$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/796A04A6BA1A11F08C920A83C4F9AE02.roa File: 796A04A6BA1A11F08C920A83C4F9AE02.roa (raw, json) Hash identifier: ypLlMr/LNjZg16pw+UIO3Fp6461Fmui5r1d2RFjlO48= Subject key identifier: 99:7A:33:D0:4C:B7:49:63:95:A0:31:22:E4:B0:BF:47:96:0B:31:B4 Certificate issuer: /CN=A91FEEA9/serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Certificate serial: 3520 Authority key identifier: 29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/796A04A6BA1A11F08C920A83C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:26:35 +0000 ROA not before: Wed 05 Nov 2025 07:38:52 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 134375 IP address blocks: 119.252.192.0/23 maxlen: 24 119.252.194.0/23 maxlen: 23 119.252.194.0/24 maxlen: 24 119.252.195.0/24 maxlen: 24 119.252.196.0/22 maxlen: 24 119.252.200.0/21 maxlen: 24 119.252.210.0/23 maxlen: 24 119.252.216.0/22 maxlen: 24 119.252.220.0/23 maxlen: 24 119.252.222.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:34:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13600 (0x3520) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FEEA9, serialNumber=2941C7161ED4A2E09BB91CABC443C8CCBC032ED8 Validity Not Before: Nov 5 07:38:52 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a45aab-e8a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a7:f5:60:b4:56:b5:00:03:05:00:d0:92:e7: ae:f3:60:da:a6:1b:d6:97:03:06:fc:aa:7f:32:b8: 53:28:5c:23:cd:6a:40:5f:f2:fb:76:46:9f:be:44: f3:e0:48:05:5d:cd:20:52:6d:56:46:92:cb:93:38: 10:dc:5c:3b:a4:7b:d1:2a:76:a9:93:cc:a0:7c:e7: af:db:65:d0:db:6b:8a:a8:c0:39:64:7a:b9:e8:3c: ec:f7:d4:f4:f0:47:02:bb:fd:26:e7:88:86:79:db: b0:ea:2f:3f:75:75:77:c5:d5:87:0f:8f:47:c8:1d: 81:3e:95:fa:2d:04:4f:15:fc:74:24:38:0f:6d:6a: 71:22:41:64:c2:e8:e5:f6:4c:1a:67:10:46:ca:53: 65:1a:21:a4:83:75:34:8c:02:e1:9e:d3:e5:82:8f: 78:fd:46:8f:99:70:78:56:3d:f0:07:11:cd:df:1e: 7e:0b:43:d7:60:aa:52:28:d2:8d:99:43:d9:62:87: 40:1d:4c:e8:bb:d4:6a:7e:bb:ab:44:b9:e0:91:b0: 8a:c0:e6:60:47:01:d4:71:b2:09:43:f1:31:7e:b6: 6f:b8:8d:ac:29:17:f7:c9:9c:c8:43:7b:7f:5f:20: 93:83:d3:64:5c:b9:02:87:1d:10:70:a5:da:ed:ac: 6d:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:7A:33:D0:4C:B7:49:63:95:A0:31:22:E4:B0:BF:47:96:0B:31:B4 X509v3 Authority Key Identifier: keyid:29:41:C7:16:1E:D4:A2:E0:9B:B9:1C:AB:C4:43:C8:CC:BC:03:2E:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/KUHHFh7UouCbuRyrxEPIzLwDLtg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUHHFh7UouCbuRyrxEPIzLwDLtg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEEA9/CED0A9E61D9711E2BF3E818108B02CD2/796A04A6BA1A11F08C920A83C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 119.252.192.0/20 119.252.210.0/23 119.252.216.0/21 Signature Algorithm: sha256WithRSAEncryption 17:2b:df:aa:8a:d2:47:f3:70:a4:52:be:1d:c5:2e:b3:7f:c0: bf:43:e0:c5:4a:3b:0f:d3:c4:57:2c:60:09:50:3c:4e:db:e7: 7f:ba:1f:ad:c0:d0:de:34:d8:96:9f:93:fd:2f:b4:5f:35:7e: 1b:9a:79:9d:b1:a8:1e:0b:01:1d:4e:7a:d5:e0:05:32:18:3f: ca:a8:85:1c:d6:ba:79:17:17:52:8e:03:69:e1:88:59:7d:15: 02:19:fc:14:2f:80:70:1b:ab:4a:2e:d1:c4:76:13:15:b0:6f: a7:8d:d0:54:3d:31:c5:2c:a3:80:30:41:8e:6a:12:5f:b7:12: 63:ae:a9:3d:04:de:b5:63:88:6f:2a:4e:ad:fc:7f:66:dd:3b: 27:ee:ab:55:ef:8c:ea:a5:cc:ff:86:f3:fc:5b:c5:f7:bf:e7: 67:8f:91:be:56:9e:f5:8f:05:3e:26:a1:bd:ce:bc:e0:9a:b8: f5:f0:ff:bc:88:4d:52:e6:c4:fb:44:9d:b0:62:7a:05:f0:98: 86:12:4e:c6:d8:b9:18:05:a5:79:4a:82:14:5d:48:2f:25:07: 96:f2:63:a8:0e:fd:04:ce:f2:ac:c1:47:4c:bf:e6:43:aa:dc: a3:22:9c:b8:bc:de:8d:cd:da:62:ab:9a:52:85:a0:68:01:cf: e4:e5:80:74 -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgICNSAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkVFQTkxMTAvBgNVBAUTKDI5NDFDNzE2MUVENEEyRTA5QkI5MUNBQkM0NDNDOEND QkMwMzJFRDgwHhcNMjUxMTA1MDczODUyWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWFhYi1lOGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoaf1YLRWtQADBQDQkueu82DaphvWlwMG/Kp/MrhTKFwjzWpAX/L7dkafvkTz 4EgFXc0gUm1WRpLLkzgQ3Fw7pHvRKnapk8ygfOev22XQ22uKqMA5ZHq56Dzs99T0 8EcCu/0m54iGeduw6i8/dXV3xdWHD49HyB2BPpX6LQRPFfx0JDgPbWpxIkFkwujl 9kwaZxBGylNlGiGkg3U0jALhntPlgo94/UaPmXB4Vj3wBxHN3x5+C0PXYKpSKNKN mUPZYodAHUzou9RqfrurRLngkbCKwOZgRwHUcbIJQ/ExfrZvuI2sKRf3yZzIQ3t/ XyCTg9NkXLkChx0QcKXa7axtsQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFJl6M9BM t0ljlaAxIuSwv0eWCzG0MB8GA1UdIwQYMBaAFClBxxYe1KLgm7kcq8RDyMy8Ay7Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRUVBOS9DRUQwQTlFNjFE OTcxMUUyQkYzRTgxODEwOEIwMkNEMi9LVUhIRmg3VW91Q2J1UnlyeEVQSXpMd0RM dGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVSEhGaDdVb3VDYnVSeXJ4RVBJekx3REx0Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkVFQTkvQ0VEMEE5RTYxRDk3MTFFMkJGM0U4MTgxMDhCMDJDRDIvNzk2QTA0QTZC QTFBMTFGMDhDOTIwQTgzQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQEd/zAAwQBd/zSAwQDd/zYMA0GCSqGSIb3DQEBCwUAA4IBAQAXK9+q itJH83CkUr4dxS6zf8C/Q+DFSjsP08RXLGAJUDxO2+d/uh+twNDeNNiWn5P9L7Rf NX4bmnmdsageCwEdTnrV4AUyGD/KqIUc1rp5FxdSjgNp4YhZfRUCGfwUL4BwG6tK LtHEdhMVsG+njdBUPTHFLKOAMEGOahJftxJjrqk9BN61Y4hvKk6t/H9m3Tsn7qtV 74zqpcz/hvP8W8X3v+dnj5G+Vp71jwU+JqG9zrzgmrj18P+8iE1S5sT7RJ2wYnoF 8JiGEk7G2LkYBaV5SoIUXUgvJQeW8mOoDv0EzvKswUdMv+ZDqtyjIpy4vN6Nzdpi q5pShaBoAc/k5YB0 -----END CERTIFICATE-----Generated at Mon Mar 2 06:20:07 2026 by rpki-client