$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/3933F030F6CF11F0B52F4A0C526F56BC.roa File: 3933F030F6CF11F0B52F4A0C526F56BC.roa (raw, json) Hash identifier: k2l+IIIP2WBGCVGg7/BvgOwpmJz2pgGFy1nltyQrYCE= Subject key identifier: 00:00:69:E9:76:16:09:5E:65:FA:29:56:31:C3:9E:E8:B3:DA:94:2D Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 2D04 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/3933F030F6CF11F0B52F4A0C526F56BC.roa Signing time: Sun 01 Mar 2026 22:51:14 +0000 ROA not before: Wed 21 Jan 2026 13:43:53 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 154366 IP address blocks: 138.252.200.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11524 (0x2d04) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: Jan 21 13:43:53 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a4c2e2-eadc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:75:f0:2d:8c:fb:71:18:7e:09:b9:2f:e6:a4: d0:eb:a4:c6:0d:df:f4:03:db:9e:a4:b1:ed:86:dc: 10:f4:f4:43:9e:29:24:5d:87:c8:8a:42:df:04:f8: 35:32:43:cd:2b:d1:3e:17:a6:a5:e7:6e:75:e1:14: 33:83:3d:98:69:f9:b6:46:68:5e:e0:f6:52:fa:1a: f6:e3:dd:a8:f8:0c:0c:4c:83:d9:42:50:04:b4:a0: e2:a2:74:17:73:00:5b:c1:3f:5c:80:d3:cc:00:e4: 69:c0:96:f5:95:04:48:85:15:a9:4f:2f:33:e4:e4: e0:0b:42:63:45:9f:71:40:21:39:06:57:9c:f9:ee: 22:2f:0f:e7:d2:22:eb:c1:a2:62:ca:a6:c8:d9:88: 3e:33:ff:c2:1e:7c:db:eb:f1:88:f4:f8:e0:b0:33: 5b:b1:f5:88:7d:08:e2:b9:01:45:71:77:f5:fd:32: 05:25:d6:84:d6:76:67:fa:23:c2:32:4f:f5:3e:c7: 0b:bc:2d:65:c3:44:78:76:2c:f3:07:00:85:66:0c: 4a:48:de:3e:59:2f:15:48:fa:9d:6b:13:e8:6f:95: 7f:0e:9c:06:c7:f1:7b:fc:82:97:87:5a:49:b1:fb: d7:bd:73:5e:91:e9:a8:47:96:fb:43:15:5b:24:c5: ae:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:00:69:E9:76:16:09:5E:65:FA:29:56:31:C3:9E:E8:B3:DA:94:2D X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/3933F030F6CF11F0B52F4A0C526F56BC.roa sbgp-ipAddrBlock: critical IPv4: 138.252.200.0/23 Signature Algorithm: sha256WithRSAEncryption 55:cb:2d:0a:75:c4:38:2e:c1:51:bc:4c:38:75:e6:43:08:23: 97:46:8b:93:3c:fb:b1:9d:bb:b1:3b:66:5c:3d:3d:5c:b4:5f: 52:07:e5:1c:37:52:2e:1a:a5:c4:5b:e9:de:18:7f:4a:3e:9a: f9:1d:17:f7:b6:7f:c6:70:00:b6:b2:61:b0:06:5f:09:34:d3: 07:93:9a:16:d3:6f:83:a8:03:48:b8:84:cf:52:39:85:1d:88: 2a:57:27:e5:f7:ab:af:36:93:72:b1:2e:d3:56:ba:dd:0c:38: 9e:6a:65:6d:0a:e2:8b:4f:4f:8f:c9:27:5d:46:88:d0:12:58: 86:65:ca:bf:5f:7f:5d:c4:a2:34:2c:e8:2c:07:8b:f1:10:df: 8d:7d:2b:41:25:41:50:47:f9:1a:c7:28:33:94:63:09:61:e9: 52:c7:65:ad:34:92:ac:ca:5d:46:e6:c6:46:7f:7b:41:8f:4f: 95:e5:99:0c:92:3f:de:2e:b6:b8:1c:5c:f1:4c:f7:84:1a:9a: 2b:20:4d:17:47:fb:8b:b7:4a:71:b7:66:2c:db:a9:f7:a7:ed: b9:26:1a:58:5e:a1:27:a1:cd:63:3f:d7:cb:32:c3:8c:41:0f: 09:7c:38:b6:22:81:97:47:f2:11:55:f7:8e:9d:12:a3:0c:ae: 99:fc:03:d4 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICLQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjYwMTIxMTM0MzUzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0YzJlMi1lYWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn3XwLYz7cRh+Cbkv5qTQ66TGDd/0A9uepLHthtwQ9PRDnikkXYfIikLfBPg1 MkPNK9E+F6al52514RQzgz2Yafm2Rmhe4PZS+hr2492o+AwMTIPZQlAEtKDionQX cwBbwT9cgNPMAORpwJb1lQRIhRWpTy8z5OTgC0JjRZ9xQCE5Blec+e4iLw/n0iLr waJiyqbI2Yg+M//CHnzb6/GI9PjgsDNbsfWIfQjiuQFFcXf1/TIFJdaE1nZn+iPC Mk/1PscLvC1lw0R4dizzBwCFZgxKSN4+WS8VSPqdaxPob5V/DpwGx/F7/IKXh1pJ sfvXvXNekemoR5b7QxVbJMWuHQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFAAAael2 FgleZfopVjHDnuiz2pQtMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzkzM0YwMzBG NkNGMTFGMEI1MkY0QTBDNTI2RjU2QkMucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBivzIMA0GCSqGSIb3DQEBCwUAA4IBAQBVyy0KdcQ4LsFRvEw4deZD CCOXRouTPPuxnbuxO2ZcPT1ctF9SB+UcN1IuGqXEW+neGH9KPpr5HRf3tn/GcAC2 smGwBl8JNNMHk5oW02+DqANIuITPUjmFHYgqVyfl96uvNpNysS7TVrrdDDieamVt CuKLT0+PySddRojQEliGZcq/X39dxKI0LOgsB4vxEN+NfStBJUFQR/kaxygzlGMJ YelSx2WtNJKsyl1G5sZGf3tBj0+V5ZkMkj/eLra4HFzxTPeEGporIE0XR/uLt0px t2Ys26n3p+25JhpYXqEnoc1jP9fLMsOMQQ8JfDi2IoGXR/IRVfeOnRKjDK6Z/APU -----END CERTIFICATE-----Generated at Mon Mar 2 15:05:19 2026 by rpki-client