$ rpki-client -vvf rpki.apnic.net/member_repository/A91A29D7/F23C4DF2AD7311F0AF650254C4F9AE02/8E0D20ECB1B311F0A071761BC4F9AE02.roa File: 8E0D20ECB1B311F0A071761BC4F9AE02.roa (raw, json) Hash identifier: YtfROgSWBrfkxktYw4AsohoBZDFK8Vmr6u2SbXT1iLw= Subject key identifier: 8F:31:DB:D5:D8:CB:32:5B:C4:E2:C1:EC:2D:CA:79:EB:4F:CA:36:D5 Certificate issuer: /CN=A91A29D7/serialNumber=FA5BAF46B7CB2C8E346383AA80CB396B2B81C64C Certificate serial: 0A Authority key identifier: FA:5B:AF:46:B7:CB:2C:8E:34:63:83:AA:80:CB:39:6B:2B:81:C6:4C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-luvRrfLLI40Y4OqgMs5ayuBxkw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A29D7/F23C4DF2AD7311F0AF650254C4F9AE02/8E0D20ECB1B311F0A071761BC4F9AE02.roa Signing time: Sat 25 Oct 2025 15:01:59 +0000 ROA not before: Sat 25 Oct 2025 15:01:59 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 152648 IP address blocks: 138.252.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A29D7/F23C4DF2AD7311F0AF650254C4F9AE02/-luvRrfLLI40Y4OqgMs5ayuBxkw.crl rsync://rpki.apnic.net/member_repository/A91A29D7/F23C4DF2AD7311F0AF650254C4F9AE02/-luvRrfLLI40Y4OqgMs5ayuBxkw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-luvRrfLLI40Y4OqgMs5ayuBxkw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 08:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10 (0xa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A29D7, serialNumber=FA5BAF46B7CB2C8E346383AA80CB396B2B81C64C Validity Not Before: Oct 25 15:01:59 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=68fce667-d1cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:15:39:b5:dc:6f:8f:14:90:bc:64:f7:cd:cd: 4e:79:84:4f:34:67:03:d6:4c:49:aa:87:17:8a:67: f2:f4:a8:3c:81:49:87:4a:d7:30:4c:64:7e:9c:20: c3:e0:b6:ae:87:af:06:88:99:e7:d5:74:6f:23:c7: d3:fb:0e:d2:7f:5b:28:65:7d:96:ab:40:ae:61:ad: 5c:57:56:a8:46:0c:bb:88:a8:a3:d3:b1:dd:8b:04: cb:84:76:8c:2c:b9:c4:45:5a:2d:cd:a7:42:d5:4f: 0f:66:8c:c4:32:5c:57:be:2d:32:78:5b:1d:12:d3: 99:8b:03:c9:7f:0b:b4:47:51:83:00:99:5d:27:7a: 80:97:98:7e:65:4d:17:15:9c:c7:28:f2:02:3f:9e: 5c:a4:c1:44:2c:50:b5:98:86:3a:bd:7b:78:ce:bb: 4c:9e:df:2c:8f:55:6c:7a:40:b8:60:91:c1:9a:9d: 3f:1f:50:36:06:5e:1f:81:66:08:da:65:5a:5d:2b: 93:c5:55:11:1f:bd:0c:e9:20:3f:73:61:e4:95:90: ab:d7:dc:bb:6e:bf:4d:13:cf:19:9e:39:d2:6c:20: e4:6b:d0:84:f0:ce:2c:e3:6d:7a:eb:42:14:91:74: 54:a8:dc:35:c5:f2:5d:28:98:53:fa:bd:9b:1d:11: 9a:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:31:DB:D5:D8:CB:32:5B:C4:E2:C1:EC:2D:CA:79:EB:4F:CA:36:D5 X509v3 Authority Key Identifier: keyid:FA:5B:AF:46:B7:CB:2C:8E:34:63:83:AA:80:CB:39:6B:2B:81:C6:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A29D7/F23C4DF2AD7311F0AF650254C4F9AE02/-luvRrfLLI40Y4OqgMs5ayuBxkw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-luvRrfLLI40Y4OqgMs5ayuBxkw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A29D7/F23C4DF2AD7311F0AF650254C4F9AE02/8E0D20ECB1B311F0A071761BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 138.252.31.0/24 Signature Algorithm: sha256WithRSAEncryption 29:b0:b8:3f:95:59:ad:91:73:ec:d2:e0:f7:0a:be:01:c1:55: f9:50:75:c7:63:3b:ad:31:74:f4:02:d3:cd:39:3f:7e:12:f8: a9:4e:48:a8:72:b8:ca:6c:f4:d6:59:ee:22:04:5e:5c:70:a7: 7e:5d:65:c2:77:e1:1d:f4:9e:29:a5:e8:40:f8:0c:0f:82:0b: 9e:da:32:49:37:43:bb:fb:a7:30:fb:fd:0a:73:58:c3:e5:98: ed:ee:e3:a2:c2:21:ec:97:b7:ae:1c:d0:bb:19:2c:72:97:f1: 0d:52:cb:79:1b:59:b7:b2:4d:09:ef:89:08:72:69:79:fb:20: d5:ad:3c:64:2f:3a:cf:87:07:18:0f:69:7a:cd:47:a8:a0:5c: 19:9a:bf:d2:29:ff:62:33:0e:6d:2e:24:43:c2:c6:b9:a5:64: 6e:0b:50:10:20:2e:f2:43:f6:c0:33:ad:cf:7e:37:27:84:70: 47:ef:98:df:8c:00:87:c3:a3:f1:5d:96:ca:ef:0d:f3:3a:8b: c6:17:5c:c5:a0:7d:26:e7:9d:56:e9:13:cb:c1:f8:be:32:78: bc:65:ae:9d:ab:91:81:6b:37:1a:dd:89:27:c7:41:79:ea:1d: 86:c2:ef:84:03:88:b0:1e:07:45:67:57:b0:fa:dc:bf:60:3e: 66:d3:4e:62 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjlENzExMC8GA1UEBRMoRkE1QkFGNDZCN0NCMkM4RTM0NjM4M0FBODBDQjM5NkIy QjgxQzY0QzAeFw0yNTEwMjUxNTAxNTlaFw0yNzAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZmNlNjY3LWQxY2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBFTm13G+PFJC8ZPfNzU55hE80ZwPWTEmqhxeKZ/L0qDyBSYdK1zBMZH6cIMPg tq6HrwaImefVdG8jx9P7DtJ/WyhlfZarQK5hrVxXVqhGDLuIqKPTsd2LBMuEdows ucRFWi3Np0LVTw9mjMQyXFe+LTJ4Wx0S05mLA8l/C7RHUYMAmV0neoCXmH5lTRcV nMco8gI/nlykwUQsULWYhjq9e3jOu0ye3yyPVWx6QLhgkcGanT8fUDYGXh+BZgja ZVpdK5PFVREfvQzpID9zYeSVkKvX3Ltuv00TzxmeOdJsIORr0ITwzizjbXrrQhSR dFSo3DXF8l0omFP6vZsdEZopAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUjzHb1djL MlvE4sHsLcp560/KNtUwHwYDVR0jBBgwFoAU+luvRrfLLI40Y4OqgMs5ayuBxkww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyOUQ3L0YyM0M0REYyQUQ3 MzExRjBBRjY1MDI1NEM0RjlBRTAyLy1sdXZScmZMTEk0MFk0T3FnTXM1YXl1Qnhr dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvLWx1dlJyZkxMSTQwWTRPcWdNczVheXVCeGt3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MjlENy9GMjNDNERGMkFENzMxMUYwQUY2NTAyNTRDNEY5QUUwMi84RTBEMjBFQ0Ix QjMxMUYwQTA3MTc2MUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAIr8HzANBgkqhkiG9w0BAQsFAAOCAQEAKbC4P5VZrZFz7NLg 9wq+AcFV+VB1x2M7rTF09ALTzTk/fhL4qU5IqHK4ymz01lnuIgReXHCnfl1lwnfh HfSeKaXoQPgMD4ILntoySTdDu/unMPv9CnNYw+WY7e7josIh7Je3rhzQuxkscpfx DVLLeRtZt7JNCe+JCHJpefsg1a08ZC86z4cHGA9pes1HqKBcGZq/0in/YjMObS4k Q8LGuaVkbgtQECAu8kP2wDOtz343J4RwR++Y34wAh8Oj8V2Wyu8N8zqLxhdcxaB9 JuedVukTy8H4vjJ4vGWunauRgWs3Gt2JJ8dBeeodhsLvhAOIsB4HRWdXsPrcv2A+ ZtNOYg== -----END CERTIFICATE-----Generated at Tue Nov 4 12:11:03 2025 by rpki-client