$ rpki-client -vvf rpki.apnic.net/member_repository/A9198D02/28A506FAD86711EA8B51620DC4F9AE02/3BF0A4D868F511ECAB15DE18C4F9AE02.roa File: 3BF0A4D868F511ECAB15DE18C4F9AE02.roa (raw, json) Hash identifier: Wvwkw2qq7X3gm9ipfWCc3BGdmbxdjnrv9dxFhs0Hnp4= Subject key identifier: A5:95:A2:FC:61:3F:84:2B:83:DD:02:D1:70:C6:0E:4C:6F:9B:84:29 Certificate issuer: /CN=A9198D02/serialNumber=FCE3685545607AC3BCC3340D039B2168827127BE Certificate serial: 086D Authority key identifier: FC:E3:68:55:45:60:7A:C3:BC:C3:34:0D:03:9B:21:68:82:71:27:BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ONoVUVgesO8wzQNA5shaIJxJ74.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198D02/28A506FAD86711EA8B51620DC4F9AE02/3BF0A4D868F511ECAB15DE18C4F9AE02.roa Signing time: Thu 04 Sep 2025 21:01:42 +0000 ROA not before: Thu 04 Sep 2025 21:01:42 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 45935 IP address blocks: 103.36.144.0/24 maxlen: 24 103.36.145.0/24 maxlen: 24 103.36.147.0/24 maxlen: 24 180.222.208.0/24 maxlen: 24 180.222.209.0/24 maxlen: 24 180.222.210.0/24 maxlen: 24 180.222.211.0/24 maxlen: 24 203.191.128.0/24 maxlen: 24 203.191.129.0/24 maxlen: 24 203.191.130.0/24 maxlen: 24 203.191.131.0/24 maxlen: 24 2400:3100::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198D02/28A506FAD86711EA8B51620DC4F9AE02/_ONoVUVgesO8wzQNA5shaIJxJ74.crl rsync://rpki.apnic.net/member_repository/A9198D02/28A506FAD86711EA8B51620DC4F9AE02/_ONoVUVgesO8wzQNA5shaIJxJ74.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ONoVUVgesO8wzQNA5shaIJxJ74.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 20:56:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2157 (0x86d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198D02, serialNumber=FCE3685545607AC3BCC3340D039B2168827127BE Validity Not Before: Sep 4 21:01:42 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=68b9fe36-8322 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:45:30:41:e1:26:86:2a:f2:ec:f3:67:d5:f0: f7:c2:3c:66:20:6f:0b:ee:c3:56:f2:4d:a9:a6:4a: 56:72:1f:1f:e7:83:86:35:fd:14:bf:5d:40:e9:f4: 85:6c:d6:6e:ed:95:f7:69:96:ed:81:e7:34:42:25: ca:c1:18:ff:b2:df:5d:e9:88:21:b4:f3:57:04:1e: a1:ca:6b:fd:64:49:ad:68:93:ac:aa:aa:6d:2e:5f: a4:5f:ff:e0:22:42:82:fc:ef:ea:b1:f2:5e:50:5f: 74:da:7e:55:dd:cc:10:f0:c6:5b:e2:f6:db:0d:c0: 73:ed:7c:e8:b7:60:f6:87:b0:f5:1e:77:23:9a:fd: f5:44:bd:3e:b9:78:84:14:b5:1b:a4:bc:1d:2a:22: b2:41:10:68:33:2c:79:6b:2a:3d:93:99:6a:d2:3e: 33:3c:0e:7a:0d:a0:4a:1a:99:ac:10:91:0d:a7:b0: fa:7f:52:b4:df:b3:78:18:0d:0c:c9:ff:e2:79:e9: ba:4a:ce:01:cf:05:3f:67:5f:99:68:aa:cc:4c:04: 5a:3f:81:9a:40:10:36:7b:f6:09:b9:74:b0:53:21: 07:27:d8:fa:a0:1f:e9:6e:ef:7d:4b:64:8c:ba:2a: ae:6b:1c:cd:28:17:dd:b2:df:29:41:b6:be:fe:d5: 9b:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:95:A2:FC:61:3F:84:2B:83:DD:02:D1:70:C6:0E:4C:6F:9B:84:29 X509v3 Authority Key Identifier: keyid:FC:E3:68:55:45:60:7A:C3:BC:C3:34:0D:03:9B:21:68:82:71:27:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198D02/28A506FAD86711EA8B51620DC4F9AE02/_ONoVUVgesO8wzQNA5shaIJxJ74.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ONoVUVgesO8wzQNA5shaIJxJ74.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198D02/28A506FAD86711EA8B51620DC4F9AE02/3BF0A4D868F511ECAB15DE18C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.36.144.0/23 103.36.147.0/24 180.222.208.0/22 203.191.128.0/22 IPv6: 2400:3100::/40 Signature Algorithm: sha256WithRSAEncryption 50:f3:a4:f4:ee:55:5e:83:15:71:68:84:fb:81:dc:0f:5f:5a: f4:1d:e9:b8:74:41:84:e3:28:8b:2f:a9:6a:e7:ef:44:a2:27: 50:f2:d5:6c:63:f2:44:67:ec:d0:0b:0d:dd:e5:ff:7c:ad:d7: d7:54:1f:d1:0d:c5:ea:fb:53:d3:3d:ce:93:74:04:a3:38:df: f7:a4:7f:ff:fc:16:ef:35:b8:9f:2b:02:16:4d:cc:8e:82:bb: b4:64:62:ec:9e:1d:ef:97:34:34:e4:cf:8b:22:ba:cb:a0:98: 0b:b0:45:a6:23:b8:5c:85:32:a5:7b:89:00:cf:c0:1d:dd:15: ff:7c:5d:d3:04:18:bb:0c:7d:30:0f:d1:5b:b4:cd:c1:d5:22: 1f:ff:09:31:27:66:88:2b:9d:64:e5:99:bd:18:12:2f:98:5c: f4:4a:14:e9:d1:8b:c7:4d:35:00:34:e3:a2:8c:41:4d:f8:0a: 50:62:56:ff:31:c4:b6:d3:b1:5f:5e:37:40:89:d3:11:8f:3a: 11:ea:a6:9e:6a:34:90:7c:46:03:da:65:32:fb:14:96:e1:73: cc:c6:ee:58:58:d3:db:79:6a:f5:69:06:90:ab:b4:07:6c:2c: 25:eb:ce:d6:06:66:56:8f:f9:b2:5d:b6:70:be:49:7a:04:3a: f1:53:eb:3e -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgICCG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OThEMDIxMTAvBgNVBAUTKEZDRTM2ODU1NDU2MDdBQzNCQ0MzMzQwRDAzOUIyMTY4 ODI3MTI3QkUwHhcNMjUwOTA0MjEwMTQyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGI5ZmUzNi04MzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA10UwQeEmhiry7PNn1fD3wjxmIG8L7sNW8k2ppkpWch8f54OGNf0Uv11A6fSF bNZu7ZX3aZbtgec0QiXKwRj/st9d6YghtPNXBB6hymv9ZEmtaJOsqqptLl+kX//g IkKC/O/qsfJeUF902n5V3cwQ8MZb4vbbDcBz7Xzot2D2h7D1Hncjmv31RL0+uXiE FLUbpLwdKiKyQRBoMyx5ayo9k5lq0j4zPA56DaBKGpmsEJENp7D6f1K037N4GA0M yf/ieem6Ss4BzwU/Z1+ZaKrMTARaP4GaQBA2e/YJuXSwUyEHJ9j6oB/pbu99S2SM uiquaxzNKBfdst8pQba+/tWbQwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFKWVovxh P4Qrg90C0XDGDkxvm4QpMB8GA1UdIwQYMBaAFPzjaFVFYHrDvMM0DQObIWiCcSe+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OEQwMi8yOEE1MDZGQUQ4 NjcxMUVBOEI1MTYyMERDNEY5QUUwMi9fT05vVlVWZ2VzTzh3elFOQTVzaGFJSnhK NzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19PTm9WVVZnZXNPOHd6UU5BNXNoYUlKeEo3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OThEMDIvMjhBNTA2RkFEODY3MTFFQThCNTE2MjBEQzRGOUFFMDIvM0JGMEE0RDg2 OEY1MTFFQ0FCMTVERTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E MjAwMB4EAgABMBgDBAFnJJADBABnJJMDBAK03tADBALLv4AwDgQCAAIwCAMGACQA MQAAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ86T07lVegxVxaIT7gdwPX1r0Hem4dEGE 4yiLL6lq5+9EoidQ8tVsY/JEZ+zQCw3d5f98rdfXVB/RDcXq+1PTPc6TdASjON/3 pH///BbvNbifKwIWTcyOgru0ZGLsnh3vlzQ05M+LIrrLoJgLsEWmI7hchTKle4kA z8Ad3RX/fF3TBBi7DH0wD9FbtM3B1SIf/wkxJ2aIK51k5Zm9GBIvmFz0ShTp0YvH TTUANOOijEFN+ApQYlb/McS207FfXjdAidMRjzoR6qaeajSQfEYD2mUy+xSW4XPM xu5YWNPbeWr1aQaQq7QHbCwl687WBmZWj/myXbZwvkl6BDrxU+s+ -----END CERTIFICATE-----Generated at Fri Sep 19 02:50:35 2025 by rpki-client