$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/543B65D209B111EAB045B31EC4F9AE02.roa File: 543B65D209B111EAB045B31EC4F9AE02.roa (raw, json) Hash identifier: MRSAvkadtL1P0gDKBKtXFH5OROEYfyTnwLkZj4wIudU= Subject key identifier: 14:5B:39:EB:F9:6E:26:C3:A1:54:23:70:BC:11:1B:5F:D6:E9:9B:6D Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 109E Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/543B65D209B111EAB045B31EC4F9AE02.roa Signing time: Fri 06 Mar 2026 18:24:21 +0000 ROA not before: Fri 06 Mar 2026 18:24:21 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 397221 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Mar 2026 18:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4254 (0x109e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Mar 6 18:24:21 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69ab1bd5-bd36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:2b:d5:4b:10:5f:2a:75:12:d1:f4:b0:b7:c7: 78:93:4c:0d:33:d3:20:ec:58:79:63:53:61:c7:13: 81:e4:1e:fd:e5:c0:45:0f:8e:84:3a:a1:aa:75:dd: c9:dc:86:b4:10:55:b8:06:fd:ad:78:d5:ee:09:55: 51:1e:ba:02:0e:de:59:ba:20:f4:07:50:04:7c:d2: e1:82:01:c7:b0:da:f4:c7:32:aa:c6:53:a3:2e:a5: 23:5d:27:62:6c:a1:2c:7a:a6:85:d3:15:0a:fa:cb: f8:86:c1:cc:e8:a5:0b:00:81:ee:c3:3f:8c:ec:8e: 89:5a:4f:22:ba:21:3b:85:83:d2:77:80:05:66:b8: 96:7d:42:cf:58:8b:55:00:dd:5d:11:2b:98:52:9a: 85:6d:e0:42:83:ed:71:de:81:42:8a:95:4b:73:f9: db:83:79:0f:dc:3a:28:dc:c5:98:cd:3b:27:12:69: 16:41:55:3f:e3:fe:fd:c1:4d:b0:52:53:93:e1:f4: bf:2c:47:22:04:65:f4:8f:50:62:f7:f7:d4:85:55: a3:4b:8c:b1:30:fa:c0:1b:b2:72:21:7b:e3:64:c7: 18:68:0e:39:fa:a9:06:de:89:9f:20:a7:d9:ee:c6: e4:0a:af:61:fd:32:19:f0:5f:5e:2f:33:7d:46:d5: be:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:5B:39:EB:F9:6E:26:C3:A1:54:23:70:BC:11:1B:5F:D6:E9:9B:6D X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/543B65D209B111EAB045B31EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 8d:15:3d:f1:20:10:bf:e2:7e:91:6b:3d:97:5a:9a:ee:98:43: 6c:f9:fd:fb:f4:e1:9c:d7:c2:99:2b:f8:16:0b:de:5a:5e:12: fc:8a:90:19:96:86:cb:56:dd:f3:21:29:f8:e5:80:9f:8b:ca: 8a:b5:99:6f:26:fe:d2:c6:55:4e:79:b4:59:c7:25:1d:2f:a9: 94:7f:66:8c:5c:1d:6e:ab:2b:a1:15:ce:83:ef:77:63:6f:cb: c6:15:4e:20:07:06:6a:d3:17:90:36:06:1f:8e:21:ce:fd:a6: 78:2f:47:1f:70:22:10:50:89:94:db:fd:74:ff:ac:1d:f2:84: 00:53:cd:0a:50:34:ba:1e:03:f4:79:df:b2:96:0c:28:49:b1: 32:90:8e:c0:be:7d:f1:89:3f:87:11:e1:e8:db:ac:03:ef:7a: e3:e8:e3:93:35:47:e7:45:8a:3c:6d:91:8b:a9:cd:ed:c7:2a: 48:7e:89:98:24:b3:e8:bd:b0:07:8f:40:5a:ba:f9:4c:89:eb: 52:5e:fc:b4:e5:06:bf:ae:b7:32:f1:3b:79:87:7a:56:05:3d: 8b:e6:51:53:31:93:00:c6:48:03:53:12:f5:fa:ba:ab:f9:0c: 06:2e:e6:f2:36:79:15:36:bc:27:65:bf:f6:48:60:c4:13:ca: 12:3a:8e:f0 -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgICEJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjYwMzA2MTgyNDIxWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWFiMWJkNS1iZDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApCvVSxBfKnUS0fSwt8d4k0wNM9Mg7Fh5Y1NhxxOB5B795cBFD46EOqGqdd3J 3Ia0EFW4Bv2teNXuCVVRHroCDt5ZuiD0B1AEfNLhggHHsNr0xzKqxlOjLqUjXSdi bKEseqaF0xUK+sv4hsHM6KULAIHuwz+M7I6JWk8iuiE7hYPSd4AFZriWfULPWItV AN1dESuYUpqFbeBCg+1x3oFCipVLc/nbg3kP3Doo3MWYzTsnEmkWQVU/4/79wU2w UlOT4fS/LEciBGX0j1Bi9/fUhVWjS4yxMPrAG7JyIXvjZMcYaA45+qkG3omfIKfZ 7sbkCq9h/TIZ8F9eLzN9RtW+9wIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFBRbOev5 bibDoVQjcLwRG1/W6ZttMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNTQzQjY1RDIw OUIxMTFFQUIwNDVCMzFFQzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAa BAIAATAUMAwDBAJ4HfwDBAB4Hf4DBADLEUgwIwQCAAIwHTASAwcAIAENzQABAwcD IAENzQAAAwcAIAENzd0FMA0GCSqGSIb3DQEBCwUAA4IBAQCNFT3xIBC/4n6Raz2X WprumENs+f379OGc18KZK/gWC95aXhL8ipAZlobLVt3zISn45YCfi8qKtZlvJv7S xlVOebRZxyUdL6mUf2aMXB1uqyuhFc6D73djb8vGFU4gBwZq0xeQNgYfjiHO/aZ4 L0cfcCIQUImU2/10/6wd8oQAU80KUDS6HgP0ed+ylgwoSbEykI7Avn3xiT+HEeHo 26wD73rj6OOTNUfnRYo8bZGLqc3txypIfomYJLPovbAHj0BauvlMietSXvy05Qa/ rrcy8Tt5h3pWBT2L5lFTMZMAxkgDUxL1+rqr+QwGLubyNnkVNrwnZb/2SGDEE8oS Oo7w -----END CERTIFICATE-----Generated at Fri Mar 13 10:38:58 2026 by rpki-client