$ rpki-client -vvf rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/D4FD4D5237DE11EEA2885B71C4F9AE02.roa File: D4FD4D5237DE11EEA2885B71C4F9AE02.roa (raw, json) Hash identifier: 5Azeat64UaJSRzDOM2P6Kkkb+THHbSMAWvM1sc789yk= Subject key identifier: A6:2B:E8:28:C9:41:0E:85:5B:C6:93:23:B4:40:AE:00:BC:74:EC:7F Certificate issuer: /CN=A912CB2A/serialNumber=147E9756439D9DB7156134AC78F91C233B9392A7 Certificate serial: 0722 Authority key identifier: 14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/D4FD4D5237DE11EEA2885B71C4F9AE02.roa Signing time: Sun 01 Mar 2026 16:48:08 +0000 ROA not before: Tue 16 Dec 2025 22:18:39 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 9723 IP address blocks: 121.52.192.0/22 maxlen: 22 121.52.196.0/23 maxlen: 23 121.52.198.0/24 maxlen: 24 121.52.199.0/24 maxlen: 24 202.74.64.0/21 maxlen: 21 203.31.82.0/24 maxlen: 24 210.56.152.0/24 maxlen: 24 210.56.153.0/24 maxlen: 24 210.56.154.0/24 maxlen: 24 210.56.155.0/24 maxlen: 24 210.56.156.0/24 maxlen: 24 210.56.157.0/24 maxlen: 24 210.56.158.0/24 maxlen: 24 210.56.159.0/24 maxlen: 24 2403:6900:c000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.crl rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Mar 2026 21:49:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1826 (0x722) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CB2A, serialNumber=147E9756439D9DB7156134AC78F91C233B9392A7 Validity Not Before: Dec 16 22:18:39 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a46dc8-dad0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:55:8a:87:02:a6:a1:19:a6:9e:fa:4c:cd:f8: 89:4c:8f:ac:16:92:2e:d3:e2:ba:cf:9d:a6:82:a2: 72:34:d7:7a:70:a5:04:60:8e:a8:7b:0b:d7:1e:51: 4d:42:ea:fc:1e:a7:45:86:e8:53:d3:ba:49:97:a2: 93:3c:ac:65:6b:dc:2d:66:24:07:79:84:e6:1b:1e: 79:f0:d2:2d:5a:80:23:7c:bf:28:5d:74:f2:f7:32: 50:11:33:83:12:45:6d:07:92:b6:9e:15:fc:23:11: cc:8a:d8:72:d6:55:ca:c5:41:20:6b:54:93:05:4a: 61:3a:1b:d7:7e:31:07:cb:48:5a:55:c6:7b:46:6c: 71:67:15:8a:2e:90:ca:56:bc:77:ba:d4:8d:9b:cf: df:81:57:f6:d4:47:8c:59:5c:36:31:1e:e8:0e:07: 5e:cb:33:ba:cc:d2:31:fc:1b:2a:ed:83:5d:8c:1d: 28:85:7a:88:62:8b:58:0d:4b:66:91:0f:ac:02:1b: e1:9e:01:d5:c8:ca:1e:e2:1b:9f:b5:f9:1b:97:e6: 3d:c3:39:e9:37:1a:17:72:e5:0b:bf:09:e1:a8:73: 6f:d7:fa:1d:ae:54:4b:58:47:68:91:6d:80:aa:22: fd:8a:b3:6b:10:3c:6d:68:a4:2a:d6:42:ec:de:4e: e1:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:2B:E8:28:C9:41:0E:85:5B:C6:93:23:B4:40:AE:00:BC:74:EC:7F X509v3 Authority Key Identifier: keyid:14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/D4FD4D5237DE11EEA2885B71C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 121.52.192.0/21 202.74.64.0/21 203.31.82.0/24 210.56.152.0/21 IPv6: 2403:6900:c000::/36 Signature Algorithm: sha256WithRSAEncryption 53:cc:bc:96:a4:10:02:f7:eb:f8:f5:1b:06:af:22:ee:83:82: a1:8c:19:ff:43:ce:0d:4d:e7:78:76:04:2e:ad:3d:e6:41:2e: 3b:66:4b:c4:79:49:78:61:be:27:7b:6f:06:46:28:38:12:7d: bf:ef:b9:e0:73:52:11:14:3c:d4:ab:b8:6d:78:27:06:0a:29: 60:e0:5d:da:af:96:04:29:2f:73:7a:aa:3a:df:20:15:c6:fb: c4:08:14:b9:67:b3:6e:f6:7d:2c:72:32:f2:c3:69:db:ca:c4: 5a:36:62:ce:4b:27:7c:b4:62:2b:7e:5e:47:ce:56:99:cd:79: 80:38:c7:f4:f6:16:ca:71:56:be:0f:1f:14:64:4b:93:8c:ae: 44:80:2e:77:18:54:47:8b:30:7a:03:e6:77:cd:c5:26:6e:4b: 3a:3b:c0:ad:5a:f5:99:67:49:36:72:b0:84:db:54:bf:c7:86: b2:cd:cb:75:4a:db:a8:69:35:36:58:4d:ee:8d:92:ab:82:15: 4b:a8:1c:cf:31:73:c5:49:7f:6a:ae:a5:c8:8a:5c:b0:ec:0e: 0e:9e:5a:28:00:56:3f:5c:d2:43:68:0d:89:ac:9b:b4:f9:37: 2d:17:ac:d7:86:b2:28:63:00:06:47:cf:39:e5:0f:90:aa:8f: 58:35:c6:e1 -----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgICByIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNCMkExMTAvBgNVBAUTKDE0N0U5NzU2NDM5RDlEQjcxNTYxMzRBQzc4RjkxQzIz M0I5MzkyQTcwHhcNMjUxMjE2MjIxODM5WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NmRjOC1kYWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAslWKhwKmoRmmnvpMzfiJTI+sFpIu0+K6z52mgqJyNNd6cKUEYI6oewvXHlFN Qur8HqdFhuhT07pJl6KTPKxla9wtZiQHeYTmGx558NItWoAjfL8oXXTy9zJQETOD EkVtB5K2nhX8IxHMithy1lXKxUEga1STBUphOhvXfjEHy0haVcZ7RmxxZxWKLpDK Vrx3utSNm8/fgVf21EeMWVw2MR7oDgdeyzO6zNIx/Bsq7YNdjB0ohXqIYotYDUtm kQ+sAhvhngHVyMoe4huftfkbl+Y9wznpNxoXcuULvwnhqHNv1/odrlRLWEdokW2A qiL9irNrEDxtaKQq1kLs3k7hwQIDAQABo4ICgjCCAn4wHQYDVR0OBBYEFKYr6CjJ QQ6FW8aTI7RArgC8dOx/MB8GA1UdIwQYMBaAFBR+l1ZDnZ23FWE0rHj5HCM7k5Kn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0IyQS9FMDFDN0E4NDkw RTAxMUVCQTEwNTg3MUZDNEY5QUUwMi9GSDZYVmtPZG5iY1ZZVFNzZVBrY0l6dVRr cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZINlhWa09kbmJjVllUU3NlUGtjSXp1VGtxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkNCMkEvRTAxQzdBODQ5MEUwMTFFQkExMDU4NzFGQzRGOUFFMDIvRDRGRDRENTIz N0RFMTFFRUEyODg1QjcxQzRGOUFFMDIucm9hMEEGCCsGAQUFBwEHAQH/BDIwMDAe BAIAATAYAwQDeTTAAwQDykpAAwQAyx9SAwQD0jiYMA4EAgACMAgDBgQkA2kAwDAN BgkqhkiG9w0BAQsFAAOCAQEAU8y8lqQQAvfr+PUbBq8i7oOCoYwZ/0PODU3neHYE Lq095kEuO2ZLxHlJeGG+J3tvBkYoOBJ9v++54HNSERQ81Ku4bXgnBgopYOBd2q+W BCkvc3qqOt8gFcb7xAgUuWezbvZ9LHIy8sNp28rEWjZizksnfLRiK35eR85Wmc15 gDjH9PYWynFWvg8fFGRLk4yuRIAudxhUR4swegPmd83FJm5LOjvArVr1mWdJNnKw hNtUv8eGss3LdUrbqGk1NlhN7o2Sq4IVS6gczzFzxUl/aq6lyIpcsOwODp5aKABW P1zSQ2gNiaybtPk3LRes14ayKGMABkfPOeUPkKqPWDXG4Q== -----END CERTIFICATE-----Generated at Fri Mar 13 11:19:32 2026 by rpki-client