:39:6c:14:61:3c:23:70:d4:5d: cd:8b:b5:ed:26:7c:c7:eb:fe:33:8c:d3:44:04:a4:84:d4:b6: 2f:79:b9:1b:ea:4f:af:aa:d1:0b:b1:c9:8a:60:0b:36:ac:66: 40:e7:bb:63:62:d5:10:d4:af:b2:34:e9:aa:2c:c6:dd:3f:b0: 63:9f:0f:53:7b:19:57:64:3b:60:31:ff:f6:ec:df:d6:97:ad: 00:ab:4c:36:0b:a1:6d:b0:19:28:cb:e6:00:cb:ca:84:a0:fb: 7d:c6:ec:96:00:74:55:5a:f7:a5:2b:dc:0e:40:e5:71:78:6e: a9:e8:61:0f:f3:45:0c:06:35:fa:88:40:11:57:03:c2:c4:2f: e4:55:6d:6c:69:44:3c:72:03:0e:b1:d7:1a:df:2b:4a:ac:7a: 0b:77:c0:6f -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgICEG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkyOTQ4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODYwYS02YzRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAszrn6hCwRNULJX2UJE+G3IVEYztkeyAT5U/ReRQjKwFn8b//Kv2vgJhy/w9w UqUMI7SfNFY/kUhpz5auDOWxJcboAF3Fvwlu1zY8Z2SvDDZogudNZGunS/Erh6qY xXgX80FUoWXM4t7QAYn23/8Gz+BxDx6sy69giiOSAqONf8soa7eBoAM1Ni6+itph TAyIdRMHDhuhitQKvaWSamWHEq3+kjQ6DqFz2hY+8lqwGJ1ciyFs+IiP9lA0Tn+h g/F4p3tWc8w5ltKQRwfljYH/X2yDqGHZsdZfftzNQkPMPzhyfc7EMNockOUY+9kb +qjxqmUS6q6CKhsuZBUiyjfdEQIDAQABo4ICnDCCApgwHQYDVR0OBBYEFAni2iyS R69BDnBb7KRwqj6MsSJRMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNTM3RERGM0Ew OUIxMTFFQUIwNDVCMzFFQzRGOUFFMDIucm9hMFsGCCsGAQUFBwEHAQH/BEwwSjAa BAIAATAUMAwDBAJ4HfwDBAB4Hf4DBADLEUgwLAQCAAIwJjASAwcAIAENzQABAwcB IAENzQAEAwcAIAENzQAHAwcAIAENzd0FMA0GCSqGSIb3DQEBCwUAA4IBAQBR4ZHM jTP9cGmHyDqafSRCBW+/gHQE8wp+0DM9Lld/XKcWvvPikkqqm34ZcCs6Ebor8g9q rnmfMjgiYaQ0pYugvKeVdXLLMyxa4heolQtfA7n+l6cMtb4jebtxeszifyAStm45 bBRhPCNw1F3Ni7XtJnzH6/4zjNNEBKSE1LYvebkb6k+vqtELscmKYAs2rGZA57tj YtUQ1K+yNOmqLMbdP7Bjnw9TexlXZDtgMf/27N/Wl60Aq0w2C6FtsBkoy+YAy8qE oPt9xuyWAHRVWvelK9wOQOVxeG6p6GEP80UMBjX6iEARVwPCxC/kVW1saUQ8cgMO sdca3ytKrHoLd8Bv -----END CERTIFICATE-----Generated at Mon Mar 2 16:47:23 2026 by rpki-client