$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/585A89FE09B111EAB045B31EC4F9AE02.roa File: 585A89FE09B111EAB045B31EC4F9AE02.roa (raw, json) Hash identifier: 5ZWMOFY6DXuBeSqIwJx2t2rZFdmS9bsc57mae2rzuJI= Subject key identifier: CE:5C:FE:44:E4:5F:B4:94:F4:C7:89:5E:75:34:C2:D1:9F:90:33:20 Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 10B1 Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/585A89FE09B111EAB045B31EC4F9AE02.roa Signing time: Fri 06 Mar 2026 18:24:58 +0000 ROA not before: Fri 06 Mar 2026 18:24:58 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 397240 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Mar 2026 18:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4273 (0x10b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Mar 6 18:24:58 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69ab1bf9-d789 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e3:28:49:81:15:06:a4:b7:ea:4b:4b:0d:84: 8b:76:82:57:20:40:37:66:6c:84:08:6d:09:ae:7a: df:50:97:5b:61:00:ba:e7:af:f2:7a:bf:04:e1:1e: 86:67:16:d1:f2:8c:3a:95:b5:ed:39:ae:5f:14:60: 53:71:72:5e:85:ac:d2:f3:aa:b0:73:95:8f:86:64: ed:e4:13:a1:7a:ca:22:85:d3:36:cb:bc:9c:89:0d: 16:5f:f7:6d:35:d6:5d:f3:c4:9b:f2:13:31:d5:17: 06:90:3e:94:17:6f:ca:db:ef:88:2c:3e:fa:85:1c: c8:24:e4:76:1a:c4:db:71:05:36:c2:f1:a7:27:ec: 7f:ea:57:0a:2d:60:f9:c5:43:8d:0c:30:c8:45:d9: ec:bb:b6:b2:e3:9c:3c:56:87:45:d5:98:c0:c2:be: 32:02:5d:e0:4b:ad:e3:09:ab:49:e4:85:43:a8:2a: 6e:06:75:89:31:6f:13:e6:53:a1:0d:37:fb:04:0d: 47:57:e0:ac:74:30:0a:a2:c4:43:00:d3:4b:26:bc: df:bd:f6:a0:84:f5:89:38:ee:bd:49:49:ab:67:02: 43:f7:a9:4d:12:36:df:c6:02:68:fb:61:3a:74:fc: d4:ef:f0:26:65:34:de:7f:8c:9c:03:cd:33:31:48: b9:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:5C:FE:44:E4:5F:B4:94:F4:C7:89:5E:75:34:C2:D1:9F:90:33:20 X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/585A89FE09B111EAB045B31EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 77:13:0a:f7:82:51:75:85:4f:c7:d0:e5:05:cb:5c:a6:ec:a0: 76:e9:cf:58:44:d6:70:f8:67:5f:d6:d2:7c:51:e8:87:a8:bb: 67:61:68:b1:5f:40:3b:db:25:61:36:cd:4d:49:54:d1:09:e7: 60:cf:6c:c0:67:0c:30:25:ae:25:30:48:e4:06:48:85:19:43: 58:76:75:7c:18:c0:bc:5a:56:d3:fe:56:82:67:83:1e:44:d2: 1f:da:55:78:6a:b3:0e:ff:44:73:dd:5f:ba:dd:a5:b8:ee:b5: 17:a3:61:48:bb:4a:99:cc:5e:5f:79:26:ae:38:23:88:b9:7a: d1:63:f5:f5:03:e2:5b:d2:4e:73:2b:98:de:15:2d:07:90:63: ce:69:c5:4e:f7:c8:30:f6:07:85:5a:20:6c:38:6b:cd:29:bd: a3:16:37:f5:4c:1a:36:42:bb:20:33:a6:bf:1b:8e:9f:d9:64: 21:ec:f8:09:aa:7e:b6:65:f2:bc:9b:b4:4d:d7:32:4f:89:b8: e5:c3:78:9c:18:f0:72:69:1c:a9:fe:4a:a5:4b:8b:6a:06:e1: 22:b0:76:79:87:c2:c7:78:6f:ca:7f:55:7c:0a:e6:bf:49:d3: 35:59:60:44:ae:0b:43:55:16:1d:25:33:59:cd:02:39:6a:f0: 14:64:e8:df -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgICELEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjYwMzA2MTgyNDU4WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWFiMWJmOS1kNzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzOMoSYEVBqS36ktLDYSLdoJXIEA3ZmyECG0JrnrfUJdbYQC656/yer8E4R6G ZxbR8ow6lbXtOa5fFGBTcXJehazS86qwc5WPhmTt5BOhesoihdM2y7yciQ0WX/dt NdZd88Sb8hMx1RcGkD6UF2/K2++ILD76hRzIJOR2GsTbcQU2wvGnJ+x/6lcKLWD5 xUONDDDIRdnsu7ay45w8VodF1ZjAwr4yAl3gS63jCatJ5IVDqCpuBnWJMW8T5lOh DTf7BA1HV+CsdDAKosRDANNLJrzfvfaghPWJOO69SUmrZwJD96lNEjbfxgJo+2E6 dPzU7/AmZTTef4ycA80zMUi54wIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFM5c/kTk X7SU9MeJXnU0wtGfkDMgMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvNTg1QTg5RkUw OUIxMTFFQUIwNDVCMzFFQzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAa BAIAATAUMAwDBAJ4HfwDBAB4Hf4DBADLEUgwIwQCAAIwHTASAwcAIAENzQABAwcD IAENzQAAAwcAIAENzd0FMA0GCSqGSIb3DQEBCwUAA4IBAQB3Ewr3glF1hU/H0OUF y1ym7KB26c9YRNZw+Gdf1tJ8UeiHqLtnYWixX0A72yVhNs1NSVTRCedgz2zAZwww Ja4lMEjkBkiFGUNYdnV8GMC8WlbT/laCZ4MeRNIf2lV4arMO/0Rz3V+63aW47rUX o2FIu0qZzF5feSauOCOIuXrRY/X1A+Jb0k5zK5jeFS0HkGPOacVO98gw9geFWiBs OGvNKb2jFjf1TBo2QrsgM6a/G46f2WQh7PgJqn62ZfK8m7RN1zJPibjlw3icGPBy aRyp/kqlS4tqBuEisHZ5h8LHeG/Kf1V8Cua/SdM1WWBErgtDVRYdJTNZzQI5avAU ZOjf -----END CERTIFICATE-----Generated at Fri Mar 13 10:38:58 2026 by rpki-client