$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD4E2/14D2E7BAAEDA11F09D43E22EC4F9AE02/D08BF898AEDA11F09093014EC4F9AE02.roa File: D08BF898AEDA11F09093014EC4F9AE02.roa (raw, json) Hash identifier: bkWwsW8ZSkcQ9LnA3de1DycHNu5Ebnxo4aw0ZyQ67BE= Subject key identifier: B4:02:8C:F6:23:BD:67:15:44:99:3C:51:7C:DD:9A:72:4B:2A:59:2E Certificate issuer: /CN=A91FD4E2/serialNumber=A7F77F2047D3568C043A338C7932B0A23C8F6871 Certificate serial: 0B Authority key identifier: A7:F7:7F:20:47:D3:56:8C:04:3A:33:8C:79:32:B0:A2:3C:8F:68:71 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p_d_IEfTVowEOjOMeTKwojyPaHE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FD4E2/14D2E7BAAEDA11F09D43E22EC4F9AE02/D08BF898AEDA11F09093014EC4F9AE02.roa Signing time: Tue 04 Nov 2025 02:09:49 +0000 ROA not before: Tue 04 Nov 2025 02:09:49 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 154309 IP address blocks: 138.252.80.0/23 maxlen: 23 138.252.80.0/24 maxlen: 24 138.252.81.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FD4E2/14D2E7BAAEDA11F09D43E22EC4F9AE02/p_d_IEfTVowEOjOMeTKwojyPaHE.crl rsync://rpki.apnic.net/member_repository/A91FD4E2/14D2E7BAAEDA11F09D43E22EC4F9AE02/p_d_IEfTVowEOjOMeTKwojyPaHE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p_d_IEfTVowEOjOMeTKwojyPaHE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:13:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD4E2, serialNumber=A7F77F2047D3568C043A338C7932B0A23C8F6871 Validity Not Before: Nov 4 02:09:49 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=6909606d-1a78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:f8:71:c3:e9:1d:47:b8:93:9c:31:58:60:2d: 95:d4:ce:e5:21:ce:f9:ed:36:09:bb:c0:69:d4:34: f3:a5:42:3e:c5:0d:63:2a:56:bb:49:f7:6e:9e:52: f1:60:5e:a8:c4:1e:92:26:1a:de:65:ec:29:35:f8: 05:c5:5e:64:0e:32:53:9c:ee:f9:f2:f7:8f:0d:2f: ac:8a:57:01:02:04:a2:ad:01:f9:32:64:4f:2b:f5: ab:33:a8:6f:54:dc:57:f1:40:c2:89:11:9b:f6:40: ea:c5:c7:64:4a:5d:4c:59:41:a4:16:24:76:0e:4a: 3e:5f:cd:ab:77:a5:93:84:3e:36:0d:17:5e:b8:03: 2b:70:2b:60:ff:f6:e9:70:ab:02:4b:d8:78:d0:00: cb:f6:f6:be:7f:5f:9a:87:c7:23:2e:15:fd:de:a2: 46:b8:25:f9:ce:3f:d2:b4:4d:35:4a:6f:21:f5:8a: 5a:13:19:51:18:a6:f6:df:8a:45:cc:53:2b:cf:e7: 02:63:30:84:a8:2c:02:99:64:53:16:ad:24:4b:1d: c0:1c:25:cf:4b:fe:07:5b:25:98:46:e3:44:fa:bd: 91:8a:54:04:6d:94:4e:10:46:17:ab:58:77:b3:14: d9:2c:1d:f9:83:db:05:cf:18:e5:0e:d6:10:95:a5: c9:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:02:8C:F6:23:BD:67:15:44:99:3C:51:7C:DD:9A:72:4B:2A:59:2E X509v3 Authority Key Identifier: keyid:A7:F7:7F:20:47:D3:56:8C:04:3A:33:8C:79:32:B0:A2:3C:8F:68:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FD4E2/14D2E7BAAEDA11F09D43E22EC4F9AE02/p_d_IEfTVowEOjOMeTKwojyPaHE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p_d_IEfTVowEOjOMeTKwojyPaHE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD4E2/14D2E7BAAEDA11F09D43E22EC4F9AE02/D08BF898AEDA11F09093014EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 138.252.80.0/23 Signature Algorithm: sha256WithRSAEncryption 06:27:cd:e5:86:1d:e3:23:ee:eb:c9:0f:18:43:1b:38:15:9e: d0:47:d9:91:5f:00:ca:08:91:b0:51:d2:76:cc:46:e8:a1:17: de:c0:49:0e:1d:6c:24:32:ce:f7:bf:8c:2d:10:c4:83:d1:72: eb:f4:aa:6c:2c:65:18:64:97:e9:5b:91:1c:c0:99:fe:73:6c: 02:9c:af:06:cf:3d:c7:99:24:7a:e5:ee:7d:cc:73:58:e5:09: 99:a6:06:dd:ba:26:ff:c3:28:dd:38:27:fd:b4:71:62:1a:65: 44:73:bb:fd:31:6f:2a:1f:dd:96:0f:9b:d6:8a:e2:d9:e8:89: 7f:17:bd:78:27:1d:25:0e:57:fe:80:39:bf:57:37:fc:2a:98: f9:b1:c4:d0:e6:6b:e1:8f:f5:3e:78:6e:15:28:d3:06:b5:f9: a9:8d:2d:14:17:aa:c1:81:5c:bd:27:8b:71:42:e1:e7:ce:c0: 7f:1e:4f:2e:75:33:4d:57:d7:de:83:b1:0b:f1:61:8b:23:d4: 5d:8c:c3:7f:58:03:55:64:51:b9:10:b0:a8:bf:c1:8f:e3:47: db:eb:10:e1:7e:c3:c1:d7:26:9d:37:71:45:a5:62:ac:07:9f: 29:5e:67:26:de:7b:fd:ee:2e:81:68:da:cd:3c:af:e9:73:da: d0:b7:6f:f3 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG RDRFMjExMC8GA1UEBRMoQTdGNzdGMjA0N0QzNTY4QzA0M0EzMzhDNzkzMkIwQTIz QzhGNjg3MTAeFw0yNTExMDQwMjA5NDlaFw0yNzAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MDk2MDZkLTFhNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDd+HHD6R1HuJOcMVhgLZXUzuUhzvntNgm7wGnUNPOlQj7FDWMqVrtJ926eUvFg XqjEHpImGt5l7Ck1+AXFXmQOMlOc7vny948NL6yKVwECBKKtAfkyZE8r9aszqG9U 3FfxQMKJEZv2QOrFx2RKXUxZQaQWJHYOSj5fzat3pZOEPjYNF164AytwK2D/9ulw qwJL2HjQAMv29r5/X5qHxyMuFf3eoka4JfnOP9K0TTVKbyH1iloTGVEYpvbfikXM UyvP5wJjMISoLAKZZFMWrSRLHcAcJc9L/gdbJZhG40T6vZGKVARtlE4QRherWHez FNksHfmD2wXPGOUO1hCVpcktAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUtAKM9iO9 ZxVEmTxRfN2acksqWS4wHwYDVR0jBBgwFoAUp/d/IEfTVowEOjOMeTKwojyPaHEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZENEUyLzE0RDJFN0JBQUVE QTExRjA5RDQzRTIyRUM0RjlBRTAyL3BfZF9JRWZUVm93RU9qT01lVEt3b2p5UGFI RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcF9kX0lFZlRWb3dFT2pPTWVUS3dvanlQYUhFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RDRFMi8xNEQyRTdCQUFFREExMUYwOUQ0M0UyMkVDNEY5QUUwMi9EMDhCRjg5OEFF REExMUYwOTA5MzAxNEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAYr8UDANBgkqhkiG9w0BAQsFAAOCAQEABifN5YYd4yPu68kP GEMbOBWe0EfZkV8AygiRsFHSdsxG6KEX3sBJDh1sJDLO97+MLRDEg9Fy6/SqbCxl GGSX6VuRHMCZ/nNsApyvBs89x5kkeuXufcxzWOUJmaYG3bom/8Mo3Tgn/bRxYhpl RHO7/TFvKh/dlg+b1ori2eiJfxe9eCcdJQ5X/oA5v1c3/CqY+bHE0OZr4Y/1Pnhu FSjTBrX5qY0tFBeqwYFcvSeLcULh587Afx5PLnUzTVfX3oOxC/FhiyPUXYzDf1gD VWRRuRCwqL/Bj+NH2+sQ4X7DwdcmnTdxRaVirAefKV5nJt57/e4ugWjazTyv6XPa 0Ldv8w== -----END CERTIFICATE-----Generated at Wed Nov 5 23:44:16 2025 by rpki-client