$ rpki-client -vvf rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/DF4EFA76CA7811EE838E0A73C4F9AE02.roa File: DF4EFA76CA7811EE838E0A73C4F9AE02.roa (raw, json) Hash identifier: lwkdt0p18j+EGoMj/NlkIlwaZeWIUPoZjTEhgtn7WSY= Subject key identifier: F8:A1:06:6C:93:CA:3B:B9:87:BD:FE:F1:AE:7E:91:4B:41:48:E0:54 Certificate issuer: /CN=A91C40D6/serialNumber=76EF193957A86D64D3C3CDEB9E0746746EF4290A Certificate serial: 018E Authority key identifier: 76:EF:19:39:57:A8:6D:64:D3:C3:CD:EB:9E:07:46:74:6E:F4:29:0A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/du8ZOVeobWTTw83rngdGdG70KQo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/DF4EFA76CA7811EE838E0A73C4F9AE02.roa Signing time: Sun 01 Mar 2026 14:03:03 +0000 ROA not before: Mon 24 Nov 2025 19:40:09 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 139750 IP address blocks: 138.99.216.0/24 maxlen: 24 138.99.217.0/24 maxlen: 24 138.99.218.0/24 maxlen: 24 138.99.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.crl rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/du8ZOVeobWTTw83rngdGdG70KQo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 19:42:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 398 (0x18e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C40D6, serialNumber=76EF193957A86D64D3C3CDEB9E0746746EF4290A Validity Not Before: Nov 24 19:40:09 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69a44717-7e24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8a:9a:cb:d0:04:87:82:4f:34:0a:9e:66:90: d0:1e:cc:20:40:58:7e:ca:90:e3:7d:fd:e5:31:1a: f5:07:48:6d:ea:26:93:f2:ef:90:f7:69:27:9a:e8: 7e:07:ae:88:d6:a2:88:84:15:55:da:ad:a0:77:19: a5:03:38:c6:4f:0f:b5:76:e1:76:ed:be:ea:e2:dc: 2f:5b:15:ed:6c:a6:a6:8b:6a:2a:69:60:ff:68:ed: c8:3a:34:c2:a8:48:1a:dd:19:d3:6f:37:83:04:3d: cc:c9:02:a8:9b:80:9e:ad:96:eb:d8:81:39:61:06: c9:ee:1b:d8:f9:e8:26:a9:08:48:c3:a3:a2:21:52: 20:4b:69:65:f9:57:c0:f1:9a:3c:c7:2b:40:e3:cd: e0:7e:84:7d:5e:c1:d5:8b:3a:c3:ef:71:88:ad:cd: d4:6a:21:df:31:8f:d5:ba:3d:39:75:d6:2c:78:1d: f5:58:bb:43:01:92:e1:f4:cf:ad:57:6d:d6:e8:2d: 22:62:51:0a:69:cd:a7:86:62:45:0e:61:60:5a:b5: 14:a8:a5:7c:e1:31:f3:6a:d1:84:3f:09:70:07:f1: 27:ff:e2:37:e7:40:31:04:36:c8:f4:36:fd:ac:15: bc:7c:85:91:9d:15:ef:0d:60:ee:9d:b2:b1:61:2f: cd:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:A1:06:6C:93:CA:3B:B9:87:BD:FE:F1:AE:7E:91:4B:41:48:E0:54 X509v3 Authority Key Identifier: keyid:76:EF:19:39:57:A8:6D:64:D3:C3:CD:EB:9E:07:46:74:6E:F4:29:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/du8ZOVeobWTTw83rngdGdG70KQo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/DF4EFA76CA7811EE838E0A73C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 138.99.216.0/22 Signature Algorithm: sha256WithRSAEncryption 05:12:28:5c:04:03:7e:0f:3e:78:4e:a9:bb:6b:08:1d:12:f9: 09:8d:92:a9:9e:b3:36:5d:be:70:f6:a6:8c:2f:83:c2:90:6d: 05:d0:ad:84:ad:b3:ed:0b:08:fe:c6:ef:3b:ad:84:c6:d4:3b: ab:b9:6b:de:52:00:9b:60:0a:c5:df:eb:d5:49:6b:2e:86:de: 3a:22:b1:a7:0c:82:5e:66:50:f1:48:88:54:18:63:f1:4c:5b: 9d:b4:13:a9:e9:df:0d:38:16:09:1a:be:23:9d:bf:4c:a4:c0: fc:15:e8:42:13:11:db:79:b2:b6:1b:8f:a4:7c:fb:be:6b:40: 9c:a3:ed:d0:6b:bc:87:03:6d:72:fc:8c:63:dc:99:bb:bd:34: 32:aa:03:2e:44:c2:e2:13:bd:5d:eb:32:da:c8:82:80:7b:ff: 5b:e9:9f:23:10:64:21:e1:27:cb:d6:a2:98:29:80:91:f5:23: c2:d8:5d:a9:35:1b:42:48:ec:cb:5b:31:00:44:f4:65:41:22: 2f:75:52:3d:7c:ee:d5:47:a9:37:a3:25:1a:30:6a:c0:63:9c: bc:74:f1:70:92:62:93:22:bf:d4:f5:bd:01:38:29:f3:10:20: b2:2e:3e:67:e9:4d:55:40:5a:f5:94:dc:45:58:03:c7:07:04: 04:b1:40:c4 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICAY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQwRDYxMTAvBgNVBAUTKDc2RUYxOTM5NTdBODZENjREM0MzQ0RFQjlFMDc0Njc0 NkVGNDI5MEEwHhcNMjUxMTI0MTk0MDA5WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDcxNy03ZTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4qay9AEh4JPNAqeZpDQHswgQFh+ypDjff3lMRr1B0ht6iaT8u+Q92knmuh+ B66I1qKIhBVV2q2gdxmlAzjGTw+1duF27b7q4twvWxXtbKami2oqaWD/aO3IOjTC qEga3RnTbzeDBD3MyQKom4CerZbr2IE5YQbJ7hvY+egmqQhIw6OiIVIgS2ll+VfA 8Zo8xytA483gfoR9XsHVizrD73GIrc3UaiHfMY/Vuj05ddYseB31WLtDAZLh9M+t V23W6C0iYlEKac2nhmJFDmFgWrUUqKV84THzatGEPwlwB/En/+I350AxBDbI9Db9 rBW8fIWRnRXvDWDunbKxYS/NSwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPihBmyT yju5h73+8a5+kUtBSOBUMB8GA1UdIwQYMBaAFHbvGTlXqG1k08PN654HRnRu9CkK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDBENi8wNUY4NjAxNEM1 MzcxMUVFQjY3QUVCNzlDNEY5QUUwMi9kdThaT1Zlb2JXVFR3ODNybmdkR2RHNzBL UW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2R1OFpPVmVvYldUVHc4M3JuZ2RHZEc3MEtRby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QzQwRDYvMDVGODYwMTRDNTM3MTFFRUI2N0FFQjc5QzRGOUFFMDIvREY0RUZBNzZD QTc4MTFFRTgzOEUwQTczQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCimPYMA0GCSqGSIb3DQEBCwUAA4IBAQAFEihcBAN+Dz54Tqm7awgd EvkJjZKpnrM2Xb5w9qaML4PCkG0F0K2ErbPtCwj+xu87rYTG1DuruWveUgCbYArF 3+vVSWsuht46IrGnDIJeZlDxSIhUGGPxTFudtBOp6d8NOBYJGr4jnb9MpMD8FehC ExHbebK2G4+kfPu+a0Cco+3Qa7yHA21y/Ixj3Jm7vTQyqgMuRMLiE71d6zLayIKA e/9b6Z8jEGQh4SfL1qKYKYCR9SPC2F2pNRtCSOzLWzEARPRlQSIvdVI9fO7VR6k3 oyUaMGrAY5y8dPFwkmKTIr/U9b0BOCnzECCyLj5n6U1VQFr1lNxFWAPHBwQEsUDE -----END CERTIFICATE-----Generated at Sun Mar 8 10:11:33 2026 by rpki-client