$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4700/186F2C2ABB8311F088969765C4F9AE02/A9CD5C92BB8C11F08999FE2AC4F9AE02.roa File: A9CD5C92BB8C11F08999FE2AC4F9AE02.roa (raw, json) Hash identifier: c3y0t6IJx6Q11r5JDlgaeAC6nTxUNX96hYufhWBf0xM= Subject key identifier: FF:4F:0E:D8:F5:E5:B7:8C:05:23:B2:C8:AE:09:1B:E0:C5:A6:DD:73 Certificate issuer: /CN=A91E4700/serialNumber=BC25CD4E48AEDF608B49CC298472C5C06E8BF6FB Certificate serial: 46 Authority key identifier: BC:25:CD:4E:48:AE:DF:60:8B:49:CC:29:84:72:C5:C0:6E:8B:F6:FB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vCXNTkiu32CLScwphHLFwG6L9vs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4700/186F2C2ABB8311F088969765C4F9AE02/A9CD5C92BB8C11F08999FE2AC4F9AE02.roa Signing time: Mon 02 Mar 2026 14:23:52 +0000 ROA not before: Wed 07 Jan 2026 07:24:48 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 63850 IP address blocks: 138.252.168.0/23 maxlen: 23 138.252.168.0/24 maxlen: 24 138.252.169.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4700/186F2C2ABB8311F088969765C4F9AE02/vCXNTkiu32CLScwphHLFwG6L9vs.crl rsync://rpki.apnic.net/member_repository/A91E4700/186F2C2ABB8311F088969765C4F9AE02/vCXNTkiu32CLScwphHLFwG6L9vs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vCXNTkiu32CLScwphHLFwG6L9vs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Mar 2026 08:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70 (0x46) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4700, serialNumber=BC25CD4E48AEDF608B49CC298472C5C06E8BF6FB Validity Not Before: Jan 7 07:24:48 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a59d78-674b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:7e:f8:1c:43:bd:ed:2a:32:53:9c:06:09:a0: 21:bd:f9:c5:70:1b:2a:68:60:b6:0f:c8:35:94:e5: d3:7e:65:ea:64:3f:11:b1:dd:2b:f9:d0:6b:e3:9d: 66:ea:5b:e7:18:b0:dc:ba:df:9f:09:5c:2e:bd:c8: 6e:80:96:c0:83:a1:29:6a:0a:43:a7:96:f4:60:f6: 57:35:a8:a7:32:da:d3:26:ea:29:bd:30:08:da:41: 7d:28:0c:61:fe:e6:71:c4:e8:77:26:03:74:23:36: 13:2a:51:82:62:58:d4:1e:41:33:57:51:5c:6a:f2: b6:34:0a:8c:a0:30:8b:d4:11:52:d4:9a:05:40:5d: 5b:18:04:61:e6:27:25:ae:b6:e3:1b:78:e9:d0:b3: fe:0a:d8:cc:8a:f7:7a:41:86:a1:0a:05:19:c2:9a: 8a:d6:c7:65:ad:32:17:6d:e4:07:a8:bd:33:c4:ec: 12:3a:d0:32:68:26:39:ce:3b:db:5d:c5:72:c6:2a: 87:d9:c3:7f:94:6e:3a:0a:5d:7e:dc:5b:47:46:f8: d1:40:90:b0:86:81:f1:b9:2d:1f:18:95:87:bd:9d: cd:7c:a3:ab:4e:9d:4d:ac:1e:b2:02:e1:f6:e3:b7: ac:1d:7e:34:2f:d0:3f:0b:eb:12:45:d5:61:a7:d2: 71:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:4F:0E:D8:F5:E5:B7:8C:05:23:B2:C8:AE:09:1B:E0:C5:A6:DD:73 X509v3 Authority Key Identifier: keyid:BC:25:CD:4E:48:AE:DF:60:8B:49:CC:29:84:72:C5:C0:6E:8B:F6:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4700/186F2C2ABB8311F088969765C4F9AE02/vCXNTkiu32CLScwphHLFwG6L9vs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vCXNTkiu32CLScwphHLFwG6L9vs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4700/186F2C2ABB8311F088969765C4F9AE02/A9CD5C92BB8C11F08999FE2AC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 138.252.168.0/23 Signature Algorithm: sha256WithRSAEncryption 2f:65:8d:dd:1f:80:6d:f9:ce:77:99:8f:37:95:e6:85:87:68: 3e:01:65:22:bf:0d:14:b8:7e:78:47:dc:b5:8c:24:bd:93:16: 1d:76:d9:8b:df:bd:d8:b8:89:3d:a2:23:4c:39:30:47:c5:26: 56:05:14:71:fc:89:cb:9d:f1:91:f7:53:6c:f9:c7:53:50:c3: e2:77:a1:03:04:ed:e5:c3:89:d0:dc:4c:43:c3:f4:17:fd:aa: 7e:dc:bb:07:b7:0d:cc:81:28:12:a4:48:6c:46:0c:a1:9d:c0: 84:07:d5:13:f2:2c:c9:3e:77:32:c1:8b:97:c0:3e:c6:f9:e5: 48:e4:a8:89:e5:81:87:c9:12:eb:1f:ff:14:0c:27:28:15:32: f7:e0:99:13:bd:85:ac:d4:b7:17:ac:41:23:85:78:af:1a:06: 99:bc:95:0c:50:ed:8d:76:02:51:b5:8e:74:aa:30:59:87:99: 92:59:33:65:82:c4:34:d1:bc:d0:07:a0:17:f1:3e:63:1c:e5: 1f:73:14:85:e2:86:38:b2:b8:4a:98:5a:4d:da:af:f8:6e:b1: 40:15:88:23:4a:ca:ac:01:7f:06:44:a5:49:ef:1b:a3:e8:55: 5e:86:a2:35:37:6f:1e:67:37:a1:6e:da:56:f6:13:df:d2:8b: a1:5b:52:79 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIBRjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NDcwMDExMC8GA1UEBRMoQkMyNUNENEU0OEFFREY2MDhCNDlDQzI5ODQ3MkM1QzA2 RThCRjZGQjAeFw0yNjAxMDcwNzI0NDhaFw0yNzAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTU5ZDc4LTY3NGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDSfvgcQ73tKjJTnAYJoCG9+cVwGypoYLYPyDWU5dN+ZepkPxGx3Sv50GvjnWbq W+cYsNy6358JXC69yG6AlsCDoSlqCkOnlvRg9lc1qKcy2tMm6im9MAjaQX0oDGH+ 5nHE6HcmA3QjNhMqUYJiWNQeQTNXUVxq8rY0CoygMIvUEVLUmgVAXVsYBGHmJyWu tuMbeOnQs/4K2MyK93pBhqEKBRnCmorWx2WtMhdt5AeovTPE7BI60DJoJjnOO9td xXLGKofZw3+UbjoKXX7cW0dG+NFAkLCGgfG5LR8YlYe9nc18o6tOnU2sHrIC4fbj t6wdfjQv0D8L6xJF1WGn0nENAgMBAAGjggJgMIICXDAdBgNVHQ4EFgQU/08O2PXl t4wFI7LIrgkb4MWm3XMwHwYDVR0jBBgwFoAUvCXNTkiu32CLScwphHLFwG6L9vsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0NzAwLzE4NkYyQzJBQkI4 MzExRjA4ODk2OTc2NUM0RjlBRTAyL3ZDWE5Ua2l1MzJDTFNjd3BoSExGd0c2TDl2 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdkNYTlRraXUzMkNMU2N3cGhITEZ3RzZMOXZzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDcwMC8xODZGMkMyQUJCODMxMUYwODg5Njk3NjVDNEY5QUUwMi9BOUNENUM5MkJC OEMxMUYwODk5OUZFMkFDNEY5QUUwMi5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBAGK/KgwDQYJKoZIhvcNAQELBQADggEBAC9ljd0fgG35zneZjzeV5oWH aD4BZSK/DRS4fnhH3LWMJL2TFh122Yvfvdi4iT2iI0w5MEfFJlYFFHH8icud8ZH3 U2z5x1NQw+J3oQME7eXDidDcTEPD9Bf9qn7cuwe3DcyBKBKkSGxGDKGdwIQH1RPy LMk+dzLBi5fAPsb55UjkqInlgYfJEusf/xQMJygVMvfgmRO9hazUtxesQSOFeK8a Bpm8lQxQ7Y12AlG1jnSqMFmHmZJZM2WCxDTRvNAHoBfxPmMc5R9zFIXihjiyuEqY Wk3ar/husUAViCNKyqwBfwZEpUnvG6PoVV6GojU3bx5nN6Fu2lb2E9/Si6FbUnk= -----END CERTIFICATE-----Generated at Wed Mar 4 09:46:30 2026 by rpki-client