$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/341BBBECA99411F093BBAA15C4F9AE02.roa File: 341BBBECA99411F093BBAA15C4F9AE02.roa (raw, json) Hash identifier: TNOMyUTzIQDmtZMNg4RAepXI8EHziIAFioU9/cJC+ek= Subject key identifier: CF:2C:D0:1E:C1:4D:51:78:49:61:F5:1D:5A:B3:A2:59:0E:AE:60:6B Certificate issuer: /CN=A91CD0DE/serialNumber=B643FEB3032742148F3AF9C3539338D554937228 Certificate serial: 02 Authority key identifier: B6:43:FE:B3:03:27:42:14:8F:3A:F9:C3:53:93:38:D5:54:93:72:28 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/341BBBECA99411F093BBAA15C4F9AE02.roa Signing time: Wed 15 Oct 2025 06:57:25 +0000 ROA not before: Wed 15 Oct 2025 06:57:25 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 9484 IP address blocks: 138.252.28.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.crl rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 11:58:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD0DE, serialNumber=B643FEB3032742148F3AF9C3539338D554937228 Validity Not Before: Oct 15 06:57:25 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68ef45d4-ef3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:90:34:de:28:80:95:c3:14:1b:e9:b0:83:37: 5d:8c:ff:a0:62:af:6d:3e:77:d7:7f:80:1c:58:6d: a4:ed:5b:d8:b8:73:fd:ed:47:8d:17:b9:f5:44:23: 28:aa:34:82:34:c0:31:df:28:eb:4a:57:61:3e:6e: 13:47:20:d4:84:84:5a:bc:0c:06:e1:e8:79:a5:60: d4:da:66:08:ae:b0:db:be:31:2c:9f:2d:f2:c1:fd: 3a:f5:76:b7:a8:dd:7f:17:1b:ef:e1:b9:6d:c8:ce: 73:f8:d3:73:fc:3a:c7:eb:37:0c:c2:ac:0b:2a:71: 92:c6:c3:cd:97:35:12:cf:a2:83:72:0c:ce:86:2d: f2:df:ef:cc:4b:b2:18:74:b7:da:f5:9e:15:f7:cd: 42:0c:5d:d1:1b:59:c6:91:56:38:53:0e:fa:97:9e: f6:3a:52:4b:9a:25:b9:ff:76:ce:c6:59:e7:d2:c3: a1:0d:16:93:c5:81:5a:59:21:61:cc:3c:fe:26:7b: 53:41:aa:8d:e4:d3:ea:34:d7:b0:7e:dd:41:81:13: ff:85:af:eb:c6:9c:e4:eb:10:ec:1f:38:24:9f:79: 8a:11:c6:6f:46:7b:f6:c2:c9:4e:a7:ed:54:eb:05: 27:57:5b:a5:3d:55:6a:c2:c9:be:97:d2:1d:93:c9: 3d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:2C:D0:1E:C1:4D:51:78:49:61:F5:1D:5A:B3:A2:59:0E:AE:60:6B X509v3 Authority Key Identifier: keyid:B6:43:FE:B3:03:27:42:14:8F:3A:F9:C3:53:93:38:D5:54:93:72:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/341BBBECA99411F093BBAA15C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 138.252.28.0/23 Signature Algorithm: sha256WithRSAEncryption b2:d9:4b:9b:00:43:6c:a4:bf:58:3b:60:ff:57:cf:3e:02:2e: ec:31:36:aa:35:58:e1:76:c5:3e:89:2e:bc:e7:c6:2a:42:d9: b3:f0:98:9b:0e:8c:b3:12:14:fd:2b:bc:da:af:4a:46:99:bc: 01:d4:5a:6e:33:09:ea:86:7d:7c:c3:be:49:02:2e:44:66:9f: c7:14:eb:08:e7:f9:4f:d3:80:ff:ef:19:57:03:db:4c:7c:5c: 40:00:b7:2d:fd:4c:9d:2a:68:d7:21:9a:4d:2d:88:fe:4e:91: 4d:83:dd:74:bd:53:ce:24:46:06:34:74:53:23:2f:19:aa:2c: f0:ee:7f:f5:12:85:52:b2:c2:c7:35:cb:78:03:dc:ad:cc:e8: 07:81:ba:b7:e9:02:08:a3:e3:22:b6:fa:7c:10:14:fa:48:b8: 53:4d:13:40:09:7d:87:dc:8d:3b:ff:35:47:01:74:fd:3c:b9: 1d:43:6e:9c:9d:37:7d:92:76:61:b6:3d:ba:8a:29:b9:f4:9c: 84:4f:e8:da:03:81:da:21:37:3e:da:b4:55:5c:5e:5c:7b:fa: 9b:fc:57:a4:63:89:f6:d9:ab:3e:dd:7d:bc:c0:03:6e:39:6d: ea:b2:d3:55:c8:71:01:35:0c:d1:f7:3f:50:f5:63:e2:1a:b5: 01:de:28:fb -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RDBERTExMC8GA1UEBRMoQjY0M0ZFQjMwMzI3NDIxNDhGM0FGOUMzNTM5MzM4RDU1 NDkzNzIyODAeFw0yNTEwMTUwNjU3MjVaFw0yNjEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZWY0NWQ0LWVmM2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCakDTeKICVwxQb6bCDN12M/6Bir20+d9d/gBxYbaTtW9i4c/3tR40XufVEIyiq NII0wDHfKOtKV2E+bhNHINSEhFq8DAbh6HmlYNTaZgiusNu+MSyfLfLB/Tr1dreo 3X8XG+/huW3IznP403P8OsfrNwzCrAsqcZLGw82XNRLPooNyDM6GLfLf78xLshh0 t9r1nhX3zUIMXdEbWcaRVjhTDvqXnvY6UkuaJbn/ds7GWefSw6ENFpPFgVpZIWHM PP4me1NBqo3k0+o017B+3UGBE/+Fr+vGnOTrEOwfOCSfeYoRxm9Ge/bCyU6n7VTr BSdXW6U9VWrCyb6X0h2TyT0rAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUzyzQHsFN UXhJYfUdWrOiWQ6uYGswHwYDVR0jBBgwFoAUtkP+swMnQhSPOvnDU5M41VSTcigw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNEMERFLzRGNzY5RDU4QTk4 RjExRjBCMUZBNTA2NkM0RjlBRTAyL3RrUC1zd01uUWhTUE92bkRVNU00MVZTVGNp Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdGtQLXN3TW5RaFNQT3ZuRFU1TTQxVlNUY2lnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDBERS80Rjc2OUQ1OEE5OEYxMUYwQjFGQTUwNjZDNEY5QUUwMi8zNDFCQkJFQ0E5 OTQxMUYwOTNCQkFBMTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAYr8HDANBgkqhkiG9w0BAQsFAAOCAQEAstlLmwBDbKS/WDtg /1fPPgIu7DE2qjVY4XbFPokuvOfGKkLZs/CYmw6MsxIU/Su82q9KRpm8AdRabjMJ 6oZ9fMO+SQIuRGafxxTrCOf5T9OA/+8ZVwPbTHxcQAC3Lf1MnSpo1yGaTS2I/k6R TYPddL1TziRGBjR0UyMvGaos8O5/9RKFUrLCxzXLeAPcrczoB4G6t+kCCKPjIrb6 fBAU+ki4U00TQAl9h9yNO/81RwF0/Ty5HUNunJ03fZJ2YbY9uoopufSchE/o2gOB 2iE3Ptq0VVxeXHv6m/xXpGOJ9tmrPt19vMADbjlt6rLTVchxATUM0fc/UPVj4hq1 Ad4o+w== -----END CERTIFICATE-----Generated at Sun Oct 19 01:33:47 2025 by rpki-client