$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/7FC0AC6009AE11EAA7CED313C4F9AE02.roa File: 7FC0AC6009AE11EAA7CED313C4F9AE02.roa (raw, json) Hash identifier: DtUshq7iqHXjOiCuKFYQexoo2RSEWe4GvVRIHOI5HuE= Subject key identifier: 2D:A8:F0:11:FB:D2:A5:FB:38:25:0C:30:0E:3C:27:5B:22:E1:04:17 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 1072 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/7FC0AC6009AE11EAA7CED313C4F9AE02.roa Signing time: Sun 01 Mar 2026 18:31:42 +0000 ROA not before: Fri 28 Feb 2025 19:29:54 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397222 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:53:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4210 (0x1072) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 28 19:29:54 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a4860e-a783 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:76:8b:5a:47:32:fd:df:ef:96:a2:58:08:a5: 4f:29:5e:61:67:f2:8a:0b:7d:ca:78:1f:01:c7:19: 2b:c6:4c:c2:d1:29:2f:a1:05:69:ab:a9:eb:e3:f0: 35:18:68:a1:0d:d7:90:8b:4c:e9:43:7a:8c:c9:18: 58:9c:d4:9c:db:7b:bb:ce:da:93:56:de:ec:b4:2b: 80:14:c9:f3:62:ef:d7:25:c5:fc:b3:8b:98:b3:2a: 72:30:5c:f5:0e:6c:95:eb:38:71:c8:7d:47:4c:8f: 76:1d:af:8d:95:43:6f:f3:56:06:99:18:6d:42:93: dc:36:70:8b:fa:55:2c:49:1f:46:0b:43:16:df:3e: bc:1a:ff:83:9e:d5:2c:30:c5:d9:db:4f:d5:1e:a7: 6b:f6:34:7e:49:f6:00:f0:e1:da:f3:19:df:d4:7e: 17:6a:de:a9:d8:97:3a:3c:b4:47:8e:0f:d8:f7:1a: 16:c1:05:54:cc:f2:8c:15:6b:5c:4e:94:0a:31:30: a1:68:d3:ba:af:3b:33:56:74:23:bd:5a:f7:12:44: 31:e4:2b:67:ab:b1:a9:d2:76:29:dc:f3:dc:82:7b: 2a:ab:9d:c6:3a:7c:a7:9a:e5:f6:fa:11:a3:23:13: b1:8c:3f:eb:30:8c:4f:c3:11:07:72:c1:cf:01:8b: 88:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:A8:F0:11:FB:D2:A5:FB:38:25:0C:30:0E:3C:27:5B:22:E1:04:17 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/7FC0AC6009AE11EAA7CED313C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 04:25:7d:4e:53:bd:6f:f1:b1:45:7a:4b:56:88:84:05:7d:17: 0f:65:eb:f7:45:cb:f5:6b:60:29:69:67:c9:ba:25:39:76:26: d2:2b:27:51:e2:2f:5e:d2:5d:76:02:e6:d5:89:e7:6b:39:6b: 3c:f6:b1:ca:bc:ca:dd:cc:9a:2f:e2:b0:bd:af:ca:63:b2:df: 4c:69:f9:de:10:10:de:70:c9:14:06:5f:48:86:3d:43:33:27: 8d:21:b7:8f:97:b1:ce:05:95:4a:af:f9:22:2b:2f:11:76:66: 07:b7:4c:9b:88:92:db:9d:79:b2:aa:62:63:c0:7c:95:e4:12: 3b:cd:6a:a5:4d:21:1f:aa:c1:9c:e1:b5:54:e2:d7:91:ab:97: 5c:5b:a9:cb:3d:1b:6a:8d:59:f7:bc:05:2b:1e:3a:13:fc:d5: e6:95:be:80:24:7a:54:6d:4c:17:0d:5c:6c:e0:8c:ec:68:7b: 31:4f:18:66:c9:be:6d:6c:63:a6:e1:8d:b1:fd:52:af:35:a7: b7:87:a4:8a:b1:3a:f3:5b:78:ac:1c:40:71:ed:fc:2c:ab:6d: 20:9e:5b:19:ba:e9:1e:4d:b1:28:df:2d:50:3d:a5:c2:93:78: 8a:ae:c1:c8:f1:4e:22:5e:88:06:3d:15:b1:35:a3:2d:14:ee: cf:6b:22:ef -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgICEHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkyOTU0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0ODYwZS1hNzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAi3aLWkcy/d/vlqJYCKVPKV5hZ/KKC33KeB8BxxkrxkzC0SkvoQVpq6nr4/A1 GGihDdeQi0zpQ3qMyRhYnNSc23u7ztqTVt7stCuAFMnzYu/XJcX8s4uYsypyMFz1 DmyV6zhxyH1HTI92Ha+NlUNv81YGmRhtQpPcNnCL+lUsSR9GC0MW3z68Gv+DntUs MMXZ20/VHqdr9jR+SfYA8OHa8xnf1H4Xat6p2Jc6PLRHjg/Y9xoWwQVUzPKMFWtc TpQKMTChaNO6rzszVnQjvVr3EkQx5Ctnq7Gp0nYp3PPcgnsqq53GOnynmuX2+hGj IxOxjD/rMIxPwxEHcsHPAYuIbwIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFC2o8BH7 0qX7OCUMMA48J1si4QQXMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvN0ZDMEFDNjAw OUFFMTFFQUE3Q0VEMzEzQzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAa BAIAATAUMAwDBAJ4HfwDBAB4Hf4DBADLEUgwIwQCAAIwHTASAwcAIAENzQABAwcD IAENzQAAAwcAIAENzd0FMA0GCSqGSIb3DQEBCwUAA4IBAQAEJX1OU71v8bFFektW iIQFfRcPZev3Rcv1a2ApaWfJuiU5dibSKydR4i9e0l12AubViedrOWs89rHKvMrd zJov4rC9r8pjst9MafneEBDecMkUBl9Ihj1DMyeNIbePl7HOBZVKr/kiKy8RdmYH t0ybiJLbnXmyqmJjwHyV5BI7zWqlTSEfqsGc4bVU4teRq5dcW6nLPRtqjVn3vAUr HjoT/NXmlb6AJHpUbUwXDVxs4IzsaHsxTxhmyb5tbGOm4Y2x/VKvNae3h6SKsTrz W3isHEBx7fwsq20gnlsZuukeTbEo3y1QPaXCk3iKrsHI8U4iXogGPRWxNaMtFO7P ayLv -----END CERTIFICATE-----Generated at Mon Mar 2 14:59:04 2026 by rpki-client