$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/8589BDA6AF1D11F0B0944E21C4F9AE02.roa File: 8589BDA6AF1D11F0B0944E21C4F9AE02.roa (raw, json) Hash identifier: P/Qjb4CoSmArczCSNkjglnTLBx/kOiZmY9N5+cnoJ2A= Subject key identifier: F4:0C:69:6C:91:25:74:25:F5:60:3B:D9:84:F3:F1:61:24:17:22:BD Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 2CC3 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/8589BDA6AF1D11F0B0944E21C4F9AE02.roa Signing time: Sun 01 Mar 2026 22:49:44 +0000 ROA not before: Wed 22 Oct 2025 08:02:58 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 154299 IP address blocks: 138.252.38.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 09:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11459 (0x2cc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: Oct 22 08:02:58 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69a4c288-cbcf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:03:0e:49:71:6f:d9:f9:02:98:97:a6:e0:be: 8e:be:f6:a8:42:c3:b6:3f:dd:d7:53:71:4f:e5:d4: c3:1d:5f:78:1e:a9:50:6c:ec:ff:6e:3c:8d:2c:f4: 94:84:c5:95:b4:0e:c4:0a:38:d4:a7:d6:e0:0f:7c: c4:fa:24:44:5f:c5:ee:0f:bd:c8:a5:43:0e:f4:79: 0b:4f:ee:85:3a:1c:48:ab:b6:d5:8b:de:fa:69:d3: 36:eb:53:01:48:23:95:7c:15:e5:1f:50:7a:9b:13: 23:08:ea:87:86:58:20:8e:d3:43:1d:91:83:2c:38: 80:f3:dc:2b:96:b5:1f:9c:a4:53:7f:1f:6c:6a:56: 7d:56:fc:a3:94:59:3b:85:84:89:0b:05:42:99:32: 88:30:93:ff:92:db:fe:3a:f1:93:43:28:20:9f:70: a1:9d:0f:d8:24:8c:fc:1f:66:34:23:ef:5c:bc:e9: d0:21:d3:0c:d7:41:88:79:ba:66:47:57:9d:4e:ac: d6:93:fb:c1:22:99:b7:a8:70:d8:8d:e6:d2:06:d8: f2:0c:38:ee:8b:fe:8a:a2:b2:31:3f:43:94:25:0f: cb:ee:61:7f:6b:1b:9f:a9:c8:8f:8a:91:58:f3:90: 51:66:28:03:51:14:c7:9f:e1:09:e1:d8:a6:54:a9: eb:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:0C:69:6C:91:25:74:25:F5:60:3B:D9:84:F3:F1:61:24:17:22:BD X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/8589BDA6AF1D11F0B0944E21C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 138.252.38.0/23 Signature Algorithm: sha256WithRSAEncryption cb:41:e9:78:83:92:99:59:da:d4:2c:d8:8c:9d:14:f3:74:f3: c4:60:12:be:f8:91:06:98:cf:5e:ef:96:30:ba:1c:f6:3c:f7: db:11:cc:a3:e0:be:15:85:5a:be:2a:ec:a4:6d:e7:26:6c:f7: e8:a5:fe:14:18:db:4f:fc:c7:d7:89:8c:b1:b7:16:96:d7:e0: 35:db:38:b8:e5:09:be:f8:1e:d7:42:c6:17:54:94:f3:e4:9a: b7:fe:a2:47:d0:e1:2b:87:30:b1:8b:56:9f:2e:ce:73:cb:34: 09:7e:47:6d:c7:32:d9:36:13:6e:25:a3:56:3e:e7:4a:42:58: 74:d4:1c:80:21:c5:96:a2:31:2e:57:85:f7:67:dc:3b:cf:e5: 5e:97:b7:56:8f:88:1c:cd:75:e5:2e:62:f1:fc:c0:6b:04:9d: c4:5f:f2:85:95:e4:39:1d:61:aa:7a:a8:e3:d2:63:ac:9d:1b: 21:37:48:8b:da:37:6c:ba:71:77:db:d4:40:54:58:bb:ec:62: 50:8e:8c:f7:08:1a:06:57:56:7a:b5:81:00:e8:39:6e:18:c4: d3:25:72:af:86:2a:5b:e3:bb:1e:68:85:8e:6d:d4:4f:e8:42: 54:83:8f:ac:38:35:3d:2a:eb:40:f2:a8:32:3c:ce:a5:02:18: e1:1e:6c:48 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgICLMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjUxMDIyMDgwMjU4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0YzI4OC1jYmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1QMOSXFv2fkCmJem4L6OvvaoQsO2P93XU3FP5dTDHV94HqlQbOz/bjyNLPSU hMWVtA7ECjjUp9bgD3zE+iREX8XuD73IpUMO9HkLT+6FOhxIq7bVi976adM261MB SCOVfBXlH1B6mxMjCOqHhlggjtNDHZGDLDiA89wrlrUfnKRTfx9salZ9VvyjlFk7 hYSJCwVCmTKIMJP/ktv+OvGTQyggn3ChnQ/YJIz8H2Y0I+9cvOnQIdMM10GIebpm R1edTqzWk/vBIpm3qHDYjebSBtjyDDjui/6KorIxP0OUJQ/L7mF/axufqciPipFY 85BRZigDURTHn+EJ4dimVKnr+QIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPQMaWyR JXQl9WA72YTz8WEkFyK9MB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvODU4OUJEQTZB RjFEMTFGMEIwOTQ0RTIxQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBivwmMA0GCSqGSIb3DQEBCwUAA4IBAQDLQel4g5KZWdrULNiMnRTz dPPEYBK++JEGmM9e75Ywuhz2PPfbEcyj4L4VhVq+KuykbecmbPfopf4UGNtP/MfX iYyxtxaW1+A12zi45Qm++B7XQsYXVJTz5Jq3/qJH0OErhzCxi1afLs5zyzQJfkdt xzLZNhNuJaNWPudKQlh01ByAIcWWojEuV4X3Z9w7z+Vel7dWj4gczXXlLmLx/MBr BJ3EX/KFleQ5HWGqeqjj0mOsnRshN0iL2jdsunF329RAVFi77GJQjoz3CBoGV1Z6 tYEA6DluGMTTJXKvhipb47seaIWObdRP6EJUg4+sODU9KutA8qgyPM6lAhjhHmxI -----END CERTIFICATE-----Generated at Mon Mar 2 17:05:36 2026 by rpki-client