$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E4E2428196411EE84B58B7DC4F9AE02.roa File: 3E4E2428196411EE84B58B7DC4F9AE02.roa (raw, json) Hash identifier: Beh5tVnoStKtRL+R74SHd9nG/mnfnq7LCtzYYZroOS0= Subject key identifier: FC:91:27:EB:1C:EA:9A:B3:64:54:4D:72:E9:C2:F7:DE:46:C0:97:48 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: B2E1 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E4E2428196411EE84B58B7DC4F9AE02.roa Signing time: Thu 08 May 2025 16:02:55 +0000 ROA not before: Thu 08 May 2025 16:02:55 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135139 IP address blocks: 103.99.148.0/22 maxlen: 24 103.130.88.0/22 maxlen: 24 103.130.204.0/23 maxlen: 24 103.133.220.0/23 maxlen: 24 103.183.240.0/23 maxlen: 24 103.185.84.0/23 maxlen: 24 103.185.102.0/23 maxlen: 24 103.186.124.0/23 maxlen: 24 103.186.150.0/23 maxlen: 24 103.186.220.0/23 maxlen: 24 103.186.230.0/23 maxlen: 24 103.186.232.0/23 maxlen: 24 103.187.62.0/23 maxlen: 24 103.191.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 12:48:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45793 (0xb2e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: May 8 16:02:55 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=681cd5ae-7045 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:99:90:47:af:56:a6:9a:8e:53:d3:d3:4f:25: 2e:2a:90:23:d7:85:ab:87:df:47:8f:d1:8e:44:45: f6:e4:3c:ee:2d:d2:af:16:79:ef:e4:10:84:66:9a: 2e:a2:de:75:b4:b9:97:19:b8:b3:53:d9:27:ce:94: 9a:90:1c:88:67:16:32:09:51:95:32:3a:f3:54:33: f3:84:90:87:f2:d0:80:d5:89:1f:4e:c7:80:5d:57: 8d:21:4d:08:c2:be:54:b1:ac:93:85:48:b0:bd:17: c9:21:6d:f6:10:34:84:cb:0d:58:9e:bf:eb:57:76: 47:51:bf:56:cd:9d:90:c8:f9:3e:84:95:83:a0:27: 0b:91:e6:e3:e9:c1:7c:e6:79:ba:b3:5c:5e:c6:fe: cc:29:ba:e4:56:23:79:76:54:69:1a:b9:19:d4:d3: 66:45:09:70:82:72:43:87:f4:1c:68:e8:01:13:90: a3:7f:cf:c7:de:9d:cf:ed:96:2b:55:62:4d:ba:ad: 64:f9:01:32:72:89:3a:4d:bd:6b:80:6f:14:da:1d: ee:8d:61:07:52:c5:73:ab:ea:f9:67:a0:b8:94:ba: d2:79:85:f4:3a:bc:95:c4:9c:86:92:2b:13:15:a0: 46:c6:f1:48:1f:d5:c3:e5:58:53:fd:a9:90:b0:06: 24:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:91:27:EB:1C:EA:9A:B3:64:54:4D:72:E9:C2:F7:DE:46:C0:97:48 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E4E2428196411EE84B58B7DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.99.148.0/22 103.130.88.0/22 103.130.204.0/23 103.133.220.0/23 103.183.240.0/23 103.185.84.0/23 103.185.102.0/23 103.186.124.0/23 103.186.150.0/23 103.186.220.0/23 103.186.230.0-103.186.233.255 103.187.62.0/23 103.191.138.0/23 Signature Algorithm: sha256WithRSAEncryption 34:ac:59:5a:ce:88:d0:46:f4:29:a9:28:4f:fc:3d:3f:4b:ae: 76:3c:58:dc:74:c9:90:ce:39:95:25:fb:24:48:68:5c:4a:e2: 23:b2:ca:2f:bf:02:b5:6f:30:62:6e:7e:88:c1:87:ea:b9:a0: 27:8f:35:16:0c:62:18:0a:c9:69:07:5d:07:ac:d5:b7:12:97: f3:c0:6d:fe:bb:bd:5f:8b:a5:00:9d:d0:26:fc:ba:70:08:88: 7e:62:22:c5:ea:5a:4d:6a:e2:05:f4:3d:73:b0:97:e5:51:a7: fe:d5:cd:cb:c9:57:cb:db:09:61:1b:fe:7a:31:39:58:f7:95: c8:48:99:42:7f:ec:a5:62:89:2a:40:1c:ee:88:f9:c6:04:ff: f9:a6:9a:ae:a0:dc:a7:d4:e8:f7:8f:6e:5b:05:7d:e3:fc:e7: 01:08:51:34:00:ed:90:f8:19:39:75:c7:45:f7:b0:65:c8:b2: 23:7b:45:e5:3b:1a:0e:c9:26:5a:e1:69:ab:26:21:ff:64:f4: a0:d0:80:d4:9f:8e:b6:85:e5:b9:4f:dc:ea:44:44:94:bb:44: 0a:0b:77:ec:64:0f:89:b4:52:35:87:e9:5e:67:0d:8c:3c:5f: 39:99:87:4f:b3:0b:ad:b1:1b:f1:f4:1a:65:7d:46:47:23:d8: 9c:28:7c:b1 -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgIDALLhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MDUwODE2MDI1NVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjgxY2Q1YWUtNzA0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANaZkEevVqaajlPT008lLiqQI9eFq4ffR4/RjkRF9uQ87i3SrxZ57+QQhGaa LqLedbS5lxm4s1PZJ86UmpAciGcWMglRlTI681Qz84SQh/LQgNWJH07HgF1XjSFN CMK+VLGsk4VIsL0XySFt9hA0hMsNWJ6/61d2R1G/Vs2dkMj5PoSVg6AnC5Hm4+nB fOZ5urNcXsb+zCm65FYjeXZUaRq5GdTTZkUJcIJyQ4f0HGjoAROQo3/Px96dz+2W K1ViTbqtZPkBMnKJOk29a4BvFNod7o1hB1LFc6vq+WeguJS60nmF9Dq8lcSchpIr ExWgRsbxSB/Vw+VYU/2pkLAGJJMCAwEAAaOCAuUwggLhMB0GA1UdDgQWBBT8kSfr HOqas2RUTXLpwvfeRsCXSDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzNFNEUyNDI4 MTk2NDExRUU4NEI1OEI3REM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMG8GCCsGAQUFBwEHAQH/ BGAwXjBcBAIAATBWAwQCZ2OUAwQCZ4JYAwQBZ4LMAwQBZ4XcAwQBZ7fwAwQBZ7lU AwQBZ7lmAwQBZ7p8AwQBZ7qWAwQBZ7rcMAwDBAFnuuYDBAFnuugDBAFnuz4DBAFn v4owDQYJKoZIhvcNAQELBQADggEBADSsWVrOiNBG9CmpKE/8PT9LrnY8WNx0yZDO OZUl+yRIaFxK4iOyyi+/ArVvMGJufojBh+q5oCePNRYMYhgKyWkHXQes1bcSl/PA bf67vV+LpQCd0Cb8unAIiH5iIsXqWk1q4gX0PXOwl+VRp/7VzcvJV8vbCWEb/nox OVj3lchImUJ/7KViiSpAHO6I+cYE//mmmq6g3KfU6PePblsFfeP85wEIUTQA7ZD4 GTl1x0X3sGXIsiN7ReU7Gg7JJlrhaasmIf9k9KDQgNSfjraF5blP3OpERJS7RAoL d+xkD4m0UjWH6V5nDYw8XzmZh0+zC62xG/H0GmV9Rkcj2JwofLE= -----END CERTIFICATE-----Generated at Tue Oct 21 22:10:44 2025 by rpki-client