$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/AD17704445F611EE97DF317CC4F9AE02.roa File: AD17704445F611EE97DF317CC4F9AE02.roa (raw, json) Hash identifier: /vhmP+Y6Yb84j9vhzg0Zbk6HCi7aZS+Km8vmqSzsrmM= Subject key identifier: EE:85:51:AA:30:9C:8F:05:6D:9D:41:58:19:10:3B:04:A6:96:78:C0 Certificate issuer: /CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002 Certificate serial: 0454 Authority key identifier: 6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/AD17704445F611EE97DF317CC4F9AE02.roa Signing time: Sun 01 Mar 2026 16:39:34 +0000 ROA not before: Wed 10 Dec 2025 23:08:26 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 137549 IP address blocks: 125.254.120.0/21 maxlen: 21 125.254.120.0/22 maxlen: 22 125.254.124.0/22 maxlen: 22 202.169.16.0/21 maxlen: 21 202.169.16.0/22 maxlen: 22 202.169.16.0/23 maxlen: 23 202.169.18.0/23 maxlen: 23 202.169.20.0/23 maxlen: 23 202.169.20.0/24 maxlen: 24 202.169.21.0/24 maxlen: 24 202.169.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1108 (0x454) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1216, serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002 Validity Not Before: Dec 10 23:08:26 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a46bc5-4d7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a4:c3:f8:d1:12:09:46:10:ca:96:1a:92:4d: 34:80:0c:2d:e8:5b:e9:6e:eb:c4:39:5b:f9:ed:a0: 4f:7f:7b:c7:36:5a:0d:ef:44:65:d7:7d:48:6d:b3: 0d:c3:d0:59:b0:04:2f:25:b2:7a:04:6b:bf:ad:84: fb:d9:89:5f:6e:0f:45:26:71:02:4a:26:6f:3f:be: 55:5a:5f:22:0a:ae:16:1a:6b:be:2a:02:67:27:62: 24:1e:1c:a6:fd:0d:39:dc:a2:eb:a9:34:7b:85:e2: 46:bc:d4:e9:08:f5:34:87:85:d3:de:5b:e1:a4:1f: 13:3b:d8:cf:4b:97:23:75:3b:6b:8c:2b:45:99:4c: 81:c2:76:fa:fd:77:24:1a:b6:07:89:21:d9:18:93: ef:41:f5:be:69:7b:c3:9f:da:e3:21:7b:aa:e9:44: 0d:26:fb:89:3c:5f:bd:76:68:74:ed:9b:84:25:04: 82:e2:e1:fa:b5:2c:9c:10:18:dc:12:80:3f:1f:f2: 30:73:0c:a7:83:e2:8a:06:7e:e7:2f:9a:27:1e:fb: b6:e8:01:c2:03:0b:60:e6:50:c7:67:37:af:a8:f2: d9:6f:71:d0:82:40:a8:ba:3e:c1:4a:7f:ac:e4:a9: 93:ba:70:dd:27:05:bf:d6:12:cf:c0:49:fb:12:45: c0:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:85:51:AA:30:9C:8F:05:6D:9D:41:58:19:10:3B:04:A6:96:78:C0 X509v3 Authority Key Identifier: keyid:6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/AD17704445F611EE97DF317CC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 125.254.120.0/21 202.169.16.0/21 Signature Algorithm: sha256WithRSAEncryption 94:2d:22:56:9d:fd:a0:86:44:73:60:e5:18:70:54:de:c9:23: 0b:71:b8:4a:86:7f:86:4b:f5:b8:89:f4:ce:67:d8:5f:32:e2: 39:6c:7c:a1:dc:ee:da:2f:b9:08:d0:56:29:f6:24:d0:45:d3: 89:cb:f5:71:71:fc:91:8b:d4:95:9e:85:d2:5a:98:35:fd:42: 33:d9:f2:b3:6c:a6:a6:bb:a0:44:2d:6e:9c:1a:b1:0c:9e:08: d1:58:ff:dd:4e:ee:f7:e5:32:84:53:81:9a:4f:fb:85:2a:07: 31:8c:96:ee:c0:5d:c7:73:50:d6:02:d0:04:8d:e8:6f:31:bf: 88:89:75:bd:af:a9:39:9b:bc:6e:a5:65:c3:af:54:b0:03:45: 6c:29:2a:d8:91:87:25:45:76:6e:85:41:76:54:f5:5e:a9:71: de:90:4a:db:bd:3a:95:75:e9:6f:eb:e6:66:38:9c:ee:84:93: f9:80:45:1d:91:6a:65:31:9a:58:9f:5b:8d:ad:06:98:95:8d: db:ab:72:07:7c:0a:14:7f:60:a5:00:ca:a0:c6:a8:33:35:ff: fe:2f:3c:25:f5:7d:54:b1:c2:5d:23:ea:a8:a7:2a:a9:44:37: 9f:74:3d:ce:42:15:7f:e4:19:8f:c7:e2:fe:1f:0a:29:9a:31: c8:31:97:96 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICBFQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEyMTYxMTAvBgNVBAUTKDZEQkQ1QzREMDEyMUZDQjMxOEU3OEM0NTFCNkY1Njcz MjA5ODYwMDIwHhcNMjUxMjEwMjMwODI2WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NmJjNS00ZDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1qTD+NESCUYQypYakk00gAwt6FvpbuvEOVv57aBPf3vHNloN70Rl131IbbMN w9BZsAQvJbJ6BGu/rYT72Ylfbg9FJnECSiZvP75VWl8iCq4WGmu+KgJnJ2IkHhym /Q053KLrqTR7heJGvNTpCPU0h4XT3lvhpB8TO9jPS5cjdTtrjCtFmUyBwnb6/Xck GrYHiSHZGJPvQfW+aXvDn9rjIXuq6UQNJvuJPF+9dmh07ZuEJQSC4uH6tSycEBjc EoA/H/Iwcwyng+KKBn7nL5onHvu26AHCAwtg5lDHZzevqPLZb3HQgkCouj7BSn+s 5KmTunDdJwW/1hLPwEn7EkXANwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFO6FUaow nI8FbZ1BWBkQOwSmlnjAMB8GA1UdIwQYMBaAFG29XE0BIfyzGOeMRRtvVnMgmGAC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTIxNi9EQzc4MjY4Q0I5 NEIxMUVDODMyQjc0MTlDNEY5QUUwMi9iYjFjVFFFaF9MTVk1NHhGRzI5V2N5Q1lZ QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JiMWNUUUVoX0xNWTU0eEZHMjlXY3lDWVlBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDEyMTYvREM3ODI2OENCOTRCMTFFQzgzMkI3NDE5QzRGOUFFMDIvQUQxNzcwNDQ0 NUY2MTFFRTk3REYzMTdDQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQDff54AwQDyqkQMA0GCSqGSIb3DQEBCwUAA4IBAQCULSJWnf2ghkRz YOUYcFTeySMLcbhKhn+GS/W4ifTOZ9hfMuI5bHyh3O7aL7kI0FYp9iTQRdOJy/Vx cfyRi9SVnoXSWpg1/UIz2fKzbKamu6BELW6cGrEMngjRWP/dTu735TKEU4GaT/uF KgcxjJbuwF3Hc1DWAtAEjehvMb+IiXW9r6k5m7xupWXDr1SwA0VsKSrYkYclRXZu hUF2VPVeqXHekErbvTqVdelv6+ZmOJzuhJP5gEUdkWplMZpYn1uNrQaYlY3bq3IH fAoUf2ClAMqgxqgzNf/+Lzwl9X1UscJdI+qopyqpRDefdD3OQhV/5BmPx+L+Hwop mjHIMZeW -----END CERTIFICATE-----Generated at Mon Mar 2 03:52:03 2026 by rpki-client