$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/B2C9B10A881311EE8CFB5C43C4F9AE02.roa File: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (raw, json) Hash identifier: a5Y/yZKxW3IrKI0721MYV+ivPl5QgwwgGyen+XzCmBY= Subject key identifier: E9:55:32:EA:0C:B5:40:9B:A2:E4:3F:7E:24:57:10:02:73:A4:0C:26 Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 017E Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/B2C9B10A881311EE8CFB5C43C4F9AE02.roa Signing time: Sat 30 Aug 2025 18:08:27 +0000 ROA not before: Sat 30 Aug 2025 18:08:27 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 24433 IP address blocks: 138.77.0.0/16 maxlen: 17 138.77.96.0/21 maxlen: 21 138.77.104.0/21 maxlen: 21 138.77.168.0/21 maxlen: 21 138.77.208.0/21 maxlen: 21 138.77.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 17:52:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 382 (0x17e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Aug 30 18:08:27 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68b33e1b-c298 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:bf:57:d4:7e:b4:a1:25:0d:d1:6d:3c:53:1e: be:8f:2c:ab:03:c2:4e:84:fa:57:bc:fc:21:d6:1a: 62:09:c6:45:3c:e8:27:74:ff:c1:6a:6e:3b:62:39: d5:01:6e:42:29:4d:f3:df:50:a7:92:59:b6:46:4d: d8:5e:f4:23:48:40:84:ef:b6:6b:8a:bc:dd:78:43: 60:37:bc:6e:27:9b:a3:f6:22:ed:23:8b:7f:cd:ff: 1f:ea:4f:1d:2b:a7:7a:ce:61:ee:b0:45:aa:dd:da: f3:af:85:c4:40:a4:c3:f0:2a:4e:a2:92:17:a8:b0: d2:3a:b8:a1:10:5e:48:18:70:35:0f:8b:ee:16:f7: f5:c5:31:bc:c2:54:32:0a:44:84:6e:d5:4b:c3:f0: 36:90:a5:a2:42:9a:51:36:30:30:fb:28:54:e3:1c: 7d:5e:e8:12:15:16:ed:88:28:7d:2a:42:31:11:9e: ff:ec:1c:47:9b:f3:85:ca:b3:25:04:b7:da:57:9d: f1:0b:40:34:50:b0:6d:0c:ff:e5:64:0e:11:92:38: 50:fa:31:c0:3b:50:19:a8:ef:7e:23:39:99:2e:c2: 12:6f:9a:06:c1:09:8b:d7:63:d1:3a:ca:89:10:db: f1:59:65:b5:30:2c:6a:ef:1e:17:65:41:5d:79:52: 79:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:55:32:EA:0C:B5:40:9B:A2:E4:3F:7E:24:57:10:02:73:A4:0C:26 X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/B2C9B10A881311EE8CFB5C43C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 138.77.0.0/16 Signature Algorithm: sha256WithRSAEncryption 87:5a:58:c6:92:be:e5:78:ac:f3:43:e8:1f:ed:d2:32:94:f4: 0e:e6:3b:59:c4:71:cd:6e:de:86:6b:ed:c6:44:a4:50:f4:01: 3f:30:cb:61:40:6c:0d:c8:83:d8:bd:6d:77:54:33:3b:ff:82: a9:fc:be:21:19:9b:ae:89:1e:7a:be:16:6e:fd:c0:68:fa:8b: ce:36:29:db:74:cd:b9:29:93:e8:36:4c:01:7d:bc:34:de:3b: e8:61:d9:43:b3:a3:46:98:b8:90:a1:78:56:a2:e1:5a:11:1c: 23:6e:5e:26:93:eb:d4:ac:8d:44:60:33:ce:c9:70:8e:be:50: 1c:c7:33:e7:c1:95:08:bb:d8:af:9a:6c:c8:c2:03:97:a1:6e: 29:80:a2:27:ef:d1:04:07:d6:da:de:35:13:ff:9a:ca:ad:41: 76:18:22:2c:40:d3:b8:d7:c3:c2:17:c5:25:6c:05:8b:10:23: c0:24:6e:8e:3c:25:32:db:f2:3e:39:81:7d:c7:55:35:cd:14: c8:2f:e5:97:d8:dd:f2:20:82:c5:98:13:60:c4:c8:59:ac:dc: a7:0d:93:18:67:84:da:ed:b4:3e:fc:8e:a4:e9:24:6b:c2:98: ad:06:db:fb:1a:32:48:f9:c6:1e:33:df:0c:d3:db:4a:2b:f0: 05:89:00:21 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgICAX4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUwODMwMTgwODI3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIzM2UxYi1jMjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt79X1H60oSUN0W08Ux6+jyyrA8JOhPpXvPwh1hpiCcZFPOgndP/Bam47YjnV AW5CKU3z31Cnklm2Rk3YXvQjSECE77ZrirzdeENgN7xuJ5uj9iLtI4t/zf8f6k8d K6d6zmHusEWq3drzr4XEQKTD8CpOopIXqLDSOrihEF5IGHA1D4vuFvf1xTG8wlQy CkSEbtVLw/A2kKWiQppRNjAw+yhU4xx9XugSFRbtiCh9KkIxEZ7/7BxHm/OFyrMl BLfaV53xC0A0ULBtDP/lZA4RkjhQ+jHAO1AZqO9+IzmZLsISb5oGwQmL12PROsqJ ENvxWWW1MCxq7x4XZUFdeVJ56QIDAQABo4IClDCCApAwHQYDVR0OBBYEFOlVMuoM tUCbouQ/fiRXEAJzpAwmMB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTY4NTYvMkREQjQyNkU0ODYzMTFFRUJDMEJEMjEzQzRGOUFFMDIvQjJDOUIxMEE4 ODEzMTFFRThDRkI1QzQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E DzANMAsEAgABMAUDAwCKTTANBgkqhkiG9w0BAQsFAAOCAQEAh1pYxpK+5Xis80Po H+3SMpT0DuY7WcRxzW7ehmvtxkSkUPQBPzDLYUBsDciD2L1td1QzO/+Cqfy+IRmb rokeer4Wbv3AaPqLzjYp23TNuSmT6DZMAX28NN476GHZQ7OjRpi4kKF4VqLhWhEc I25eJpPr1KyNRGAzzslwjr5QHMcz58GVCLvYr5psyMIDl6FuKYCiJ+/RBAfW2t41 E/+ayq1BdhgiLEDTuNfDwhfFJWwFixAjwCRujjwlMtvyPjmBfcdVNc0UyC/ll9jd 8iCCxZgTYMTIWazcpw2TGGeE2u20PvyOpOkka8KYrQbb+xoySPnGHjPfDNPbSivw BYkAIQ== -----END CERTIFICATE-----Generated at Fri Sep 19 18:13:26 2025 by rpki-client