$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/DC812B38F6CD11F0B253129E516F56BC.roa File: DC812B38F6CD11F0B253129E516F56BC.roa (raw, json) Hash identifier: RKqxFOY57CX+oJikQNcjk8F3Qz64uz6nulj4NpMt6OE= Subject key identifier: 17:FB:2E:8F:32:F0:D0:31:56:4F:00:AD:05:0A:69:B0:83:DB:66:A4 Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 2F27 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/DC812B38F6CD11F0B253129E516F56BC.roa Signing time: Sun 31 May 2026 16:23:46 +0000 ROA not before: Sun 31 May 2026 16:23:46 +0000 ROA not after: Thu 01 Oct 2026 00:00:00 +0000 asID: 151734 IP address blocks: 138.252.200.0/23 maxlen: 24 157.15.202.0/23 maxlen: 24 157.20.211.0/24 maxlen: 24 160.22.108.0/23 maxlen: 24 168.220.232.0/22 maxlen: 24 168.220.236.0/22 maxlen: 24 168.220.240.0/22 maxlen: 24 168.220.244.0/22 maxlen: 24 168.220.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Jun 2026 15:21:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12071 (0x2f27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: May 31 16:23:46 2026 GMT Not After : Oct 1 00:00:00 2026 GMT Subject: CN=6a1c6091-2f9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c8:0c:83:94:bd:08:bb:9d:d7:cd:5f:be:15: 85:94:0d:1e:8f:83:e0:ed:d2:d2:70:67:4f:7d:3b: 49:0b:d7:48:93:10:14:dd:90:78:51:61:de:e7:2c: ce:4f:ff:38:20:d1:11:52:ea:74:f4:a7:c4:a8:5f: 5a:11:5c:f2:2f:de:6f:31:0b:b7:de:cb:f1:02:25: 9e:c4:e2:9d:3c:47:7d:42:95:ca:1e:64:4e:d9:59: 70:48:e3:56:a6:8a:0b:66:99:1d:cc:e9:c5:28:48: 13:ac:04:1a:77:55:b0:52:50:66:18:61:62:41:57: b0:e8:e2:10:cf:e5:2c:8c:e5:55:40:77:06:e4:26: be:87:b0:79:68:38:b7:59:64:ea:d2:c8:0f:ca:7a: 61:af:f3:da:c4:81:09:24:1a:dc:ba:46:da:17:72: 12:66:06:47:47:bf:5d:d7:42:bf:3a:0d:00:8a:b1: ea:5e:72:d0:eb:9e:ed:cf:b5:fd:6d:fd:33:be:60: 5a:d3:78:13:13:b5:8b:17:5f:3d:15:6c:0a:bf:79: b1:16:a9:d7:77:73:b3:be:7f:d8:23:c8:38:77:6d: 74:e8:6b:03:24:6c:3b:07:05:50:ed:0a:71:50:d7: 54:fa:58:75:51:d9:98:ab:e3:31:59:0d:b0:45:85: f6:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:FB:2E:8F:32:F0:D0:31:56:4F:00:AD:05:0A:69:B0:83:DB:66:A4 X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/DC812B38F6CD11F0B253129E516F56BC.roa sbgp-ipAddrBlock: critical IPv4: 138.252.200.0/23 157.15.202.0/23 157.20.211.0/24 160.22.108.0/23 168.220.232.0-168.220.251.255 Signature Algorithm: sha256WithRSAEncryption 45:f6:18:94:c4:55:16:b9:cc:07:90:3d:af:84:ee:b6:9b:b9: 23:86:d3:a4:e7:0a:cc:ef:d8:bc:cb:7b:f3:f5:dc:5a:a4:7f: 89:47:de:60:72:96:fd:1c:4d:03:e0:ee:98:d3:5b:49:ee:6e: 34:00:b9:e1:ae:6f:f6:30:4e:44:a5:01:b6:6a:bc:81:42:06: 04:89:a9:e8:97:17:e0:f6:d7:2f:7c:fa:3e:64:50:72:04:ec: aa:ac:7f:27:17:02:02:7e:f1:44:72:33:90:b2:f4:1b:3a:e4: c4:2b:ba:b0:29:20:1f:c8:8d:52:e9:7f:97:2c:8f:60:ee:ff: 39:fc:2c:31:6e:f5:ca:0e:e3:6d:51:58:9f:e8:13:1d:b3:d2: 6c:54:73:f2:d4:e0:f3:6c:f6:6e:a9:49:cd:4e:59:77:4e:33: 9a:f4:a1:18:4d:c8:59:33:17:67:fa:e3:77:50:40:72:79:ab: 5c:ee:7c:51:ba:f1:b6:ad:11:dd:36:cd:e8:a2:76:eb:0a:74: 1f:3c:62:cf:b5:d4:6b:5b:ca:9a:49:a9:ef:2f:bf:f7:6c:c3: 2b:c3:b2:e3:13:c2:a0:41:f6:5e:68:99:28:2a:9f:12:e9:ee: 43:73:a0:94:d4:a5:5a:19:1e:e1:3d:ae:61:6d:36:d7:ad:0a: b5:4d:ea:a8 -----BEGIN CERTIFICATE----- MIIFXDCCBESgAwIBAgICLycwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjYwNTMxMTYyMzQ2WhcNMjYxMDAxMDAwMDAwWjAYMRYwFAYD VQQDEw02YTFjNjA5MS0yZjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAscgMg5S9CLud181fvhWFlA0ej4Pg7dLScGdPfTtJC9dIkxAU3ZB4UWHe5yzO T/84INERUup09KfEqF9aEVzyL95vMQu33svxAiWexOKdPEd9QpXKHmRO2VlwSONW pooLZpkdzOnFKEgTrAQad1WwUlBmGGFiQVew6OIQz+UsjOVVQHcG5Ca+h7B5aDi3 WWTq0sgPynphr/PaxIEJJBrcukbaF3ISZgZHR79d10K/Og0AirHqXnLQ657tz7X9 bf0zvmBa03gTE7WLF189FWwKv3mxFqnXd3Ozvn/YI8g4d2106GsDJGw7BwVQ7Qpx UNdU+lh1UdmYq+MxWQ2wRYX2SwIDAQABo4ICgDCCAnwwHQYDVR0OBBYEFBf7Lo8y 8NAxVk8ArQUKabCD22akMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvREM4MTJCMzhG NkNEMTFGMEIyNTMxMjlFNTE2RjU2QkMucm9hMD8GCCsGAQUFBwEHAQH/BDAwLjAs BAIAATAmAwQBivzIAwQBnQ/KAwQAnRTTAwQBoBZsMAwDBAOo3OgDBAKo3PgwDQYJ KoZIhvcNAQELBQADggEBAEX2GJTEVRa5zAeQPa+E7rabuSOG06TnCszv2LzLe/P1 3Fqkf4lH3mBylv0cTQPg7pjTW0nubjQAueGub/YwTkSlAbZqvIFCBgSJqeiXF+D2 1y98+j5kUHIE7KqsfycXAgJ+8URyM5Cy9Bs65MQrurApIB/IjVLpf5csj2Du/zn8 LDFu9coO421RWJ/oEx2z0mxUc/LU4PNs9m6pSc1OWXdOM5r0oRhNyFkzF2f643dQ QHJ5q1zufFG68batEd02zeiidusKdB88Ys+11GtbyppJqe8vv/dswyvDsuMTwqBB 9l5omSgqnxLp7kNzoJTUpVoZHuE9rmFtNtetCrVN6qg= -----END CERTIFICATE-----Generated at Sat Jun 6 08:22:54 2026 by rpki-client