$ rpki-client -vvf rpki.apnic.net/member_repository/A9131CF4/3EA638C8B71111F0A5C28073C4F9AE02/4B2379BEB71911F0AAA11D51C4F9AE02.roa File: 4B2379BEB71911F0AAA11D51C4F9AE02.roa (raw, json) Hash identifier: ym/P1+PLUpEQKVLi2u6tem8jb0mTZASUmnMv8PJgl7k= Subject key identifier: 02:E8:31:CE:07:30:A8:A9:85:57:E9:65:05:13:11:2D:78:EE:AC:0A Certificate issuer: /CN=A9131CF4/serialNumber=69ECF0E2A1ED8F05CC278B3E13F662ED0B35488C Certificate serial: 43 Authority key identifier: 69:EC:F0:E2:A1:ED:8F:05:CC:27:8B:3E:13:F6:62:ED:0B:35:48:8C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aezw4qHtjwXMJ4s-E_Zi7Qs1SIw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131CF4/3EA638C8B71111F0A5C28073C4F9AE02/4B2379BEB71911F0AAA11D51C4F9AE02.roa Signing time: Sun 01 Mar 2026 06:09:09 +0000 ROA not before: Sat 01 Nov 2025 11:52:51 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 149049 IP address blocks: 138.252.58.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131CF4/3EA638C8B71111F0A5C28073C4F9AE02/aezw4qHtjwXMJ4s-E_Zi7Qs1SIw.crl rsync://rpki.apnic.net/member_repository/A9131CF4/3EA638C8B71111F0A5C28073C4F9AE02/aezw4qHtjwXMJ4s-E_Zi7Qs1SIw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aezw4qHtjwXMJ4s-E_Zi7Qs1SIw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 09:50:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131CF4, serialNumber=69ECF0E2A1ED8F05CC278B3E13F662ED0B35488C Validity Not Before: Nov 1 11:52:51 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a3d805-de73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:68:cc:de:28:62:83:5d:75:45:57:f6:c3:1b: 85:10:7e:e3:89:ea:c0:44:4c:0c:d8:1d:c7:77:38: 3a:45:b6:99:91:64:a4:16:d1:90:bb:f5:72:2a:34: a2:72:e7:20:99:60:6a:0f:ff:7c:9a:cb:5d:73:4c: 6f:e0:a3:30:c3:81:ee:89:1a:99:dc:c0:1f:c1:84: b0:ba:2d:8d:ca:a7:2b:d7:ef:f2:db:3e:34:87:5d: 6c:07:54:be:83:e9:c9:7d:16:55:1e:80:af:58:e6: 54:4e:d4:7b:96:a3:ca:e8:5c:7d:83:cf:ba:82:2d: eb:9e:9a:ed:0e:29:9e:0d:4d:ed:b0:1b:43:5f:81: e1:af:1e:05:9a:fc:ce:89:94:a9:3b:db:73:1c:1c: c9:9d:81:25:a5:77:ca:5b:1d:7b:49:df:ad:68:34: ed:d4:a0:93:ed:4e:c1:5c:36:69:d7:49:00:a9:c5: 1e:67:ad:51:66:13:1e:8d:31:71:29:12:6b:d7:39: 39:22:e3:4d:58:9c:c5:d4:66:dd:f6:93:e6:1f:2f: 73:66:7d:36:ca:a1:5c:f0:c1:47:d8:e4:75:f6:76: a4:46:d0:e1:fa:36:ae:a5:38:98:eb:21:2d:57:2a: 53:c7:24:5e:f1:c4:1d:22:c9:56:3d:54:bd:52:3c: 79:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:E8:31:CE:07:30:A8:A9:85:57:E9:65:05:13:11:2D:78:EE:AC:0A X509v3 Authority Key Identifier: keyid:69:EC:F0:E2:A1:ED:8F:05:CC:27:8B:3E:13:F6:62:ED:0B:35:48:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131CF4/3EA638C8B71111F0A5C28073C4F9AE02/aezw4qHtjwXMJ4s-E_Zi7Qs1SIw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aezw4qHtjwXMJ4s-E_Zi7Qs1SIw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131CF4/3EA638C8B71111F0A5C28073C4F9AE02/4B2379BEB71911F0AAA11D51C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 138.252.58.0/24 Signature Algorithm: sha256WithRSAEncryption 24:88:8d:07:eb:40:42:b5:a2:be:43:12:c1:23:c2:ec:a9:e0: 8d:e5:0c:e2:fc:66:2a:69:ed:d3:ef:e5:16:ad:b3:6c:f9:30: b9:59:ce:d9:8d:c6:e6:b1:c8:0d:8a:02:95:9b:a1:af:60:ee: 08:2b:78:58:12:33:d0:d9:d0:d6:3f:64:60:6b:25:ac:af:cc: 41:d3:a1:6f:54:1a:a2:f5:e2:dc:eb:14:1f:6d:fd:27:42:cc: 33:4f:77:7c:a4:de:8b:5d:88:2d:7b:d3:b3:2f:94:ab:3f:d4: 61:7c:cb:80:05:58:8e:ae:dc:80:af:61:6e:1a:86:dd:4f:0e: 93:39:d8:8e:44:20:d2:c9:60:fc:70:a2:d7:1d:7d:b1:8a:43: 03:a6:56:61:a3:31:46:e0:67:13:71:30:c6:e6:b9:25:bb:79: 86:2f:cc:01:36:9d:25:ec:a5:ad:15:4d:29:2b:c7:98:4c:c7: 94:af:5d:9c:67:39:5f:59:f6:47:60:c2:84:6f:ab:8b:1d:50: 64:b9:e9:07:28:d6:97:1b:20:f7:f2:aa:ea:ed:d3:24:c7:73: c6:8c:ee:0d:7e:b3:9a:cc:b8:45:31:b0:07:a6:bb:fa:b3:bd: 28:f0:ac:ee:64:e7:52:f5:59:b6:4b:4a:aa:2d:14:fd:78:8d: 94:00:c8:d0 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MUNGNDExMC8GA1UEBRMoNjlFQ0YwRTJBMUVEOEYwNUNDMjc4QjNFMTNGNjYyRUQw QjM1NDg4QzAeFw0yNTExMDExMTUyNTFaFw0yNjEyMzAwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTNkODA1LWRlNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCYaMzeKGKDXXVFV/bDG4UQfuOJ6sBETAzYHcd3ODpFtpmRZKQW0ZC79XIqNKJy 5yCZYGoP/3yay11zTG/gozDDge6JGpncwB/BhLC6LY3KpyvX7/LbPjSHXWwHVL6D 6cl9FlUegK9Y5lRO1HuWo8roXH2Dz7qCLeuemu0OKZ4NTe2wG0NfgeGvHgWa/M6J lKk723McHMmdgSWld8pbHXtJ361oNO3UoJPtTsFcNmnXSQCpxR5nrVFmEx6NMXEp EmvXOTki401YnMXUZt32k+YfL3NmfTbKoVzwwUfY5HX2dqRG0OH6Nq6lOJjrIS1X KlPHJF7xxB0iyVY9VL1SPHn7AgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUAugxzgcw qKmFV+llBRMRLXjurAowHwYDVR0jBBgwFoAUaezw4qHtjwXMJ4s+E/Zi7Qs1SIww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMxQ0Y0LzNFQTYzOEM4Qjcx MTExRjBBNUMyODA3M0M0RjlBRTAyL2Flenc0cUh0andYTUo0cy1FX1ppN1FzMVNJ dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYWV6dzRxSHRqd1hNSjRzLUVfWmk3UXMxU0l3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MUNGNC8zRUE2MzhDOEI3MTExMUYwQTVDMjgwNzNDNEY5QUUwMi80QjIzNzlCRUI3 MTkxMUYwQUFBMTFENTFDNEY5QUUwMi5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBACK/DowDQYJKoZIhvcNAQELBQADggEBACSIjQfrQEK1or5DEsEjwuyp 4I3lDOL8Zipp7dPv5Rats2z5MLlZztmNxuaxyA2KApWboa9g7ggreFgSM9DZ0NY/ ZGBrJayvzEHToW9UGqL14tzrFB9t/SdCzDNPd3yk3otdiC1707MvlKs/1GF8y4AF WI6u3ICvYW4aht1PDpM52I5EINLJYPxwotcdfbGKQwOmVmGjMUbgZxNxMMbmuSW7 eYYvzAE2nSXspa0VTSkrx5hMx5SvXZxnOV9Z9kdgwoRvq4sdUGS56Qco1pcbIPfy qurt0yTHc8aM7g1+s5rMuEUxsAemu/qzvSjwrO5k51L1WbZLSqotFP14jZQAyNA= -----END CERTIFICATE-----Generated at Mon Mar 2 19:08:46 2026 by rpki-client