$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F10FEA5C099A11EAB5891D5BC4F9AE02.roa File: F10FEA5C099A11EAB5891D5BC4F9AE02.roa (raw, json) Hash identifier: IHqGkG4g/iAJtEoc1G8Eq60Xz68M4ea272cwSzqau7w= Subject key identifier: EA:8F:EB:D1:D1:83:82:DF:25:B4:45:7B:9C:B4:31:0D:D8:5B:51:AA Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 0F7A Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F10FEA5C099A11EAB5891D5BC4F9AE02.roa Signing time: Fri 28 Feb 2025 19:29:52 +0000 ROA not before: Fri 28 Feb 2025 19:29:52 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 397220 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:24:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3962 (0xf7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Feb 28 19:29:52 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=67c20eb0-16b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:01:a0:b3:a4:6a:91:6b:cf:fb:05:c0:10:ed: da:43:b0:48:4a:b2:8f:5a:19:69:5c:c9:2d:2c:4e: d5:64:cb:a8:fc:ea:fd:2d:6e:ab:c7:05:b5:c1:cc: da:55:ed:37:79:df:13:6a:20:c1:65:b9:66:d3:f9: ab:a7:81:ce:7f:38:71:39:86:25:70:3a:7a:e9:48: 90:3e:7e:f1:ce:c5:2d:ac:b8:77:ba:ea:79:0c:c3: d3:10:fd:58:52:a7:6c:d2:ec:1d:6b:71:da:b3:a4: 2e:1f:03:cd:5f:61:3f:ab:40:69:a4:3d:28:2c:ec: ac:7b:13:ff:c2:f7:21:1c:f4:02:53:1c:82:5c:d8: 51:f6:74:2b:55:43:27:e8:26:cd:4e:46:f5:be:e8: 04:69:fc:ec:63:7d:b8:4b:41:0e:2b:1a:59:9e:6f: 99:ac:2a:a6:0a:91:d0:53:6c:cc:09:25:a3:b2:1c: b3:5f:43:26:dc:42:66:a5:5f:3f:a8:98:76:8b:5f: 61:24:4a:ca:ab:8c:94:bc:65:d0:19:a5:be:90:37: f6:f2:c5:71:00:54:12:4b:e9:4c:f2:9c:ad:33:ad: 74:ab:7c:39:a3:87:02:89:5f:2f:cc:46:8b:70:31: 0e:ea:76:5a:a8:92:e6:91:e3:4c:0a:0a:4b:2d:98: 16:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:8F:EB:D1:D1:83:82:DF:25:B4:45:7B:9C:B4:31:0D:D8:5B:51:AA X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/F10FEA5C099A11EAB5891D5BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 58:a8:d9:e0:5f:40:e7:23:82:59:dd:b8:b9:21:46:2c:80:66: dd:73:b1:be:a8:7e:37:68:06:ec:83:7a:bd:12:8a:ac:9a:47: cb:9e:af:9b:d1:af:2f:50:51:03:ad:8d:6a:8a:b5:b0:32:e2: 0e:19:e3:23:2a:95:21:56:9e:6f:3a:08:11:4a:3f:88:33:66: 5e:a0:19:95:2c:98:f1:ae:ff:a5:83:a0:f5:09:03:0f:dc:3d: 0f:f4:4e:c4:14:98:ad:e9:04:75:65:aa:ac:58:9a:b7:71:2c: 03:af:4a:f6:1f:19:c4:33:de:ba:44:fd:42:a5:0e:4a:f3:93: 96:37:3b:1f:9e:b8:27:7f:44:bd:ad:e4:a1:88:0f:c3:0a:80: 6c:af:81:82:f2:ef:47:d2:4e:47:f8:1b:eb:d9:68:9a:c6:89: 14:84:63:aa:b4:fa:28:7b:84:a8:5c:0e:68:66:30:5e:82:d4: 72:ff:a6:a6:0e:53:2b:2b:8a:af:76:de:10:e9:90:ec:b9:91: 07:c3:c4:86:d3:30:4e:e6:b6:eb:16:fc:44:85:f5:c0:0f:78: 12:cf:c6:fa:a7:28:36:54:51:4e:73:7a:7a:b9:89:61:36:5e: 4b:78:74:ff:e7:00:4f:40:c3:28:f2:ba:1c:d2:1e:6a:86:74: 50:df:28:c4 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgICD3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjUwMjI4MTkyOTUyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02N2MyMGViMC0xNmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtAGgs6RqkWvP+wXAEO3aQ7BISrKPWhlpXMktLE7VZMuo/Or9LW6rxwW1wcza Ve03ed8TaiDBZblm0/mrp4HOfzhxOYYlcDp66UiQPn7xzsUtrLh3uup5DMPTEP1Y Uqds0uwda3Has6QuHwPNX2E/q0BppD0oLOysexP/wvchHPQCUxyCXNhR9nQrVUMn 6CbNTkb1vugEafzsY324S0EOKxpZnm+ZrCqmCpHQU2zMCSWjshyzX0Mm3EJmpV8/ qJh2i19hJErKq4yUvGXQGaW+kDf28sVxAFQSS+lM8pytM610q3w5o4cCiV8vzEaL cDEO6nZaqJLmkeNMCgpLLZgWVQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFOqP69HR g4LfJbRFe5y0MQ3YW1GqMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvRjEwRkVBNUMw OTlBMTFFQUI1ODkxRDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E QzBBMBoEAgABMBQwDAMEAngd/AMEAHgd/gMEAMsRSDAjBAIAAjAdMBIDBwAgAQ3N AAEDBwMgAQ3NAAADBwAgAQ3N3QUwDQYJKoZIhvcNAQELBQADggEBAFio2eBfQOcj glnduLkhRiyAZt1zsb6ofjdoBuyDer0SiqyaR8uer5vRry9QUQOtjWqKtbAy4g4Z 4yMqlSFWnm86CBFKP4gzZl6gGZUsmPGu/6WDoPUJAw/cPQ/0TsQUmK3pBHVlqqxY mrdxLAOvSvYfGcQz3rpE/UKlDkrzk5Y3Ox+euCd/RL2t5KGID8MKgGyvgYLy70fS Tkf4G+vZaJrGiRSEY6q0+ih7hKhcDmhmMF6C1HL/pqYOUysriq923hDpkOy5kQfD xIbTME7mtusW/ESF9cAPeBLPxvqnKDZUUU5zenq5iWE2Xkt4dP/nAE9AwyjyuhzS HmqGdFDfKMQ= -----END CERTIFICATE-----Generated at Wed Nov 5 15:04:27 2025 by rpki-client