$ rpki-client -vvf rpki.apnic.net/member_repository/A91689C8/38B38E5E8DD711ED85225A7EC4F9AE02/3BB70A86092211F08BA72686C4F9AE02.roa File: 3BB70A86092211F08BA72686C4F9AE02.roa (raw, json) Hash identifier: lvQ8BAOEHHI1X0qXH/UaJKBYn5+t8IOjYcFWQGKElqA= Subject key identifier: 5F:C5:93:90:DD:F2:F7:23:31:F7:32:25:CD:42:8D:FC:95:04:78:52 Certificate issuer: /CN=A91689C8/serialNumber=ADDB2BF3C41826D6D0FBE8D2BF2F052D98A5D949 Certificate serial: 73 Authority key identifier: AD:DB:2B:F3:C4:18:26:D6:D0:FB:E8:D2:BF:2F:05:2D:98:A5:D9:49 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdsr88QYJtbQ--jSvy8FLZil2Uk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91689C8/38B38E5E8DD711ED85225A7EC4F9AE02/3BB70A86092211F08BA72686C4F9AE02.roa Signing time: Fri 31 Oct 2025 02:17:07 +0000 ROA not before: Fri 31 Oct 2025 02:17:07 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 150309 IP address blocks: 103.244.188.0/23 maxlen: 24 2400:a9e0::/32 maxlen: 32 2400:a9e0::/36 maxlen: 36 2400:a9e0:1000::/36 maxlen: 36 2400:a9e0:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91689C8/38B38E5E8DD711ED85225A7EC4F9AE02/rdsr88QYJtbQ--jSvy8FLZil2Uk.crl rsync://rpki.apnic.net/member_repository/A91689C8/38B38E5E8DD711ED85225A7EC4F9AE02/rdsr88QYJtbQ--jSvy8FLZil2Uk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdsr88QYJtbQ--jSvy8FLZil2Uk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:21:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 115 (0x73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91689C8, serialNumber=ADDB2BF3C41826D6D0FBE8D2BF2F052D98A5D949 Validity Not Before: Oct 31 02:17:07 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69041c23-ca38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:81:b0:ae:12:95:f8:57:4a:bf:35:7b:52:a3: 96:4d:a0:0a:8f:9a:53:db:8a:93:79:7b:e3:64:19: be:af:1c:61:0b:68:30:47:a0:d4:51:f8:77:a4:e8: 7f:f8:0f:ed:a9:52:5e:cc:06:71:31:e5:1a:a1:62: 88:d9:18:4b:0f:2b:98:2a:d7:14:a9:26:8c:a6:e5: 84:1d:5f:5e:d0:5a:20:97:6a:2a:01:db:49:87:4a: f3:98:1a:4a:fc:b8:9f:b6:14:05:bb:c7:fb:59:a9: c8:bc:fc:48:5d:a4:ff:ff:ee:ee:55:9f:d7:dc:87: 47:1f:18:da:cf:e6:64:c9:70:bf:11:d2:aa:de:26: 2a:8d:7d:22:27:f5:9a:cf:53:a6:16:38:4a:a8:d3: 9a:b5:89:07:e6:9e:03:44:23:6f:64:14:2f:2b:1d: 89:b5:b0:2d:ce:0f:6b:4a:ec:19:47:8f:13:75:2e: da:70:84:8d:e2:a2:65:3e:f4:b1:98:1a:b1:1a:a7: 09:f0:7b:83:28:68:02:52:2d:a8:a3:f9:35:56:8a: d6:54:25:8b:1b:ac:53:c3:e5:56:b0:be:d5:dd:c0: d1:0c:76:98:f0:05:9a:33:a7:76:c7:48:c3:90:b7: 59:9a:50:83:5a:0d:64:35:82:50:6a:67:5d:6f:36: 72:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:C5:93:90:DD:F2:F7:23:31:F7:32:25:CD:42:8D:FC:95:04:78:52 X509v3 Authority Key Identifier: keyid:AD:DB:2B:F3:C4:18:26:D6:D0:FB:E8:D2:BF:2F:05:2D:98:A5:D9:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91689C8/38B38E5E8DD711ED85225A7EC4F9AE02/rdsr88QYJtbQ--jSvy8FLZil2Uk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdsr88QYJtbQ--jSvy8FLZil2Uk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91689C8/38B38E5E8DD711ED85225A7EC4F9AE02/3BB70A86092211F08BA72686C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.244.188.0/23 IPv6: 2400:a9e0::/32 Signature Algorithm: sha256WithRSAEncryption 31:cd:04:03:ed:ec:d7:2b:f5:d3:8f:80:70:a9:5c:03:e6:97: 9d:9f:7a:51:3b:88:4d:db:58:b1:52:7c:c9:92:6b:67:97:67: e6:9c:36:08:f6:5a:07:20:c0:78:f8:29:08:32:9e:3a:cf:2c: ad:43:aa:cb:5b:da:04:57:51:20:f9:66:5a:ff:a1:94:89:77: 55:e8:c9:5e:95:39:45:e8:3d:c3:e0:1e:f8:e1:1d:53:32:2e: d8:5f:12:7c:32:87:1b:de:1d:ab:9c:24:84:cf:3f:4e:58:05: 7f:5d:4b:aa:ac:b0:19:e5:30:d1:ab:39:35:8c:8b:7a:b9:34: 8d:ce:7a:68:5a:59:fc:4c:ec:47:02:29:85:09:a4:2b:73:f3: bd:e9:06:53:f3:3b:05:45:e6:89:69:7a:8e:b9:d5:73:fe:d0: c7:06:b3:ac:a0:d8:bd:fd:59:ca:d4:b1:bb:73:ab:a8:ab:5f: 62:a3:b5:e2:30:e3:cd:69:95:4f:62:db:1f:23:fd:5e:87:7c: d7:79:8a:a5:88:c9:38:54:61:54:ed:cb:64:79:19:cf:8a:0d: e2:6a:f1:a7:f6:6b:f6:a0:29:e5:72:11:b3:a2:43:e1:8c:a1: f5:72:d3:27:5b:a5:ea:cb:a0:fe:d8:7d:98:ed:90:b8:9b:51: 6d:d5:1d:23 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgIBczANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 ODlDODExMC8GA1UEBRMoQUREQjJCRjNDNDE4MjZENkQwRkJFOEQyQkYyRjA1MkQ5 OEE1RDk0OTAeFw0yNTEwMzEwMjE3MDdaFw0yNjEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MDQxYzIzLWNhMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOgbCuEpX4V0q/NXtSo5ZNoAqPmlPbipN5e+NkGb6vHGELaDBHoNRR+Hek6H/4 D+2pUl7MBnEx5RqhYojZGEsPK5gq1xSpJoym5YQdX17QWiCXaioB20mHSvOYGkr8 uJ+2FAW7x/tZqci8/EhdpP//7u5Vn9fch0cfGNrP5mTJcL8R0qreJiqNfSIn9ZrP U6YWOEqo05q1iQfmngNEI29kFC8rHYm1sC3OD2tK7BlHjxN1LtpwhI3iomU+9LGY GrEapwnwe4MoaAJSLaij+TVWitZUJYsbrFPD5VawvtXdwNEMdpjwBZozp3bHSMOQ t1maUINaDWQ1glBqZ11vNnIfAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUX8WTkN3y 9yMx9zIlzUKN/JUEeFIwHwYDVR0jBBgwFoAUrdsr88QYJtbQ++jSvy8FLZil2Ukw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4OUM4LzM4QjM4RTVFOERE NzExRUQ4NTIyNUE3RUM0RjlBRTAyL3Jkc3I4OFFZSnRiUS0talN2eThGTFppbDJV ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcmRzcjg4UVlKdGJRLS1qU3Z5OEZMWmlsMlVrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 ODlDOC8zOEIzOEU1RThERDcxMUVEODUyMjVBN0VDNEY5QUUwMi8zQkI3MEE4NjA5 MjIxMUYwOEJBNzI2ODZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf MB0wDAQCAAEwBgMEAWf0vDANBAIAAjAHAwUAJACp4DANBgkqhkiG9w0BAQsFAAOC AQEAMc0EA+3s1yv104+AcKlcA+aXnZ96UTuITdtYsVJ8yZJrZ5dn5pw2CPZaByDA ePgpCDKeOs8srUOqy1vaBFdRIPlmWv+hlIl3VejJXpU5Reg9w+Ae+OEdUzIu2F8S fDKHG94dq5wkhM8/TlgFf11LqqywGeUw0as5NYyLerk0jc56aFpZ/EzsRwIphQmk K3PzvekGU/M7BUXmiWl6jrnVc/7QxwazrKDYvf1ZytSxu3OrqKtfYqO14jDjzWmV T2LbHyP9Xod813mKpYjJOFRhVO3LZHkZz4oN4mrxp/Zr9qAp5XIRs6JD4Yyh9XLT J1ul6sug/th9mO2QuJtRbdUdIw== -----END CERTIFICATE-----Generated at Wed Nov 5 19:20:41 2025 by rpki-client