$ rpki-client -vvf rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/3FA4288CD29B11ED88E16742C4F9AE02.roa File: 3FA4288CD29B11ED88E16742C4F9AE02.roa (raw, json) Hash identifier: L3qkCPmXp0iJV192Ab/fphVf55ttABMSsjRwG8i7X3I= Subject key identifier: 5D:E7:05:35:AB:55:47:A0:DC:B8:D3:9C:9D:55:07:B2:47:A9:D9:BD Certificate issuer: /CN=A91638DD/serialNumber=7211E68B57CDCDF4EDA83CF0B4623B7693F6343A Certificate serial: 019C Authority key identifier: 72:11:E6:8B:57:CD:CD:F4:ED:A8:3C:F0:B4:62:3B:76:93:F6:34:3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chHmi1fNzfTtqDzwtGI7dpP2NDo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/3FA4288CD29B11ED88E16742C4F9AE02.roa Signing time: Thu 05 Jun 2025 03:11:09 +0000 ROA not before: Thu 05 Jun 2025 03:11:09 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 45352 IP address blocks: 103.93.72.0/24 maxlen: 24 103.93.73.0/24 maxlen: 24 103.93.74.0/24 maxlen: 24 103.93.75.0/24 maxlen: 24 123.253.112.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.crl rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chHmi1fNzfTtqDzwtGI7dpP2NDo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:46:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 412 (0x19c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91638DD, serialNumber=7211E68B57CDCDF4EDA83CF0B4623B7693F6343A Validity Not Before: Jun 5 03:11:09 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=68410acd-1a1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:b4:0f:d5:6e:7a:cf:9a:92:4d:e5:c2:45:db: c7:56:af:0b:2a:84:0a:1a:ff:b6:f4:12:6b:65:c1: 9a:50:fe:c8:bb:d2:c8:0b:72:08:ae:9d:d4:e6:fd: 2c:0c:d8:00:c2:80:2c:23:b7:16:ee:74:39:43:f9: 99:33:81:45:b3:57:48:1d:bc:21:72:f2:da:dc:d3: 36:9a:ad:83:f5:b0:d6:72:23:40:f9:43:a4:d3:cb: 65:a2:21:a3:0b:2a:0e:d5:e8:ce:8d:1e:4c:6f:2c: 30:8a:c9:b0:c0:bd:2d:51:02:8b:10:d2:87:40:a6: 12:f8:28:99:93:31:33:ac:19:90:28:9b:df:57:92: 6b:f4:1a:83:6b:a4:78:84:16:ce:d6:50:c5:59:72: 4e:9c:00:8b:7b:d5:8e:8f:fe:4f:0d:49:16:7a:7d: 65:36:25:67:bb:d4:0d:b8:30:ae:57:c1:96:28:2b: f2:cb:c8:22:a2:ca:07:c6:43:6c:e3:33:ed:33:4e: 0f:0a:b2:d5:75:09:c1:06:16:7a:24:86:64:f4:1f: 24:a4:af:48:1a:61:9d:73:f5:51:f7:31:a3:bf:f6: a5:fe:b6:01:b5:e9:47:f0:c5:be:59:61:90:85:8d: 2d:ed:ae:b6:09:78:63:89:1c:d5:e6:c0:17:1f:d6: d8:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:E7:05:35:AB:55:47:A0:DC:B8:D3:9C:9D:55:07:B2:47:A9:D9:BD X509v3 Authority Key Identifier: keyid:72:11:E6:8B:57:CD:CD:F4:ED:A8:3C:F0:B4:62:3B:76:93:F6:34:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/chHmi1fNzfTtqDzwtGI7dpP2NDo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chHmi1fNzfTtqDzwtGI7dpP2NDo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91638DD/C8870CAED29711EDB0858B3DC4F9AE02/3FA4288CD29B11ED88E16742C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.93.72.0/22 123.253.112.0/22 Signature Algorithm: sha256WithRSAEncryption 87:05:69:be:09:e1:80:02:3c:ae:5a:1b:ed:28:6a:09:03:5a: d9:cb:56:c0:1d:00:aa:34:64:c1:31:ef:1a:f7:85:d2:c5:04: f0:4a:23:2c:99:ac:41:4b:44:5f:82:84:33:dc:f0:0d:8c:42: d9:05:b6:94:57:55:ef:43:14:f7:aa:c5:93:76:bf:3d:71:1a: f1:04:87:4e:95:a6:ed:d9:3b:27:c4:36:49:87:c0:cb:7b:4b: a5:4d:6f:89:f3:72:de:4d:91:1d:a7:3c:24:1c:1c:eb:11:8d: 08:3a:2c:b8:3a:8b:8c:02:6b:a2:90:ba:10:1b:59:27:3c:ef: 71:03:6d:69:ca:2a:50:03:65:70:aa:f0:b7:de:43:b5:e3:a4: af:01:55:8f:94:3c:60:b4:da:b4:99:61:3e:57:2e:8b:e9:69: bb:8a:1a:9a:f5:9b:c3:01:75:6a:c1:c1:f1:9c:f5:da:a8:a0: 93:64:ca:7a:76:10:d9:2b:32:b0:e2:c5:5f:7a:5e:c7:4a:5e: 0d:15:f7:fb:86:29:ae:aa:9a:e5:20:23:9d:05:ab:cc:e3:4e: e2:10:f9:2b:2f:6b:ae:2d:3f:9b:b2:50:25:9a:9b:9e:af:fc: 97:f0:62:c6:8a:ab:03:4d:c5:46:6e:c7:e6:82:2c:d7:a2:0e: 46:bd:67:d3 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICAZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM4REQxMTAvBgNVBAUTKDcyMTFFNjhCNTdDRENERjRFREE4M0NGMEI0NjIzQjc2 OTNGNjM0M0EwHhcNMjUwNjA1MDMxMTA5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODQxMGFjZC0xYTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2LQP1W56z5qSTeXCRdvHVq8LKoQKGv+29BJrZcGaUP7Iu9LIC3IIrp3U5v0s DNgAwoAsI7cW7nQ5Q/mZM4FFs1dIHbwhcvLa3NM2mq2D9bDWciNA+UOk08tloiGj CyoO1ejOjR5MbywwismwwL0tUQKLENKHQKYS+CiZkzEzrBmQKJvfV5Jr9BqDa6R4 hBbO1lDFWXJOnACLe9WOj/5PDUkWen1lNiVnu9QNuDCuV8GWKCvyy8giosoHxkNs 4zPtM04PCrLVdQnBBhZ6JIZk9B8kpK9IGmGdc/VR9zGjv/al/rYBtelH8MW+WWGQ hY0t7a62CXhjiRzV5sAXH9bYpQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFF3nBTWr VUeg3LjTnJ1VB7JHqdm9MB8GA1UdIwQYMBaAFHIR5otXzc307ag88LRiO3aT9jQ6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzhERC9DODg3MENBRUQy OTcxMUVEQjA4NThCM0RDNEY5QUUwMi9jaEhtaTFmTnpmVHRxRHp3dEdJN2RwUDJO RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NoSG1pMWZOemZUdHFEend0R0k3ZHBQMk5Eby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjM4REQvQzg4NzBDQUVEMjk3MTFFREIwODU4QjNEQzRGOUFFMDIvM0ZBNDI4OENE MjlCMTFFRDg4RTE2NzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAJnXUgDBAJ7/XAwDQYJKoZIhvcNAQELBQADggEBAIcFab4J 4YACPK5aG+0oagkDWtnLVsAdAKo0ZMEx7xr3hdLFBPBKIyyZrEFLRF+ChDPc8A2M QtkFtpRXVe9DFPeqxZN2vz1xGvEEh06Vpu3ZOyfENkmHwMt7S6VNb4nzct5NkR2n PCQcHOsRjQg6LLg6i4wCa6KQuhAbWSc873EDbWnKKlADZXCq8LfeQ7XjpK8BVY+U PGC02rSZYT5XLovpabuKGpr1m8MBdWrBwfGc9dqooJNkynp2ENkrMrDixV96XsdK Xg0V9/uGKa6qmuUgI50Fq8zjTuIQ+Ssva64tP5uyUCWam56v/JfwYsaKqwNNxUZu x+aCLNeiDka9Z9M= -----END CERTIFICATE-----Generated at Wed Nov 5 19:48:50 2025 by rpki-client