$ rpki-client -vvf rpki.apnic.net/member_repository/A913CE18/B3752AB2C68211F0B76E1746C4F9AE02/66FA3E10C68311F0A13F9748C4F9AE02.roa File: 66FA3E10C68311F0A13F9748C4F9AE02.roa (raw, json) Hash identifier: qhmDYrXSka0BnnAzbzb+vh6r8WiWcCMdpJjXHDEOqUE= Subject key identifier: 52:59:71:35:26:9B:E1:48:2C:AA:59:77:73:B6:2B:CE:C3:A2:0C:B0 Certificate issuer: /CN=A913CE18/serialNumber=CF9A3F316483A2A794411D59146F9FC564091997 Certificate serial: 35 Authority key identifier: CF:9A:3F:31:64:83:A2:A7:94:41:1D:59:14:6F:9F:C5:64:09:19:97 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z5o_MWSDoqeUQR1ZFG-fxWQJGZc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913CE18/B3752AB2C68211F0B76E1746C4F9AE02/66FA3E10C68311F0A13F9748C4F9AE02.roa Signing time: Sun 01 Mar 2026 05:59:28 +0000 ROA not before: Fri 21 Nov 2025 02:40:12 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 139923 IP address blocks: 138.252.248.0/23 maxlen: 23 138.252.248.0/24 maxlen: 24 138.252.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913CE18/B3752AB2C68211F0B76E1746C4F9AE02/z5o_MWSDoqeUQR1ZFG-fxWQJGZc.crl rsync://rpki.apnic.net/member_repository/A913CE18/B3752AB2C68211F0B76E1746C4F9AE02/z5o_MWSDoqeUQR1ZFG-fxWQJGZc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z5o_MWSDoqeUQR1ZFG-fxWQJGZc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 09:59:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913CE18, serialNumber=CF9A3F316483A2A794411D59146F9FC564091997 Validity Not Before: Nov 21 02:40:12 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a3d5c0-0896 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:c7:43:ae:8d:92:d6:3a:4b:b2:47:8f:b5:e0: dd:c4:fe:7d:98:5a:2f:97:78:ba:38:26:74:75:5c: 75:e3:bb:5d:b2:3a:44:6b:e4:72:00:c0:23:e6:2b: 44:e4:ce:62:24:0c:f3:72:13:ca:2f:6e:97:0f:35: 58:33:3f:b0:de:80:a3:66:0d:f0:d2:68:ec:39:9c: a0:6a:5b:5d:26:9b:98:aa:a3:ed:9f:24:c7:0f:a1: 7b:66:10:dd:db:d5:5b:59:aa:2b:1e:19:e1:c5:07: ee:7c:4d:df:10:fd:da:49:65:a9:23:fc:6b:00:d5: f9:b6:46:62:56:9d:c0:3b:fc:c8:51:67:61:f9:03: 8d:fe:cd:1c:51:80:bd:17:91:8f:c4:9b:9a:8a:6e: ee:b3:18:11:4e:8c:3b:c6:b5:5f:24:3d:30:36:73: c1:d0:ee:b8:3e:18:23:63:15:70:1d:fb:55:bc:b1: d6:c2:b3:d5:62:18:2e:d9:cc:47:95:ac:2b:f2:ff: 21:e3:6b:11:b2:af:9e:8c:80:d9:22:77:5a:c7:58: 34:51:f7:5d:87:ea:86:09:2e:b8:0c:66:bc:ec:9a: 46:f6:b4:46:8d:b1:35:5e:80:9d:37:85:16:33:3f: a6:8b:60:fb:e9:35:e2:c6:bd:44:a5:e2:28:97:e7: 36:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:59:71:35:26:9B:E1:48:2C:AA:59:77:73:B6:2B:CE:C3:A2:0C:B0 X509v3 Authority Key Identifier: keyid:CF:9A:3F:31:64:83:A2:A7:94:41:1D:59:14:6F:9F:C5:64:09:19:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913CE18/B3752AB2C68211F0B76E1746C4F9AE02/z5o_MWSDoqeUQR1ZFG-fxWQJGZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/z5o_MWSDoqeUQR1ZFG-fxWQJGZc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913CE18/B3752AB2C68211F0B76E1746C4F9AE02/66FA3E10C68311F0A13F9748C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 138.252.248.0/23 Signature Algorithm: sha256WithRSAEncryption 00:c2:55:48:10:c7:39:8b:3f:cd:ed:c2:fe:c9:53:c9:2f:e3: b9:1c:cf:4b:d0:9f:6d:cb:a7:65:09:f6:f8:06:e0:bd:d2:aa: de:0b:dc:bf:dd:ea:b1:d8:e1:86:70:2e:b8:ee:df:c1:99:1d: 5e:6d:1e:25:cd:86:2c:d9:71:ca:0b:2b:49:6c:2d:42:1b:34: 4e:cf:71:66:54:8f:10:5c:a8:14:69:94:f4:bc:05:55:10:d0: 32:3b:86:2f:f9:39:3b:00:9e:ae:3d:0d:fa:56:71:7e:71:f8: 80:15:5f:b2:02:80:76:1c:6b:5f:52:f5:df:f7:f4:96:a3:97: 3f:df:28:c2:af:c8:86:c3:dc:a9:e3:b1:f7:8b:2e:08:ab:fd: cf:c6:9f:c3:3b:08:60:2f:93:db:89:7a:ed:3f:51:1e:d3:7e: 66:c9:7c:d7:0a:b5:bb:29:01:b0:12:1e:6e:d2:ce:4f:b7:0e: f8:d7:69:37:24:15:db:08:af:00:17:c6:ac:d2:4c:91:55:fe: a3:a3:45:09:fe:60:04:65:17:a7:5e:51:5f:2a:45:44:57:f0: 3e:a4:db:cb:e2:6d:a2:24:45:b0:63:16:eb:3a:d6:31:59:32: 00:ab:6b:65:e2:42:3d:98:db:e7:d5:1a:9c:80:69:3c:da:22: 00:94:4e:ac -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz Q0UxODExMC8GA1UEBRMoQ0Y5QTNGMzE2NDgzQTJBNzk0NDExRDU5MTQ2RjlGQzU2 NDA5MTk5NzAeFw0yNTExMjEwMjQwMTJaFw0yNzAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY5YTNkNWMwLTA4OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDRx0OujZLWOkuyR4+14N3E/n2YWi+XeLo4JnR1XHXju12yOkRr5HIAwCPmK0Tk zmIkDPNyE8ovbpcPNVgzP7DegKNmDfDSaOw5nKBqW10mm5iqo+2fJMcPoXtmEN3b 1VtZqiseGeHFB+58Td8Q/dpJZakj/GsA1fm2RmJWncA7/MhRZ2H5A43+zRxRgL0X kY/Em5qKbu6zGBFOjDvGtV8kPTA2c8HQ7rg+GCNjFXAd+1W8sdbCs9ViGC7ZzEeV rCvy/yHjaxGyr56MgNkid1rHWDRR912H6oYJLrgMZrzsmkb2tEaNsTVegJ03hRYz P6aLYPvpNeLGvUSl4iiX5zaPAgMBAAGjggJgMIICXDAdBgNVHQ4EFgQUUllxNSab 4Ugsqll3c7YrzsOiDLAwHwYDVR0jBBgwFoAUz5o/MWSDoqeUQR1ZFG+fxWQJGZcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNDRTE4L0IzNzUyQUIyQzY4 MjExRjBCNzZFMTc0NkM0RjlBRTAyL3o1b19NV1NEb3FlVVFSMVpGRy1meFdRSkda Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvejVvX01XU0RvcWVVUVIxWkZHLWZ4V1FKR1pjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz Q0UxOC9CMzc1MkFCMkM2ODIxMUYwQjc2RTE3NDZDNEY5QUUwMi82NkZBM0UxMEM2 ODMxMUYwQTEzRjk3NDhDNEY5QUUwMi5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBAGK/PgwDQYJKoZIhvcNAQELBQADggEBAADCVUgQxzmLP83twv7JU8kv 47kcz0vQn23Lp2UJ9vgG4L3Sqt4L3L/d6rHY4YZwLrju38GZHV5tHiXNhizZccoL K0lsLUIbNE7PcWZUjxBcqBRplPS8BVUQ0DI7hi/5OTsAnq49DfpWcX5x+IAVX7IC gHYca19S9d/39Jajlz/fKMKvyIbD3KnjsfeLLgir/c/Gn8M7CGAvk9uJeu0/UR7T fmbJfNcKtbspAbASHm7Szk+3DvjXaTckFdsIrwAXxqzSTJFV/qOjRQn+YARlF6de UV8qRURX8D6k28vibaIkRbBjFus61jFZMgCra2XiQj2Y2+fVGpyAaTzaIgCUTqw= -----END CERTIFICATE-----Generated at Mon Mar 2 08:21:02 2026 by rpki-client