$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/7FC0AC6009AE11EAA7CED313C4F9AE02.roa File: 7FC0AC6009AE11EAA7CED313C4F9AE02.roa (raw, json) Hash identifier: T4Gee/zJ/m/K+eSKhIWlHL1duR6Z6uzsJxQPiMmccU8= Subject key identifier: DD:95:73:76:AE:23:8C:3C:BD:CE:D2:5B:64:48:0F:DC:E5:40:62:CC Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Certificate serial: 109F Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/7FC0AC6009AE11EAA7CED313C4F9AE02.roa Signing time: Fri 06 Mar 2026 18:24:24 +0000 ROA not before: Fri 06 Mar 2026 18:24:24 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 397222 IP address blocks: 120.29.252.0/24 maxlen: 24 120.29.253.0/24 maxlen: 24 120.29.254.0/24 maxlen: 24 203.17.72.0/24 maxlen: 24 2001:dcd:1::/48 maxlen: 48 2001:dcd:2::/48 maxlen: 48 2001:dcd:3::/48 maxlen: 48 2001:dcd:4::/48 maxlen: 48 2001:dcd:5::/48 maxlen: 48 2001:dcd:6::/48 maxlen: 48 2001:dcd:7::/48 maxlen: 48 2001:dcd:dd05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Mar 2026 18:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4255 (0x109f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A Validity Not Before: Mar 6 18:24:24 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69ab1bd7-7655 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:53:a8:8a:5e:4f:7b:cd:64:f9:fc:e3:da:3b: 8e:9c:98:8f:d2:20:27:ca:1c:08:e2:66:f4:9b:66: 33:af:dc:fa:9e:9d:9d:b1:20:17:fc:12:52:20:41: f2:48:12:ca:ab:40:7a:ee:bd:62:5e:b9:7c:a8:03: 30:79:13:01:ef:ce:53:f9:58:c8:11:f2:25:06:68: 40:eb:76:c2:41:00:8e:78:22:3c:bd:1f:a1:83:a0: c5:cf:a0:17:37:e1:a3:d6:85:1e:e3:8d:46:5c:c4: 16:b8:3c:a2:98:e5:31:a4:35:54:eb:c1:bd:0c:86: 50:90:07:fa:24:72:5b:69:60:6b:83:96:28:7f:64: e3:0b:c4:88:96:77:a7:b6:64:c0:bf:9f:2d:bf:c6: 2e:f7:7d:50:98:2b:64:95:06:55:f3:b4:83:98:29: 12:f0:65:22:0d:63:cf:34:35:34:7f:09:11:76:75: af:48:7d:98:88:b0:70:16:90:59:3e:ec:b5:3e:07: 27:c1:36:5b:7c:b8:9d:0c:7a:af:0c:52:ad:ae:14: 78:31:f2:fa:85:b0:f3:6b:2d:b2:7d:70:27:b0:40: 5c:09:1a:4c:30:a6:30:c2:bb:c5:fd:ea:f9:8c:75: 28:ee:c4:99:5d:3d:56:1a:ae:16:b4:30:02:eb:1e: bd:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:95:73:76:AE:23:8C:3C:BD:CE:D2:5B:64:48:0F:DC:E5:40:62:CC X509v3 Authority Key Identifier: keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/7FC0AC6009AE11EAA7CED313C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 120.29.252.0-120.29.254.255 203.17.72.0/24 IPv6: 2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff 2001:dcd:dd05::/48 Signature Algorithm: sha256WithRSAEncryption 2f:b7:ad:ae:1b:77:68:ba:9b:e6:da:40:f5:92:79:8e:6d:57: 89:5b:86:3f:f9:b7:0a:6c:8f:d9:da:2f:58:18:cc:a0:16:7b: a0:b4:55:61:d1:9a:e8:f3:0d:f0:3d:09:f5:da:24:4b:13:9e: 7c:b7:34:fb:ae:b2:4c:2d:ac:6b:0c:4d:55:b7:4f:3b:63:7d: df:73:b7:76:09:a0:ec:c4:c2:c6:64:ed:10:d3:63:2b:f2:c0: 9d:92:d6:79:fa:1f:ea:34:2e:59:8b:09:99:d3:40:73:a7:8b: 0b:6e:47:c5:e7:04:1f:5d:0b:bb:cf:05:62:1c:9d:96:c0:24: 27:00:38:05:1f:eb:a9:9d:30:db:49:dd:cd:92:a8:65:82:2d: 9c:bd:95:33:05:bc:4f:a4:7c:0d:bf:2b:f0:c2:d0:fc:18:18: 47:c6:db:bb:8f:9b:eb:56:54:10:df:6c:77:a5:ed:e8:d8:e2: 6a:56:5f:4e:34:6e:5b:4b:48:26:0e:4f:5c:30:7f:41:26:2e: c8:61:d8:93:e0:cc:4d:80:02:59:47:4f:9e:46:85:8a:3a:b7: 71:ea:7c:02:78:bd:51:9a:35:a9:ee:f8:81:17:d3:b0:13:dc: 6f:f2:f0:1d:b5:fc:39:08:c7:26:18:f0:14:85:43:e9:cf:12: 79:5a:e3:83 -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgICEJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0 NkRGNzI4NUEwHhcNMjYwMzA2MTgyNDI0WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWFiMWJkNy03NjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtlOoil5Pe81k+fzj2juOnJiP0iAnyhwI4mb0m2Yzr9z6np2dsSAX/BJSIEHy SBLKq0B67r1iXrl8qAMweRMB785T+VjIEfIlBmhA63bCQQCOeCI8vR+hg6DFz6AX N+Gj1oUe441GXMQWuDyimOUxpDVU68G9DIZQkAf6JHJbaWBrg5Yof2TjC8SIlnen tmTAv58tv8Yu931QmCtklQZV87SDmCkS8GUiDWPPNDU0fwkRdnWvSH2YiLBwFpBZ Puy1PgcnwTZbfLidDHqvDFKtrhR4MfL6hbDzay2yfXAnsEBcCRpMMKYwwrvF/er5 jHUo7sSZXT1WGq4WtDAC6x69bwIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFN2Vc3au I4w8vc7SW2RID9zlQGLMMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0 RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvN0ZDMEFDNjAw OUFFMTFFQUE3Q0VEMzEzQzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAa BAIAATAUMAwDBAJ4HfwDBAB4Hf4DBADLEUgwIwQCAAIwHTASAwcAIAENzQABAwcD IAENzQAAAwcAIAENzd0FMA0GCSqGSIb3DQEBCwUAA4IBAQAvt62uG3doupvm2kD1 knmObVeJW4Y/+bcKbI/Z2i9YGMygFnugtFVh0Zro8w3wPQn12iRLE558tzT7rrJM LaxrDE1Vt087Y33fc7d2CaDsxMLGZO0Q02Mr8sCdktZ5+h/qNC5ZiwmZ00Bzp4sL bkfF5wQfXQu7zwViHJ2WwCQnADgFH+upnTDbSd3Nkqhlgi2cvZUzBbxPpHwNvyvw wtD8GBhHxtu7j5vrVlQQ32x3pe3o2OJqVl9ONG5bS0gmDk9cMH9BJi7IYdiT4MxN gAJZR0+eRoWKOrdx6nwCeL1RmjWp7viBF9OwE9xv8vAdtfw5CMcmGPAUhUPpzxJ5 WuOD -----END CERTIFICATE-----Generated at Fri Mar 13 10:38:53 2026 by rpki-client