$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/0FCDEA68113B11F09E3A4157C4F9AE02.roa File: 0FCDEA68113B11F09E3A4157C4F9AE02.roa (raw, json) Hash identifier: 1QTKJD4vqX7bem3GLJ46R87e+RPm3/ksMd9HYKhn61A= Subject key identifier: B0:12:27:6A:CD:F6:7E:EB:12:05:18:3E:FF:E3:F6:04:67:48:8D:A0 Certificate issuer: /CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB Certificate serial: 35B5 Authority key identifier: 1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/0FCDEA68113B11F09E3A4157C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:25:59 +0000 ROA not before: Fri 04 Apr 2025 09:56:22 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 38174 IP address blocks: 120.29.234.0/23 maxlen: 24 120.29.239.0/24 maxlen: 24 123.242.244.0/22 maxlen: 24 123.242.252.0/23 maxlen: 24 123.242.254.0/23 maxlen: 24 202.60.60.0/23 maxlen: 23 202.60.60.0/24 maxlen: 24 202.60.61.0/24 maxlen: 24 202.60.62.0/23 maxlen: 24 202.61.10.0/23 maxlen: 23 202.61.10.0/24 maxlen: 24 202.61.11.0/24 maxlen: 24 203.189.180.0/22 maxlen: 24 203.191.34.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.crl rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:52:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13749 (0x35b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0770, serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB Validity Not Before: Apr 4 09:56:22 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a45a87-d6b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d1:ee:59:85:ce:a5:51:bc:88:ee:a6:74:b1: 11:d0:9d:27:0a:6b:3d:86:1f:e3:b4:0e:e5:5b:b9: d7:6e:fc:dc:94:89:86:74:b1:95:a8:27:72:0e:f1: ba:09:16:fb:d3:5a:7c:73:91:17:d0:74:03:b0:0e: a9:1e:a9:c8:80:eb:8e:47:41:3a:03:dd:32:17:f9: 6a:35:7e:c1:bf:ad:b0:61:c4:8f:7c:dc:c3:5a:cf: d7:76:4b:27:44:44:1c:8a:9b:04:4c:4a:e6:d3:35: 3a:ff:26:39:8f:c3:5d:bb:e6:4f:10:14:83:3d:3f: 9a:15:85:7b:8a:63:ce:70:34:1b:3a:8b:9d:d6:1c: f4:89:29:28:43:8f:bd:ed:ea:d5:68:a8:a1:2d:13: 25:85:87:35:9c:2b:cb:59:a8:30:7f:86:1d:f4:9a: 49:a2:09:01:51:8b:02:1e:09:9a:a3:e2:ff:a0:b9: 63:31:b2:cf:d1:4c:1d:bb:0f:02:73:a3:59:51:ff: 8d:2b:19:d3:c2:21:32:bf:36:25:64:d5:42:fb:e7: 39:9b:73:e7:42:ad:58:b5:62:c7:67:81:fb:cb:22: ed:76:5e:6f:70:38:df:1b:c4:1c:51:5b:8d:57:04: 91:a5:0a:b7:08:fe:d7:38:20:5f:a5:07:08:91:94: 16:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:12:27:6A:CD:F6:7E:EB:12:05:18:3E:FF:E3:F6:04:67:48:8D:A0 X509v3 Authority Key Identifier: keyid:1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/0FCDEA68113B11F09E3A4157C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.29.234.0/23 120.29.239.0/24 123.242.244.0/22 123.242.252.0/22 202.60.60.0/22 202.61.10.0/23 203.189.180.0/22 203.191.34.0/23 Signature Algorithm: sha256WithRSAEncryption 3f:e3:e2:aa:d9:38:89:dd:f3:04:75:fe:91:c1:91:ad:96:7d: 16:34:81:aa:0a:ab:87:a8:8f:44:db:3a:8c:8e:41:d4:d2:cb: db:8b:10:a3:cb:a3:9d:2a:58:5e:f0:2d:d1:ef:51:c8:85:4b: 77:50:a2:24:05:ef:d4:1e:11:9d:c5:08:7c:4d:cb:49:2d:62: ac:7c:5a:ec:37:d3:18:d6:01:2a:74:b6:1f:fa:a9:23:39:10: c0:ec:4e:3f:32:d7:73:39:84:4c:01:9b:e3:75:6a:d9:76:b3: bc:84:21:56:ce:38:5a:bb:00:08:12:7e:86:7c:41:c4:94:75: 37:f1:c5:20:5a:80:15:36:a9:2c:4b:6f:87:f0:50:18:ae:2a: 0d:79:d9:1f:17:47:9c:03:83:58:3d:55:d2:28:df:85:e2:13: 3e:ef:a9:ef:f4:f9:95:73:77:bd:53:05:27:7a:29:ac:6c:d0: cc:f8:e8:04:ff:61:24:dc:54:aa:eb:d4:79:bd:a1:ee:98:80: 76:8a:5a:37:a6:e2:10:93:6f:c3:1e:25:4c:86:58:87:89:8f: a9:11:27:f3:f8:94:d3:27:04:e4:4b:79:99:92:3e:a8:7b:5a: d4:cc:81:79:e5:39:eb:50:73:c1:29:89:ba:80:03:00:08:d7: 91:29:a0:1d -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgICNbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjA3NzAxMTAvBgNVBAUTKDFENjIyNUFEOTQzRUNBMzg5RkE0QjY2QzE5NzQzNTFF MzRDNDI4RkIwHhcNMjUwNDA0MDk1NjIyWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWE4Ny1kNmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArtHuWYXOpVG8iO6mdLER0J0nCms9hh/jtA7lW7nXbvzclImGdLGVqCdyDvG6 CRb701p8c5EX0HQDsA6pHqnIgOuOR0E6A90yF/lqNX7Bv62wYcSPfNzDWs/Xdksn REQcipsETErm0zU6/yY5j8Ndu+ZPEBSDPT+aFYV7imPOcDQbOoud1hz0iSkoQ4+9 7erVaKihLRMlhYc1nCvLWagwf4Yd9JpJogkBUYsCHgmao+L/oLljMbLP0Uwduw8C c6NZUf+NKxnTwiEyvzYlZNVC++c5m3PnQq1YtWLHZ4H7yyLtdl5vcDjfG8QcUVuN VwSRpQq3CP7XOCBfpQcIkZQWOwIDAQABo4ICijCCAoYwHQYDVR0OBBYEFLASJ2rN 9n7rEgUYPv/j9gRnSI2gMB8GA1UdIwQYMBaAFB1iJa2UPso4n6S2bBl0NR40xCj7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDc3MC9DMzM2ODNCNjFE OEUxMUUyOEE5QjU3RUQwOEIwMkNEMi9IV0lsclpRLXlqaWZwTFpzR1hRMUhqVEVL UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hXSWxyWlEteWppZnBMWnNHWFExSGpURUtQcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjA3NzAvQzMzNjgzQjYxRDhFMTFFMjhBOUI1N0VEMDhCMDJDRDIvMEZDREVBNjgx MTNCMTFGMDlFM0E0MTU3QzRGOUFFMDIucm9hMEkGCCsGAQUFBwEHAQH/BDowODA2 BAIAATAwAwQBeB3qAwQAeB3vAwQCe/L0AwQCe/L8AwQCyjw8AwQByj0KAwQCy720 AwQBy78iMA0GCSqGSIb3DQEBCwUAA4IBAQA/4+Kq2TiJ3fMEdf6RwZGtln0WNIGq CquHqI9E2zqMjkHU0svbixCjy6OdKlhe8C3R71HIhUt3UKIkBe/UHhGdxQh8TctJ LWKsfFrsN9MY1gEqdLYf+qkjORDA7E4/MtdzOYRMAZvjdWrZdrO8hCFWzjhauwAI En6GfEHElHU38cUgWoAVNqksS2+H8FAYrioNedkfF0ecA4NYPVXSKN+F4hM+76nv 9PmVc3e9UwUneimsbNDM+OgE/2Ek3FSq69R5vaHumIB2ilo3puIQk2/DHiVMhliH iY+pESfz+JTTJwTkS3mZkj6oe1rUzIF55TnrUHPBKYm6gAMACNeRKaAd -----END CERTIFICATE-----Generated at Mon Mar 2 11:59:11 2026 by rpki-client