$ rpki-client -vvf rpki.apnic.net/member_repository/A911C075/75A6218ADE3911E783B7CC6CC4F9AE02/3EB855ACDE3A11E781926D6DC4F9AE02.roa File: 3EB855ACDE3A11E781926D6DC4F9AE02.roa (raw, json) Hash identifier: pmFcdGVwmZbjXIQHqR6tWaLYAfgieWv2AQLQfqH1FXE= Subject key identifier: E5:B2:2B:56:71:67:CA:9A:B6:CF:9A:B6:3F:4A:40:74:1A:82:5C:ED Certificate issuer: /CN=A911C075/serialNumber=16CE8C1970B86A4AF4F35639104668D095B3D4E8 Certificate serial: 17A1 Authority key identifier: 16:CE:8C:19:70:B8:6A:4A:F4:F3:56:39:10:46:68:D0:95:B3:D4:E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fs6MGXC4akr081Y5EEZo0JWz1Og.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C075/75A6218ADE3911E783B7CC6CC4F9AE02/3EB855ACDE3A11E781926D6DC4F9AE02.roa Signing time: Wed 08 Oct 2025 16:45:40 +0000 ROA not before: Wed 08 Oct 2025 16:45:40 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 135607 IP address blocks: 36.255.60.0/22 maxlen: 22 36.255.60.0/24 maxlen: 24 36.255.61.0/24 maxlen: 24 36.255.62.0/24 maxlen: 24 36.255.63.0/24 maxlen: 24 103.236.176.0/24 maxlen: 24 103.236.177.0/24 maxlen: 24 103.236.178.0/24 maxlen: 24 103.236.179.0/24 maxlen: 24 2402:2dc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C075/75A6218ADE3911E783B7CC6CC4F9AE02/Fs6MGXC4akr081Y5EEZo0JWz1Og.crl rsync://rpki.apnic.net/member_repository/A911C075/75A6218ADE3911E783B7CC6CC4F9AE02/Fs6MGXC4akr081Y5EEZo0JWz1Og.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fs6MGXC4akr081Y5EEZo0JWz1Og.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 16:46:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6049 (0x17a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C075, serialNumber=16CE8C1970B86A4AF4F35639104668D095B3D4E8 Validity Not Before: Oct 8 16:45:40 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68e69534-8987 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:cd:a7:aa:c8:48:45:04:69:4c:d1:7e:85:d8: f7:cf:be:ce:ed:c7:55:b5:77:92:00:d1:32:6b:c6: 42:20:31:58:c2:62:78:e5:2a:82:e6:c1:f5:f9:4c: d5:09:34:c5:f4:8e:e4:a4:eb:3a:7a:4a:67:25:5d: bb:04:ce:4d:09:55:67:b6:b8:38:63:15:7d:25:7e: 42:a3:9d:77:cf:11:bd:5e:d8:7f:f9:9b:3d:1f:8e: cf:6b:7e:33:3e:8c:f1:9f:13:40:35:5d:7a:10:b6: 74:46:51:42:e5:e0:e3:7b:ee:ed:ac:61:c7:21:55: 97:fc:9f:a4:07:28:74:f0:03:e9:6a:ca:0d:3b:37: 2c:12:46:80:5b:6a:e6:bc:03:90:a1:79:b7:6b:f8: fc:4c:52:a1:69:42:d7:23:58:ca:a1:e6:31:e9:7b: 08:25:e4:34:e0:bb:00:36:d7:05:f6:0d:da:c9:9d: cc:d2:81:17:1c:1c:20:ee:6a:f5:76:79:53:05:06: 0e:cb:fd:eb:53:9e:44:37:1a:bb:93:68:97:ae:79: 80:68:5e:28:43:88:df:d2:18:8a:be:c9:6f:03:47: 3c:0c:33:14:b7:fc:dc:fd:2a:14:2d:31:02:47:fa: 78:4f:0d:94:b4:98:57:d8:b5:1e:e7:1c:ec:ea:d4: ad:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:B2:2B:56:71:67:CA:9A:B6:CF:9A:B6:3F:4A:40:74:1A:82:5C:ED X509v3 Authority Key Identifier: keyid:16:CE:8C:19:70:B8:6A:4A:F4:F3:56:39:10:46:68:D0:95:B3:D4:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C075/75A6218ADE3911E783B7CC6CC4F9AE02/Fs6MGXC4akr081Y5EEZo0JWz1Og.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fs6MGXC4akr081Y5EEZo0JWz1Og.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C075/75A6218ADE3911E783B7CC6CC4F9AE02/3EB855ACDE3A11E781926D6DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.255.60.0/22 103.236.176.0/22 IPv6: 2402:2dc0::/32 Signature Algorithm: sha256WithRSAEncryption 1f:48:80:be:82:fb:bd:cb:48:d2:52:b5:3c:68:0e:8f:b7:5a: 51:d6:83:c8:dc:75:ce:97:d3:dd:5a:fd:70:28:f2:e1:be:cd: 45:fc:3b:fa:3d:9d:b7:9b:86:91:b3:6e:e2:48:c7:06:1b:67: de:e9:d6:11:ec:ae:c4:0d:21:cf:5f:73:37:bb:0d:77:58:71: 6d:43:75:29:10:88:fc:26:ba:b0:7b:5a:e7:00:ec:b3:a6:21: 5d:07:07:0c:63:b6:c6:de:f4:41:14:ad:20:65:57:b2:9f:9e: 9d:73:26:31:fc:75:d0:73:39:77:8f:13:63:f4:c6:4e:51:13: ad:5f:a1:fa:c3:40:7f:c7:4a:38:93:8a:32:7e:88:f0:c0:08: 87:90:0d:07:7b:0b:79:b9:2d:66:c3:22:b9:f3:a9:2b:0c:b1: 1d:26:f1:04:e8:a6:fc:41:74:28:5d:3b:0f:3a:7a:93:e2:88: 22:e4:f4:90:97:21:74:e3:a8:05:ea:d2:b7:23:b2:f0:77:42: 38:0d:1e:b4:f8:ec:09:43:86:a3:0d:af:fb:83:59:89:95:35: 9e:a6:5f:f6:e6:28:04:0e:7c:35:c5:47:2b:8f:0c:d3:85:b8: f8:b1:90:64:c4:41:10:2f:e9:af:f0:35:81:d4:74:04:a6:d0: 29:b1:ea:dd -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICF6EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUMwNzUxMTAvBgNVBAUTKDE2Q0U4QzE5NzBCODZBNEFGNEYzNTYzOTEwNDY2OEQw OTVCM0Q0RTgwHhcNMjUxMDA4MTY0NTQwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGU2OTUzNC04OTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAys2nqshIRQRpTNF+hdj3z77O7cdVtXeSANEya8ZCIDFYwmJ45SqC5sH1+UzV CTTF9I7kpOs6ekpnJV27BM5NCVVntrg4YxV9JX5Co513zxG9Xth/+Zs9H47Pa34z PozxnxNANV16ELZ0RlFC5eDje+7trGHHIVWX/J+kByh08APpasoNOzcsEkaAW2rm vAOQoXm3a/j8TFKhaULXI1jKoeYx6XsIJeQ04LsANtcF9g3ayZ3M0oEXHBwg7mr1 dnlTBQYOy/3rU55ENxq7k2iXrnmAaF4oQ4jf0hiKvslvA0c8DDMUt/zc/SoULTEC R/p4Tw2UtJhX2LUe5xzs6tStrQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOWyK1Zx Z8qats+atj9KQHQaglztMB8GA1UdIwQYMBaAFBbOjBlwuGpK9PNWORBGaNCVs9To MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzA3NS83NUE2MjE4QURF MzkxMUU3ODNCN0NDNkNDNEY5QUUwMi9GczZNR1hDNGFrcjA4MVk1RUVabzBKV3ox T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZzNk1HWEM0YWtyMDgxWTVFRVpvMEpXejFPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUMwNzUvNzVBNjIxOEFERTM5MTFFNzgzQjdDQzZDQzRGOUFFMDIvM0VCODU1QUNE RTNBMTFFNzgxOTI2RDZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAIk/zwDBAJn7LAwDQQCAAIwBwMFACQCLcAwDQYJKoZIhvcN AQELBQADggEBAB9IgL6C+73LSNJStTxoDo+3WlHWg8jcdc6X091a/XAo8uG+zUX8 O/o9nbebhpGzbuJIxwYbZ97p1hHsrsQNIc9fcze7DXdYcW1DdSkQiPwmurB7WucA 7LOmIV0HBwxjtsbe9EEUrSBlV7Kfnp1zJjH8ddBzOXePE2P0xk5RE61fofrDQH/H SjiTijJ+iPDACIeQDQd7C3m5LWbDIrnzqSsMsR0m8QTopvxBdChdOw86epPiiCLk 9JCXIXTjqAXq0rcjsvB3QjgNHrT47AlDhqMNr/uDWYmVNZ6mX/bmKAQOfDXFRyuP DNOFuPixkGTEQRAv6a/wNYHUdASm0Cmx6t0= -----END CERTIFICATE-----Generated at Tue Oct 28 16:20:59 2025 by rpki-client