$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/3A883F284B3E11F0817E3C31C4F9AE02.roa File: 3A883F284B3E11F0817E3C31C4F9AE02.roa (raw, json) Hash identifier: v527tHPDU0uVPbXjXzW0KocA0xKJVkiNxeh4nwu9KSk= Subject key identifier: A9:63:FF:C8:0B:01:DB:B0:A5:92:5E:7C:60:8D:DB:10:F4:D8:21:1D Certificate issuer: /CN=A91B3D30/serialNumber=01EE089DD4867B2CB276582AA97B318F509EA6EE Certificate serial: 0B56 Authority key identifier: 01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/3A883F284B3E11F0817E3C31C4F9AE02.roa Signing time: Thu 10 Jul 2025 05:27:48 +0000 ROA not before: Thu 10 Jul 2025 05:27:48 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 213607 IP address blocks: 103.23.128.0/24 maxlen: 24 103.23.129.0/24 maxlen: 24 103.23.130.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.crl rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 19:25:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2902 (0xb56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B3D30, serialNumber=01EE089DD4867B2CB276582AA97B318F509EA6EE Validity Not Before: Jul 10 05:27:48 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=686f4f53-1266 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:1c:b0:b9:cc:34:5a:87:67:ff:b0:67:bb:e1: 9f:bf:d3:e3:f1:12:84:42:a7:20:6b:cd:ff:c2:12: 8a:d9:76:5f:f2:b1:38:fe:3f:9d:7b:f1:ee:fc:f2: 4c:da:25:83:5b:1c:e5:eb:e6:84:2c:9b:bf:b7:70: 29:0b:7b:d6:79:1d:7a:e2:05:f2:51:30:1a:ba:43: 0c:a3:5e:bb:63:14:ae:fc:d3:40:2d:c0:c9:cf:c9: 5b:fb:dd:7b:bc:8b:0c:e4:f7:56:b2:86:b2:3e:33: f0:49:d3:dd:c4:f3:07:f7:24:5e:b4:9d:01:42:b2: 59:a9:f3:d1:fc:82:f3:ac:b2:f6:4e:65:68:43:ee: d9:90:bc:88:fb:f5:11:70:ff:e7:8a:e2:dd:69:68: 98:95:a2:25:9b:11:3d:c2:0f:56:44:22:2b:b1:d6: bf:98:e6:95:78:f0:2c:dc:97:92:53:8e:26:6f:52: 38:be:8b:17:fd:5f:1e:41:33:4b:95:f8:23:22:5a: fa:57:97:a2:1c:94:eb:b1:82:24:e9:85:50:c7:4a: 9a:04:7d:f9:bc:01:07:c2:31:27:c1:b7:fa:20:bc: e1:ee:6d:3e:78:57:8f:e3:22:45:ac:03:12:9b:4c: 0c:b3:1a:74:b4:ff:8a:28:8b:f3:82:77:f9:43:12: ce:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:63:FF:C8:0B:01:DB:B0:A5:92:5E:7C:60:8D:DB:10:F4:D8:21:1D X509v3 Authority Key Identifier: keyid:01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/3A883F284B3E11F0817E3C31C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.23.128.0-103.23.130.255 Signature Algorithm: sha256WithRSAEncryption 22:a4:24:f1:a2:fb:9a:2c:4f:e6:60:4c:6a:c7:fe:08:2c:08: 81:c1:c8:73:8b:e0:a2:0a:1e:f1:e0:30:87:11:11:7c:d2:ee: ed:74:db:53:b5:20:34:b3:41:97:a3:1a:00:cb:97:4e:d2:4f: ff:ef:85:47:fd:2e:cc:2f:ff:3e:80:54:21:05:dd:e7:62:3c: 5d:7a:29:35:1b:3a:ca:e5:47:07:97:ef:07:c3:73:5c:e5:6e: 68:07:ff:70:d7:13:5d:ee:b4:52:d5:42:9f:ea:a7:df:47:cd: ff:6e:64:90:39:3e:d7:0d:cd:19:42:24:21:a1:a0:b2:66:7d: 38:9b:21:9e:68:66:6b:3e:df:fa:7c:74:2c:f6:2e:c4:0a:7a: b6:94:82:0f:0c:3d:66:08:f7:7d:60:5a:7b:40:33:48:91:33: eb:23:a7:0a:c3:1c:39:69:8f:7c:b5:d8:cd:f1:2e:9f:a7:c4: d4:a8:4e:de:97:2b:15:a5:db:67:2d:71:30:b6:32:65:0a:c1: 2f:e1:7f:70:6e:7a:06:ef:1e:b3:b1:98:05:0f:77:38:14:e9: 76:ea:02:37:c2:73:a4:19:ac:27:2f:7d:e1:c8:9f:86:13:d7: 46:3e:a9:27:f5:69:4f:32:5e:34:bb:e9:11:63:1e:e0:e0:51: 15:5f:d7:1a -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgICC1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjNEMzAxMTAvBgNVBAUTKDAxRUUwODlERDQ4NjdCMkNCMjc2NTgyQUE5N0IzMThG NTA5RUE2RUUwHhcNMjUwNzEwMDUyNzQ4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02ODZmNGY1My0xMjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoBywucw0Wodn/7Bnu+Gfv9Pj8RKEQqcga83/whKK2XZf8rE4/j+de/Hu/PJM 2iWDWxzl6+aELJu/t3ApC3vWeR164gXyUTAaukMMo167YxSu/NNALcDJz8lb+917 vIsM5PdWsoayPjPwSdPdxPMH9yRetJ0BQrJZqfPR/ILzrLL2TmVoQ+7ZkLyI+/UR cP/niuLdaWiYlaIlmxE9wg9WRCIrsda/mOaVePAs3JeSU44mb1I4vosX/V8eQTNL lfgjIlr6V5eiHJTrsYIk6YVQx0qaBH35vAEHwjEnwbf6ILzh7m0+eFeP4yJFrAMS m0wMsxp0tP+KKIvzgnf5QxLOGwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFKlj/8gL AduwpZJefGCN2xD02CEdMB8GA1UdIwQYMBaAFAHuCJ3UhnsssnZYKql7MY9Qnqbu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0QzMC9FM0RGNDY5QzQx NjgxMUVBQUU4QTc3NTBDNEY5QUUwMi9BZTRJbmRTR2V5eXlkbGdxcVhzeGoxQ2Vw dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FlNEluZFNHZXl5eWRsZ3FxWHN4ajFDZXB1NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjNEMzAvRTNERjQ2OUM0MTY4MTFFQUFFOEE3NzUwQzRGOUFFMDIvM0E4ODNGMjg0 QjNFMTFGMDgxN0UzQzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E GDAWMBQEAgABMA4wDAMEB2cXgAMEAGcXgjANBgkqhkiG9w0BAQsFAAOCAQEAIqQk 8aL7mixP5mBMasf+CCwIgcHIc4vgogoe8eAwhxERfNLu7XTbU7UgNLNBl6MaAMuX TtJP/++FR/0uzC//PoBUIQXd52I8XXopNRs6yuVHB5fvB8NzXOVuaAf/cNcTXe60 UtVCn+qn30fN/25kkDk+1w3NGUIkIaGgsmZ9OJshnmhmaz7f+nx0LPYuxAp6tpSC Dww9Zgj3fWBae0AzSJEz6yOnCsMcOWmPfLXYzfEun6fE1KhO3pcrFaXbZy1xMLYy ZQrBL+F/cG56Bu8es7GYBQ93OBTpduoCN8JzpBmsJy994cifhhPXRj6pJ/VpTzJe NLvpEWMe4OBRFV/XGg== -----END CERTIFICATE-----Generated at Sun Jul 20 07:32:18 2025 by rpki-client