$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6DD8/F04852421D8611E286118CDE08B02CD2/2DED29046A8E11EF948C2811C4F9AE02.roa File: 2DED29046A8E11EF948C2811C4F9AE02.roa (raw, json) Hash identifier: Uyndl2RNPQU8Q6UunWd7sOPMzU0qjSa6Yu6/kDwXZIc= Subject key identifier: A5:33:22:FF:01:6F:77:A3:0A:66:22:42:35:DC:6E:7D:E1:83:99:BA Certificate issuer: /CN=A91C6DD8/serialNumber=FD9FD457458218838776C0DC08EFB6155201E368 Certificate serial: 357A Authority key identifier: FD:9F:D4:57:45:82:18:83:87:76:C0:DC:08:EF:B6:15:52:01:E3:68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Z_UV0WCGIOHdsDcCO-2FVIB42g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6DD8/F04852421D8611E286118CDE08B02CD2/2DED29046A8E11EF948C2811C4F9AE02.roa Signing time: Sun 01 Mar 2026 09:10:21 +0000 ROA not before: Wed 02 Jul 2025 14:50:35 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 10139 IP address blocks: 121.1.0.0/20 maxlen: 24 121.1.16.0/20 maxlen: 24 121.1.32.0/19 maxlen: 24 121.54.0.0/17 maxlen: 24 125.60.128.0/17 maxlen: 24 175.158.192.0/18 maxlen: 24 175.176.0.0/17 maxlen: 24 203.84.160.0/19 maxlen: 24 203.87.128.0/17 maxlen: 24 203.111.224.0/20 maxlen: 24 203.201.180.0/24 maxlen: 24 2407:9800:2000::/36 maxlen: 36 2407:9800:5000::/36 maxlen: 36 2407:9800:6000::/36 maxlen: 36 2407:9800:9000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6DD8/F04852421D8611E286118CDE08B02CD2/_Z_UV0WCGIOHdsDcCO-2FVIB42g.crl rsync://rpki.apnic.net/member_repository/A91C6DD8/F04852421D8611E286118CDE08B02CD2/_Z_UV0WCGIOHdsDcCO-2FVIB42g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Z_UV0WCGIOHdsDcCO-2FVIB42g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 14:28:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13690 (0x357a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6DD8, serialNumber=FD9FD457458218838776C0DC08EFB6155201E368 Validity Not Before: Jul 2 14:50:35 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a4027d-3761 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:7e:39:e8:05:fd:9c:ea:c3:7c:84:10:e5:3d: b8:94:8c:b4:6c:bb:ac:b2:d4:4f:94:6c:79:98:75: b5:dd:09:48:1b:78:d2:ec:ba:51:55:f9:2f:7f:f8: 48:cb:00:ef:09:87:82:fd:7c:4a:f7:97:2c:eb:ee: 52:9d:4d:a1:00:6b:9e:e3:21:b8:8a:31:67:96:26: 29:e3:15:23:b3:2f:97:c3:0b:0b:2b:10:14:a0:8e: 67:67:9c:31:fb:e3:a2:9b:f0:75:bc:ba:ac:f4:da: 59:f1:5f:69:fa:ff:80:d2:40:9d:44:ef:d4:f2:4e: 8b:5c:99:ba:3f:98:35:78:37:74:4a:0b:ee:29:5f: 69:47:d1:c7:02:a4:99:e7:38:66:4c:fb:f3:b0:d0: 26:9a:91:8b:2a:f1:75:0c:05:d7:f5:14:24:8c:50: ee:3a:64:a9:b2:d1:42:29:be:1f:60:e5:0d:62:81: 09:93:61:25:77:e3:c3:7a:de:d6:04:65:e6:51:96: 4e:d7:75:c4:9a:6f:aa:6d:52:8b:32:0b:67:56:11: 24:7e:20:e0:e8:c3:e4:a1:d7:17:df:bb:06:69:e1: 61:3e:76:a6:23:a3:06:ef:04:c5:bb:eb:5d:33:f0: 2f:60:cb:a8:ab:0e:72:5a:a1:ab:a9:72:46:ee:21: 37:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:33:22:FF:01:6F:77:A3:0A:66:22:42:35:DC:6E:7D:E1:83:99:BA X509v3 Authority Key Identifier: keyid:FD:9F:D4:57:45:82:18:83:87:76:C0:DC:08:EF:B6:15:52:01:E3:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6DD8/F04852421D8611E286118CDE08B02CD2/_Z_UV0WCGIOHdsDcCO-2FVIB42g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Z_UV0WCGIOHdsDcCO-2FVIB42g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6DD8/F04852421D8611E286118CDE08B02CD2/2DED29046A8E11EF948C2811C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 121.1.0.0/18 121.54.0.0/17 125.60.128.0/17 175.158.192.0/18 175.176.0.0/17 203.84.160.0/19 203.87.128.0/17 203.111.224.0/20 203.201.180.0/24 IPv6: 2407:9800:2000::/36 2407:9800:5000::-2407:9800:6fff:ffff:ffff:ffff:ffff:ffff 2407:9800:9000::/36 Signature Algorithm: sha256WithRSAEncryption 64:6f:d4:29:33:56:13:0f:22:9d:6d:9a:a0:0a:1c:ba:8e:da: ea:82:2f:7f:b4:3c:2c:eb:5e:3f:d9:1d:01:e2:7c:6c:95:b5: 63:76:45:5c:95:00:09:74:ac:70:ee:6b:6e:de:f7:d0:bb:87: 1b:48:c9:fb:cd:82:8c:10:8c:df:c2:9b:83:cb:d2:71:b3:c5: 0f:de:95:26:7b:16:c4:9b:c4:10:ca:e7:0e:f7:45:62:15:e2: 2a:b2:9f:16:bc:23:f5:8d:a0:55:73:e3:cc:c6:0f:48:4e:45: a8:fb:20:03:82:53:fd:d1:be:72:85:82:b5:cf:51:3e:22:0a: 54:d8:71:77:7d:76:34:b8:93:69:c8:96:be:b7:35:d8:3e:6a: 3e:eb:11:cb:69:61:c1:bb:00:71:dc:c6:f0:56:b2:4f:e1:ac: f3:10:27:fe:68:ff:99:af:cb:35:7b:cf:9f:97:85:4d:f1:a3: 50:12:7e:2c:41:ea:d7:48:df:ff:18:75:6b:ff:b5:e6:57:cb: 48:63:dd:1d:fd:8d:9d:e6:06:f9:3f:8f:72:f8:07:c9:fe:ec: ad:aa:5f:2e:ec:db:85:d8:63:3d:b7:bb:68:4a:b5:8f:41:cf: a3:1a:fe:eb:c7:72:ea:d4:e2:26:55:cc:76:64:ac:0a:88:93: 78:2c:66:71 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICNXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzZERDgxMTAvBgNVBAUTKEZEOUZENDU3NDU4MjE4ODM4Nzc2QzBEQzA4RUZCNjE1 NTIwMUUzNjgwHhcNMjUwNzAyMTQ1MDM1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MDI3ZC0zNzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu3456AX9nOrDfIQQ5T24lIy0bLusstRPlGx5mHW13QlIG3jS7LpRVfkvf/hI ywDvCYeC/XxK95cs6+5SnU2hAGue4yG4ijFnliYp4xUjsy+XwwsLKxAUoI5nZ5wx ++Oim/B1vLqs9NpZ8V9p+v+A0kCdRO/U8k6LXJm6P5g1eDd0SgvuKV9pR9HHAqSZ 5zhmTPvzsNAmmpGLKvF1DAXX9RQkjFDuOmSpstFCKb4fYOUNYoEJk2Eld+PDet7W BGXmUZZO13XEmm+qbVKLMgtnVhEkfiDg6MPkodcX37sGaeFhPnamI6MG7wTFu+td M/AvYMuoqw5yWqGrqXJG7iE3ZQIDAQABo4ICujCCArYwHQYDVR0OBBYEFKUzIv8B b3ejCmYiQjXcbn3hg5m6MB8GA1UdIwQYMBaAFP2f1FdFghiDh3bA3AjvthVSAeNo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkREOC9GMDQ4NTI0MjFE ODYxMUUyODYxMThDREUwOEIwMkNEMi9fWl9VVjBXQ0dJT0hkc0RjQ08tMkZWSUI0 MmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19aX1VWMFdDR0lPSGRzRGNDTy0yRlZJQjQyZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzZERDgvRjA0ODUyNDIxRDg2MTFFMjg2MTE4Q0RFMDhCMDJDRDIvMkRFRDI5MDQ2 QThFMTFFRjk0OEMyODExQzRGOUFFMDIucm9hMHkGCCsGAQUFBwEHAQH/BGowaDA8 BAIAATA2AwQGeQEAAwQHeTYAAwQHfTyAAwQGr57AAwQHr7AAAwQFy1SgAwQHy1eA AwQEy2/gAwQAy8m0MCgEAgACMCIDBgQkB5gAIDAQAwYEJAeYAFADBgQkB5gAYAMG BCQHmACQMA0GCSqGSIb3DQEBCwUAA4IBAQBkb9QpM1YTDyKdbZqgChy6jtrqgi9/ tDws614/2R0B4nxslbVjdkVclQAJdKxw7mtu3vfQu4cbSMn7zYKMEIzfwpuDy9Jx s8UP3pUmexbEm8QQyucO90ViFeIqsp8WvCP1jaBVc+PMxg9ITkWo+yADglP90b5y hYK1z1E+IgpU2HF3fXY0uJNpyJa+tzXYPmo+6xHLaWHBuwBx3MbwVrJP4azzECf+ aP+Zr8s1e8+fl4VN8aNQEn4sQerXSN//GHVr/7XmV8tIY90d/Y2d5gb5P49y+AfJ /uytql8u7NuF2GM9t7toSrWPQc+jGv7rx3Lq1OImVcx2ZKwKiJN4LGZx -----END CERTIFICATE-----Generated at Mon Mar 2 19:51:19 2026 by rpki-client