$ rpki-client -vvf rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/C3738F60A78511F0B1D3342CC4F9AE02.roa File: C3738F60A78511F0B1D3342CC4F9AE02.roa (raw, json) Hash identifier: doeraFCMJ4YY06qP/CyZ7CStviCw2H65v541coUCoQs= Subject key identifier: 02:3E:D3:98:4E:FC:9F:3F:D0:F8:30:42:75:6C:B0:F7:0E:A7:B4:5F Certificate issuer: /CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Certificate serial: 0847 Authority key identifier: D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/C3738F60A78511F0B1D3342CC4F9AE02.roa Signing time: Sun 12 Oct 2025 16:09:00 +0000 ROA not before: Sun 12 Oct 2025 16:09:00 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 55933 IP address blocks: 43.240.12.0/22 maxlen: 24 45.125.12.0/22 maxlen: 24 103.39.108.0/22 maxlen: 24 103.51.144.0/22 maxlen: 24 103.193.148.0/22 maxlen: 24 103.246.244.0/22 maxlen: 24 123.108.108.0/22 maxlen: 24 123.254.104.0/21 maxlen: 24 182.237.0.0/22 maxlen: 24 2404:8c80::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 22:11:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2119 (0x847) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91397C2, serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Validity Not Before: Oct 12 16:09:00 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=68ebd29c-4f3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:1b:45:f9:a9:be:54:73:c3:bb:91:11:5d:1b: 25:cb:fc:06:e9:4f:e9:64:f8:49:1c:2f:7e:fc:33: a7:3a:d0:eb:ba:86:b9:28:c0:6b:86:b2:56:e1:64: 0b:6c:0a:91:c6:56:3c:cc:32:ce:d7:4b:f8:ce:76: be:a4:7e:ca:70:b9:17:f6:91:a8:ca:45:8a:56:89: b5:86:84:85:2a:56:20:03:ff:83:de:8b:74:fa:33: 52:7e:63:2a:f2:bb:a3:a3:da:be:6e:44:f3:5c:81: a3:a8:60:a4:07:a4:d4:ee:67:41:b7:fa:43:4e:b0: 11:a2:ab:b0:e6:a0:72:12:e3:d5:ec:43:dc:41:6c: d7:6a:96:5a:b6:48:8f:24:e6:35:53:fe:46:38:ed: 98:dc:a1:ff:79:23:b1:94:49:be:d8:06:4b:fc:5b: 11:b9:c6:17:af:74:6f:11:03:40:96:c2:e5:2e:72: 4d:1f:47:45:93:e9:45:c5:c0:26:5b:40:fd:b5:36: f8:57:10:95:d1:20:eb:db:af:7a:01:32:58:13:60: 34:b4:28:d9:5d:63:34:59:bd:9e:d1:20:6a:ab:39: dd:9c:8f:ab:2e:a1:5f:f0:d7:5c:6d:e3:62:9d:4a: b3:20:de:8b:ea:49:f8:0d:54:af:f5:e8:e4:fa:01: b7:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:3E:D3:98:4E:FC:9F:3F:D0:F8:30:42:75:6C:B0:F7:0E:A7:B4:5F X509v3 Authority Key Identifier: keyid:D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/C3738F60A78511F0B1D3342CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.240.12.0/22 45.125.12.0/22 103.39.108.0/22 103.51.144.0/22 103.193.148.0/22 103.246.244.0/22 123.108.108.0/22 123.254.104.0/21 182.237.0.0/22 IPv6: 2404:8c80::/32 Signature Algorithm: sha256WithRSAEncryption 5b:2f:a6:21:51:e5:a6:1c:01:25:58:2b:49:5f:56:83:6e:ec: 7e:52:13:ca:cc:98:51:85:dd:76:0f:c1:7e:90:48:3e:83:e9: 4a:7d:ef:b1:be:4f:88:79:52:2b:0e:42:71:cf:e5:2e:fe:cf: 9f:ac:3e:66:0a:5d:fd:90:2b:82:cc:32:11:e2:6a:84:c3:9d: b3:c8:51:53:6f:6c:34:d3:b6:93:e8:77:12:4b:17:d8:96:89: f0:3c:df:21:7b:ec:e0:62:05:66:57:9a:ca:57:42:fa:66:71: a1:71:32:da:c3:75:cd:cf:ea:0f:43:13:70:35:f8:fe:09:d1: 3a:64:2e:49:57:f6:b5:dd:2a:da:27:fb:d4:15:9d:35:c8:9a: 52:80:b9:f3:4b:cc:db:08:2b:1f:17:61:04:15:ab:be:1f:5b: 38:b7:df:5d:1b:57:b1:31:bc:eb:e6:5f:ac:f2:58:2c:c1:a5: 47:7d:83:35:5c:b0:64:03:53:22:25:c1:ca:0c:84:d4:95:8a: b7:c1:b3:d1:b2:44:5c:00:a0:b4:b5:1a:d5:25:d8:fc:ba:cc: 41:cc:c7:76:d9:2c:a7:b8:bc:88:35:f6:0f:40:7c:34:c9:5c: c5:e5:7d:97:e1:d1:0f:2b:06:31:20:d0:4a:ce:9a:44:47:1b: 63:fb:6c:5c -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgICCEcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk3QzIxMTAvBgNVBAUTKEQzRDE1QUVFOUE0RjhBRTVDMjgxMTA4QTdEMkQzQUQ4 MUQ0RTc5Q0QwHhcNMjUxMDEyMTYwOTAwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGViZDI5Yy00ZjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7RtF+am+VHPDu5ERXRsly/wG6U/pZPhJHC9+/DOnOtDruoa5KMBrhrJW4WQL bAqRxlY8zDLO10v4zna+pH7KcLkX9pGoykWKVom1hoSFKlYgA/+D3ot0+jNSfmMq 8rujo9q+bkTzXIGjqGCkB6TU7mdBt/pDTrARoquw5qByEuPV7EPcQWzXapZatkiP JOY1U/5GOO2Y3KH/eSOxlEm+2AZL/FsRucYXr3RvEQNAlsLlLnJNH0dFk+lFxcAm W0D9tTb4VxCV0SDr2696ATJYE2A0tCjZXWM0Wb2e0SBqqzndnI+rLqFf8NdcbeNi nUqzIN6L6kn4DVSv9ejk+gG3gwIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFAI+05hO /J8/0PgwQnVssPcOp7RfMB8GA1UdIwQYMBaAFNPRWu6aT4rlwoEQin0tOtgdTnnN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTdDMi80RTQyNkRFOEZC RUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1WENnUkNLZlMwNjJCMU9l YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA5RmE3cHBQaXVYQ2dSQ0tmUzA2MkIxT2VjMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Mzk3QzIvNEU0MjZERThGQkVBMTFFQTk0MEExRDE5QzRGOUFFMDIvQzM3MzhGNjBB Nzg1MTFGMEIxRDMzNDJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E TzBNMDwEAgABMDYDBAIr8AwDBAItfQwDBAJnJ2wDBAJnM5ADBAJnwZQDBAJn9vQD BAJ7bGwDBAN7/mgDBAK27QAwDQQCAAIwBwMFACQEjIAwDQYJKoZIhvcNAQELBQAD ggEBAFsvpiFR5aYcASVYK0lfVoNu7H5SE8rMmFGF3XYPwX6QSD6D6Up977G+T4h5 UisOQnHP5S7+z5+sPmYKXf2QK4LMMhHiaoTDnbPIUVNvbDTTtpPodxJLF9iWifA8 3yF77OBiBWZXmspXQvpmcaFxMtrDdc3P6g9DE3A1+P4J0TpkLklX9rXdKton+9QV nTXImlKAufNLzNsIKx8XYQQVq74fWzi3310bV7ExvOvmX6zyWCzBpUd9gzVcsGQD UyIlwcoMhNSVirfBs9GyRFwAoLS1GtUl2Py6zEHMx3bZLKe4vIg19g9AfDTJXMXl fZfh0Q8rBjEg0ErOmkRHG2P7bFw= -----END CERTIFICATE-----Generated at Sun Oct 19 16:11:44 2025 by rpki-client