$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/B2C9B10A881311EE8CFB5C43C4F9AE02.roa File: B2C9B10A881311EE8CFB5C43C4F9AE02.roa (raw, json) Hash identifier: oB4kxasRgRq+GKJ70NUc/sJMH3q5nYfTRjnemmCHnis= Subject key identifier: B8:D5:5D:21:94:BA:C6:E4:BE:21:6D:2C:1A:E9:58:E7:2F:41:04:3E Certificate issuer: /CN=A91E6856/serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Certificate serial: 01DF Authority key identifier: 3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/B2C9B10A881311EE8CFB5C43C4F9AE02.roa Signing time: Sun 01 Mar 2026 11:36:20 +0000 ROA not before: Sat 30 Aug 2025 18:08:27 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 24433 IP address blocks: 138.77.0.0/16 maxlen: 17 138.77.96.0/21 maxlen: 21 138.77.104.0/21 maxlen: 21 138.77.168.0/21 maxlen: 21 138.77.208.0/21 maxlen: 21 138.77.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 479 (0x1df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6856, serialNumber=3A6823A10F03BFACA4068D3398444F3641085485 Validity Not Before: Aug 30 18:08:27 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=69a424b4-bfbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:1b:a9:30:d9:cf:6c:ec:82:6b:38:30:8e:f2: 6c:2e:f2:87:ab:cd:aa:06:ca:6f:7b:48:a5:0a:9e: 69:2c:61:50:69:f4:14:84:08:77:c3:fe:cc:4e:ee: 39:1f:a1:ec:9f:2a:95:a8:6c:97:76:f3:ec:0b:50: de:c0:d5:7f:c4:c8:83:c8:20:6e:f4:8a:93:36:22: 34:34:d9:11:d6:cc:ca:75:0d:82:49:db:14:34:54: fe:bb:a9:5f:35:f4:f8:a9:3e:41:35:35:ce:09:4a: 8d:27:b4:a3:27:19:bb:cc:34:2b:4b:67:87:9a:df: dd:70:a6:cf:67:8a:f3:5c:36:21:54:4f:29:91:2f: a9:af:51:c5:75:69:e6:1e:96:77:00:8d:22:77:2e: 9b:0c:95:66:d7:f2:92:e9:bd:60:2d:6c:b3:9c:dd: 1c:77:fe:97:ea:fd:79:b5:de:aa:9b:2b:21:16:08: 68:77:71:59:2a:f3:61:3b:c1:ed:73:ea:b0:84:fa: c3:c0:10:c8:2f:43:f3:da:9c:4c:63:d0:0a:b9:3e: 62:ef:17:d4:e3:e0:88:23:75:5f:73:51:f2:21:7d: 60:e7:86:75:e9:8c:7b:c3:fa:23:79:39:80:4b:78: 3a:0d:cc:a6:ba:c1:e1:c7:ff:08:c7:81:48:6f:bc: c4:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:D5:5D:21:94:BA:C6:E4:BE:21:6D:2C:1A:E9:58:E7:2F:41:04:3E X509v3 Authority Key Identifier: keyid:3A:68:23:A1:0F:03:BF:AC:A4:06:8D:33:98:44:4F:36:41:08:54:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OmgjoQ8Dv6ykBo0zmERPNkEIVIU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6856/2DDB426E486311EEBC0BD213C4F9AE02/B2C9B10A881311EE8CFB5C43C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 138.77.0.0/16 Signature Algorithm: sha256WithRSAEncryption 1f:2f:ae:5f:a8:1d:3a:b1:5d:31:5e:c7:f4:ee:f3:5d:4b:08: 44:b5:d1:ce:14:7a:78:50:45:a7:53:5a:06:66:5b:f5:79:72: 26:72:1c:b5:8c:f8:7e:f7:88:17:3d:7f:62:03:99:f4:d8:6e: 85:c8:ee:14:b2:a9:b7:b1:81:a0:be:85:26:03:c0:a7:03:51: 73:9f:7b:b3:e2:e0:b7:cd:b8:e9:66:72:37:4a:ec:75:34:71: c2:cd:40:96:54:29:52:61:28:b8:60:b4:87:9e:a3:4f:07:85: b3:86:4d:bf:3e:1d:16:e7:ac:f1:8c:e8:82:84:58:e2:8e:f3: d3:52:6e:91:fc:d7:cb:d3:14:5c:76:b9:58:60:bc:31:6c:be: dc:28:52:4f:73:5b:09:81:b7:eb:c4:bf:c4:9f:8e:be:4b:75: 89:a8:79:9d:9f:f2:b9:f8:fb:1f:40:62:d5:21:eb:e4:2a:19: 0a:2f:ed:78:74:02:d3:2a:53:68:0e:79:2c:78:7b:c3:b8:ff: 2a:fb:0b:bd:8a:1a:2c:f1:07:d1:fe:e0:df:b4:34:c5:af:70: a8:b7:5f:e7:32:e0:41:63:88:40:83:1c:2e:ca:44:df:70:75: ab:0c:7d:33:27:2e:a9:21:81:18:e7:11:52:35:90:2c:69:06: 31:33:c5:f3 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgICAd8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY4NTYxMTAvBgNVBAUTKDNBNjgyM0ExMEYwM0JGQUNBNDA2OEQzMzk4NDQ0RjM2 NDEwODU0ODUwHhcNMjUwODMwMTgwODI3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MjRiNC1iZmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnhupMNnPbOyCazgwjvJsLvKHq82qBspve0ilCp5pLGFQafQUhAh3w/7MTu45 H6HsnyqVqGyXdvPsC1DewNV/xMiDyCBu9IqTNiI0NNkR1szKdQ2CSdsUNFT+u6lf NfT4qT5BNTXOCUqNJ7SjJxm7zDQrS2eHmt/dcKbPZ4rzXDYhVE8pkS+pr1HFdWnm HpZ3AI0idy6bDJVm1/KS6b1gLWyznN0cd/6X6v15td6qmyshFghod3FZKvNhO8Ht c+qwhPrDwBDIL0Pz2pxMY9AKuT5i7xfU4+CII3Vfc1HyIX1g54Z16Yx7w/ojeTmA S3g6DcymusHhx/8Ix4FIb7zE1QIDAQABo4ICXzCCAlswHQYDVR0OBBYEFLjVXSGU usbkviFtLBrpWOcvQQQ+MB8GA1UdIwQYMBaAFDpoI6EPA7+spAaNM5hETzZBCFSF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjg1Ni8yRERCNDI2RTQ4 NjMxMUVFQkMwQkQyMTNDNEY5QUUwMi9PbWdqb1E4RHY2eWtCbzB6bUVSUE5rRUlW SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL09tZ2pvUThEdjZ5a0JvMHptRVJQTmtFSVZJVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTY4NTYvMkREQjQyNkU0ODYzMTFFRUJDMEJEMjEzQzRGOUFFMDIvQjJDOUIxMEE4 ODEzMTFFRThDRkI1QzQzQzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAik0wDQYJKoZIhvcNAQELBQADggEBAB8vrl+oHTqxXTFex/Tu811L CES10c4UenhQRadTWgZmW/V5ciZyHLWM+H73iBc9f2IDmfTYboXI7hSyqbexgaC+ hSYDwKcDUXOfe7Pi4LfNuOlmcjdK7HU0ccLNQJZUKVJhKLhgtIeeo08HhbOGTb8+ HRbnrPGM6IKEWOKO89NSbpH818vTFFx2uVhgvDFsvtwoUk9zWwmBt+vEv8Sfjr5L dYmoeZ2f8rn4+x9AYtUh6+QqGQov7Xh0AtMqU2gOeSx4e8O4/yr7C72KGizxB9H+ 4N+0NMWvcKi3X+cy4EFjiECDHC7KRN9wdasMfTMnLqkhgRjnEVI1kCxpBjEzxfM= -----END CERTIFICATE-----Generated at Mon Mar 2 10:56:25 2026 by rpki-client