$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4F2C2040066011EEA5F59657C4F9AE02.roa File: 4F2C2040066011EEA5F59657C4F9AE02.roa (raw, json) Hash identifier: df4T+8kKgmclPQK7lzkDUHkudMw5ipylEpFP33N2aB0= Subject key identifier: 21:49:4E:BB:AC:8D:4B:0D:48:B8:C1:9F:0B:26:16:5F:CB:A9:72:DD Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Certificate serial: 2046 Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4F2C2040066011EEA5F59657C4F9AE02.roa Signing time: Sun 01 Mar 2026 19:12:45 +0000 ROA not before: Sat 30 Aug 2025 16:35:41 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 4812 IP address blocks: 116.232.0.0/16 maxlen: 24 124.74.0.0/16 maxlen: 24 124.75.0.0/16 maxlen: 16 124.76.0.0/15 maxlen: 24 124.78.0.0/15 maxlen: 24 202.96.194.0/24 maxlen: 24 202.101.0.0/19 maxlen: 24 202.101.32.0/19 maxlen: 19 202.109.0.0/18 maxlen: 18 202.109.64.0/18 maxlen: 24 218.1.0.0/16 maxlen: 24 218.30.132.0/24 maxlen: 24 222.68.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Mar 2026 16:09:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8262 (0x2046) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE4, serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Validity Not Before: Aug 30 16:35:41 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a48fad-87e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:52:8a:9b:b1:fb:84:be:1b:51:f3:22:3a:c7: e1:1a:bd:60:c4:29:83:5f:80:28:9a:42:52:c0:c0: 7e:01:91:40:4d:0c:c3:9c:fd:e0:1d:5e:9b:45:4d: 3e:00:13:98:e3:ac:f3:45:11:b4:e5:5b:01:a3:8e: f5:39:46:86:33:63:d3:ed:f2:01:18:ab:67:39:8a: e4:25:57:85:ab:b7:64:0e:8b:ca:01:44:f0:fa:62: 36:20:2c:f5:20:37:77:6c:61:ae:46:bf:29:ff:02: a7:cd:ff:4a:2f:ff:bc:92:1c:b5:b5:90:fa:1d:fa: 9a:37:c3:1a:b8:e5:b6:d0:e4:8c:a8:3b:b4:8b:69: 34:1c:69:71:79:b6:87:f2:10:03:4f:f1:c8:a9:9d: 44:dc:7b:e1:9e:28:9d:a9:85:bb:60:8e:b3:13:e7: cd:03:69:57:06:1f:d7:35:36:5b:6e:d4:79:29:72: bf:dc:b8:a3:c0:ef:3e:17:5d:d8:a3:e2:e6:d2:cb: c6:52:da:6d:92:de:83:08:fa:01:fc:c9:01:7a:db: 7a:3c:81:df:78:99:fc:a5:fd:e0:20:68:2d:61:28: 2a:91:2e:85:b1:42:ef:95:38:0e:91:5c:09:05:12: f2:2a:6d:0b:85:31:62:b0:ef:c3:56:3b:d2:5c:81: ba:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:49:4E:BB:AC:8D:4B:0D:48:B8:C1:9F:0B:26:16:5F:CB:A9:72:DD X509v3 Authority Key Identifier: keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/4F2C2040066011EEA5F59657C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 116.232.0.0/16 124.74.0.0-124.79.255.255 202.96.194.0/24 202.101.0.0/18 202.109.0.0/17 218.1.0.0/16 218.30.132.0/24 222.68.240.0/20 Signature Algorithm: sha256WithRSAEncryption a9:db:97:9a:e4:0e:c8:57:32:20:1f:9e:b7:14:ca:85:ec:70: 7c:1d:b7:ab:9c:9b:e1:25:ae:34:30:cf:a4:1d:0b:d2:02:6b: 75:23:60:0b:1a:34:62:c1:39:90:45:79:98:4e:5c:ba:c1:08: 39:f1:ef:2f:e7:0a:19:9b:08:f7:c2:51:cc:b6:31:bd:53:4f: a7:9c:f6:46:f2:96:86:6b:d5:84:37:f7:62:b0:e1:41:cf:a3: 31:25:64:c8:54:a6:d6:84:44:14:ba:ea:9f:7e:16:9d:c7:d4: 89:83:a1:67:ac:21:9a:c8:fb:bd:c9:0d:29:99:a7:d0:ad:d6: a3:94:51:23:14:ee:0f:8c:92:16:15:fc:a1:bf:e3:2f:bf:20: 11:c7:23:21:75:ed:f1:b0:2a:3d:26:10:41:98:f8:57:c2:5c: 28:f4:2b:e7:50:7f:ec:a4:51:0f:a7:88:f0:62:ca:86:28:27: bb:3d:24:07:c6:59:14:25:17:85:70:db:ea:f7:a0:89:ab:93: 95:e0:74:f8:ba:8a:f6:94:91:b1:69:b1:81:2d:65:e7:06:f0: f6:e1:3b:97:e6:01:f4:c4:9b:7d:7d:ca:62:ad:7e:c9:20:50: 14:b5:f4:c1:1e:12:04:cc:4a:cf:ba:de:b5:24:ba:9e:cf:c3: 70:02:00:99 -----BEGIN CERTIFICATE----- MIIFajCCBFKgAwIBAgICIEYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1 NkU4QUM4QkEwHhcNMjUwODMwMTYzNTQxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0OGZhZC04N2U5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxFKKm7H7hL4bUfMiOsfhGr1gxCmDX4AomkJSwMB+AZFATQzDnP3gHV6bRU0+ ABOY46zzRRG05VsBo471OUaGM2PT7fIBGKtnOYrkJVeFq7dkDovKAUTw+mI2ICz1 IDd3bGGuRr8p/wKnzf9KL/+8khy1tZD6HfqaN8MauOW20OSMqDu0i2k0HGlxebaH 8hADT/HIqZ1E3HvhniidqYW7YI6zE+fNA2lXBh/XNTZbbtR5KXK/3LijwO8+F13Y o+Lm0svGUtptkt6DCPoB/MkBett6PIHfeJn8pf3gIGgtYSgqkS6FsULvlTgOkVwJ BRLyKm0LhTFisO/DVjvSXIG6XQIDAQABo4ICjjCCAoowHQYDVR0OBBYEFCFJTrus jUsNSLjBnwsmFl/LqXLdMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1 NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5 TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNEYyQzIwNDAw NjYwMTFFRUE1RjU5NjU3QzRGOUFFMDIucm9hME0GCCsGAQUFBwEHAQH/BD4wPDA6 BAIAATA0AwMAdOgwCgMDAXxKAwMEfEADBADKYMIDBAbKZQADBAfKbQADAwDaAQME ANoehAMEBN5E8DANBgkqhkiG9w0BAQsFAAOCAQEAqduXmuQOyFcyIB+etxTKhexw fB23q5yb4SWuNDDPpB0L0gJrdSNgCxo0YsE5kEV5mE5cusEIOfHvL+cKGZsI98JR zLYxvVNPp5z2RvKWhmvVhDf3YrDhQc+jMSVkyFSm1oREFLrqn34WncfUiYOhZ6wh msj7vckNKZmn0K3Wo5RRIxTuD4ySFhX8ob/jL78gEccjIXXt8bAqPSYQQZj4V8Jc KPQr51B/7KRRD6eI8GLKhignuz0kB8ZZFCUXhXDb6vegiauTleB0+LqK9pSRsWmx gS1l5wbw9uE7l+YB9MSbfX3KYq1+ySBQFLX0wR4SBMxKz7retSS6ns/DcAIAmQ== -----END CERTIFICATE-----Generated at Thu Mar 12 19:53:01 2026 by rpki-client