$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/42C9FE0C77ED11EBBFBAF568C4F9AE02.roa File: 42C9FE0C77ED11EBBFBAF568C4F9AE02.roa (raw, json) Hash identifier: I+CH/SNgAekgoeijRO8AP58tp3WAWOGEUMrYBEw43NE= Subject key identifier: 81:96:AE:E1:41:D5:8E:86:5E:51:A8:B5:FC:E8:91:63:7C:52:32:1A Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 1095 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/42C9FE0C77ED11EBBFBAF568C4F9AE02.roa Signing time: Fri 06 Mar 2026 18:24:04 +0000 ROA not before: Fri 06 Mar 2026 18:24:04 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 19905 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Mar 2026 18:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4245 (0x1095) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Mar 6 18:24:04 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69ab1bc4-1482 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:3c:89:0f:e0:8d:a4:99:5c:0f:0e:91:53:35: 43:3b:7e:48:1f:0e:ab:17:41:d7:9b:21:92:b9:f9: 17:db:44:f9:7e:ea:08:b9:91:62:0f:0a:d1:7c:99: 40:b6:ad:e7:61:1d:08:03:de:bc:41:21:00:57:e9: 73:b8:f1:c0:68:6c:7b:40:31:74:7f:0a:c6:13:d7: 3f:ce:36:e2:23:aa:e4:7a:fe:09:8b:f2:2d:c9:44: 6c:48:c5:d3:9e:38:96:16:60:ff:71:38:f2:df:96: 9e:47:51:f2:dc:e5:1c:b8:81:21:76:7e:50:d9:4e: 41:08:83:ae:1d:eb:3f:e6:cc:08:4d:d8:c0:c4:01: ce:70:e8:58:e3:c3:d8:3d:03:07:e3:e0:84:50:30: fd:f7:a4:8f:8b:e1:7d:1c:6a:cc:6e:25:05:77:02: 50:d3:fc:e5:72:07:b0:d7:65:37:96:de:91:90:c0: a2:2c:36:87:73:81:0a:73:fd:ff:5e:48:05:64:d0: e1:bf:44:5d:f0:94:04:1c:e9:e0:42:09:d4:f3:ff: b1:42:7c:17:ae:a0:dc:b8:2c:cf:40:5e:3c:6c:eb: 3a:db:f4:47:db:22:2c:a8:74:90:4a:4e:a2:68:82: bc:99:b3:98:32:3a:c3:fd:3c:49:42:52:f8:92:d3: 15:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:96:AE:E1:41:D5:8E:86:5E:51:A8:B5:FC:E8:91:63:7C:52:32:1A X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/42C9FE0C77ED11EBBFBAF568C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 16:cf:c5:3f:06:69:28:23:57:9a:71:b4:5a:74:67:7c:8a:24: a1:b8:90:d0:21:5b:dc:e6:fe:b9:d3:80:a9:50:91:0e:12:47: a6:c9:97:39:6b:2c:9f:67:48:3e:41:14:6f:ce:fe:1a:64:0c: 39:68:a2:ba:8b:75:a5:76:79:5a:1b:95:1c:0d:15:26:56:7a: 02:90:9f:1c:f5:1a:4d:bb:0f:9b:a6:b8:06:5b:fc:b3:cb:04: 78:f7:9a:ec:20:a4:29:54:6d:18:b8:7f:a3:6b:01:b7:9f:1f: 10:40:20:37:8a:27:2c:73:b0:68:7e:84:14:fe:0d:5a:92:b5: 3a:68:62:24:df:38:6d:bf:7e:c8:3c:d9:b7:60:01:0d:75:3c: 62:ff:79:b6:58:0e:55:8b:e2:82:09:5f:d6:ba:01:ff:48:34: d2:5c:8c:3e:3a:ee:bd:27:d6:cc:67:86:a2:6b:bb:5e:20:2b: 14:45:bd:4d:48:98:f7:96:ed:52:aa:3f:b9:9d:27:71:c7:64: 1e:a4:27:72:1e:3c:80:20:9a:44:7b:29:99:a0:fb:a9:15:07: fe:5a:62:8b:a2:ea:0c:d2:6d:84:22:6e:da:80:8a:a6:01:6a: 80:06:60:cc:a4:fa:bf:f8:8f:70:5b:67:f3:d0:bb:eb:66:fe: ae:a3:4e:dd -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgICEJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjYwMzA2MTgyNDA0WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWFiMWJjNC0xNDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyzyJD+CNpJlcDw6RUzVDO35IHw6rF0HXmyGSufkX20T5fuoIuZFiDwrRfJlA tq3nYR0IA968QSEAV+lzuPHAaGx7QDF0fwrGE9c/zjbiI6rkev4Ji/ItyURsSMXT njiWFmD/cTjy35aeR1Hy3OUcuIEhdn5Q2U5BCIOuHes/5swITdjAxAHOcOhY48PY PQMH4+CEUDD996SPi+F9HGrMbiUFdwJQ0/zlcgew12U3lt6RkMCiLDaHc4EKc/3/ XkgFZNDhv0Rd8JQEHOngQgnU8/+xQnwXrqDcuCzPQF48bOs62/RH2yIsqHSQSk6i aIK8mbOYMjrD/TxJQlL4ktMVNwIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFIGWruFB 1Y6GXlGotfzokWN8UjIaMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNDJDOUZFMEM3 N0VEMTFFQkJGQkFGNTY4QzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAa BAIAATAUMAwDBAJ4HfwDBAB4Hf4DBADLEUgwIwQCAAIwHTASAwcAIAENzQABAwcD IAENzQAAAwcAIAENzd0FMA0GCSqGSIb3DQEBCwUAA4IBAQAWz8U/BmkoI1eacbRa dGd8iiShuJDQIVvc5v6504CpUJEOEkemyZc5ayyfZ0g+QRRvzv4aZAw5aKK6i3Wl dnlaG5UcDRUmVnoCkJ8c9RpNuw+bprgGW/yzywR495rsIKQpVG0YuH+jawG3nx8Q QCA3iicsc7BofoQU/g1akrU6aGIk3zhtv37IPNm3YAENdTxi/3m2WA5Vi+KCCV/W ugH/SDTSXIw+Ou69J9bMZ4aia7teICsURb1NSJj3lu1Sqj+5nSdxx2QepCdyHjyA IJpEeymZoPupFQf+WmKLouoM0m2EIm7agIqmAWqABmDMpPq/+I9wW2fz0LvrZv6u o07d -----END CERTIFICATE-----Generated at Fri Mar 13 10:38:51 2026 by rpki-client