$ rpki-client -vvf rpki.apnic.net/member_repository/A919F026/3BAAAC44FB2811EF959FC774C4F9AE02/3FCB43D2FB2911EF8A116D76C4F9AE02.roa File: 3FCB43D2FB2911EF8A116D76C4F9AE02.roa (raw, json) Hash identifier: cqpKhHQ429f1vtQzVS9iSS/6yBn8Tr7cOiYSPyhXnqM= Subject key identifier: 1F:B7:3A:FD:D7:9E:9B:76:EA:7E:A6:84:E2:92:C0:B9:1A:CF:16:3F Certificate issuer: /CN=A919F026/serialNumber=BD79AC7640C955C435C8CF55C291F122B70E2F99 Certificate serial: 6E Authority key identifier: BD:79:AC:76:40:C9:55:C4:35:C8:CF:55:C2:91:F1:22:B7:0E:2F:99 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vXmsdkDJVcQ1yM9VwpHxIrcOL5k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919F026/3BAAAC44FB2811EF959FC774C4F9AE02/3FCB43D2FB2911EF8A116D76C4F9AE02.roa Signing time: Thu 14 Aug 2025 11:45:14 +0000 ROA not before: Thu 14 Aug 2025 11:45:14 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 23532 IP address blocks: 103.103.64.0/23 maxlen: 24 163.61.208.0/23 maxlen: 24 2001:df5:20c0::/48 maxlen: 48 2402:1da0::/32 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919F026/3BAAAC44FB2811EF959FC774C4F9AE02/vXmsdkDJVcQ1yM9VwpHxIrcOL5k.crl rsync://rpki.apnic.net/member_repository/A919F026/3BAAAC44FB2811EF959FC774C4F9AE02/vXmsdkDJVcQ1yM9VwpHxIrcOL5k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vXmsdkDJVcQ1yM9VwpHxIrcOL5k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 07:42:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 110 (0x6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919F026, serialNumber=BD79AC7640C955C435C8CF55C291F122B70E2F99 Validity Not Before: Aug 14 11:45:14 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=689dcc49-836b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:a0:e8:2c:81:11:f2:a6:22:65:8f:f7:76:94: e8:01:fc:a2:1f:97:2e:1e:38:d7:5c:cc:aa:7d:7e: 2f:1f:6a:52:1d:b6:23:a7:50:ba:a3:ae:07:b5:40: fa:90:72:df:f9:97:84:4b:55:c2:6f:f0:0b:35:0d: 38:c1:4d:ed:b1:82:0a:a8:71:fe:33:50:e3:13:46: 34:17:43:93:25:7b:95:67:a7:1a:a8:fb:cc:10:78: 70:89:40:0b:00:55:2d:55:d5:0d:ec:a7:13:9e:8d: d0:13:ed:1a:34:6b:01:24:26:30:db:ba:07:67:c2: 5e:23:b8:98:74:99:63:2a:b0:46:9a:cd:b9:a5:10: 6c:be:08:0f:ef:32:94:12:ec:e4:b9:10:17:3f:14: a1:33:f4:0a:47:e6:d3:2e:e3:dc:f7:05:9e:86:d1: e8:26:11:83:a7:08:ab:51:70:c3:69:b8:f1:cb:b4: 9e:67:43:3c:11:d3:5e:be:7d:77:82:a4:6f:fd:44: c3:cb:3e:34:2a:e9:f9:5d:9a:c2:b1:3c:97:63:da: 6e:17:b0:d3:57:c8:e2:4f:6a:f7:c3:5e:a6:87:e0: 51:d1:6d:f4:64:24:49:65:1a:73:2f:af:61:53:6e: f2:b7:93:f5:93:5f:d7:72:1a:26:c5:67:97:2a:a9: 24:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:B7:3A:FD:D7:9E:9B:76:EA:7E:A6:84:E2:92:C0:B9:1A:CF:16:3F X509v3 Authority Key Identifier: keyid:BD:79:AC:76:40:C9:55:C4:35:C8:CF:55:C2:91:F1:22:B7:0E:2F:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919F026/3BAAAC44FB2811EF959FC774C4F9AE02/vXmsdkDJVcQ1yM9VwpHxIrcOL5k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vXmsdkDJVcQ1yM9VwpHxIrcOL5k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F026/3BAAAC44FB2811EF959FC774C4F9AE02/3FCB43D2FB2911EF8A116D76C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.103.64.0/23 163.61.208.0/23 IPv6: 2001:df5:20c0::/48 2402:1da0::/32 Signature Algorithm: sha256WithRSAEncryption 0f:15:f2:7d:e9:cd:2a:0e:d7:05:bb:21:f7:1f:65:65:f2:6e: 8f:7b:28:7c:82:a3:17:d7:f8:d9:1e:ef:5d:98:bd:a8:ed:97: 14:22:15:78:ef:2d:cf:48:e1:95:2b:d0:df:78:1a:5c:39:28: 4f:a7:e2:e4:57:66:70:3a:74:36:f3:bd:ad:e9:39:ae:e4:41: 8a:68:a4:7f:1f:36:8b:66:97:8f:4f:7a:88:0c:48:66:47:58: 01:3d:8a:fa:0d:37:ce:11:69:86:1e:32:76:83:7e:0f:dc:30: f6:8c:1f:a3:81:54:c4:93:46:92:68:f5:60:9d:92:8a:df:8d: 0c:2c:ac:e4:ca:dc:ba:3d:1f:d6:04:be:36:52:86:ef:c1:9c: 6b:f3:73:b2:74:c0:90:84:95:73:8e:fa:ce:b0:02:da:0d:b7: d1:aa:46:dc:76:66:81:4d:96:76:4f:2a:0d:fb:e7:f0:d9:83: 51:b6:7b:9a:5b:83:b3:0e:6d:cc:46:ce:59:e7:1c:4b:c7:b4: a8:4a:da:60:dd:a3:cd:82:71:44:1c:9d:83:01:62:8a:01:18: 04:05:89:4f:a1:ae:0c:ec:7a:57:86:d9:df:0c:a8:46:9a:5f: cb:9a:94:bc:e7:c2:26:60:2f:0f:ea:3e:32:ea:b1:e9:b6:de: 88:37:ab:39 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgIBbjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 RjAyNjExMC8GA1UEBRMoQkQ3OUFDNzY0MEM5NTVDNDM1QzhDRjU1QzI5MUYxMjJC NzBFMkY5OTAeFw0yNTA4MTQxMTQ1MTRaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV BAMTDTY4OWRjYzQ5LTgzNmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3oOgsgRHypiJlj/d2lOgB/KIfly4eONdczKp9fi8falIdtiOnULqjrge1QPqQ ct/5l4RLVcJv8As1DTjBTe2xggqocf4zUOMTRjQXQ5Mle5Vnpxqo+8wQeHCJQAsA VS1V1Q3spxOejdAT7Ro0awEkJjDbugdnwl4juJh0mWMqsEaazbmlEGy+CA/vMpQS 7OS5EBc/FKEz9ApH5tMu49z3BZ6G0egmEYOnCKtRcMNpuPHLtJ5nQzwR016+fXeC pG/9RMPLPjQq6fldmsKxPJdj2m4XsNNXyOJPavfDXqaH4FHRbfRkJEllGnMvr2FT bvK3k/WTX9dyGibFZ5cqqSQJAgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUH7c6/dee m3bqfqaE4pLAuRrPFj8wHwYDVR0jBBgwFoAUvXmsdkDJVcQ1yM9VwpHxIrcOL5kw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlGMDI2LzNCQUFBQzQ0RkIy ODExRUY5NTlGQzc3NEM0RjlBRTAyL3ZYbXNka0RKVmNRMXlNOVZ3cEh4SXJjT0w1 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdlhtc2RrREpWY1ExeU05VndwSHhJcmNPTDVrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RjAyNi8zQkFBQUM0NEZCMjgxMUVGOTU5RkM3NzRDNEY5QUUwMi8zRkNCNDNEMkZC MjkxMUVGOEExMTZENzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA9BggrBgEFBQcBBwEB/wQu MCwwEgQCAAEwDAMEAWdnQAMEAaM90DAWBAIAAjAQAwcAIAEN9SDAAwUAJAIdoDAN BgkqhkiG9w0BAQsFAAOCAQEADxXyfenNKg7XBbsh9x9lZfJuj3sofIKjF9f42R7v XZi9qO2XFCIVeO8tz0jhlSvQ33gaXDkoT6fi5FdmcDp0NvO9rek5ruRBimikfx82 i2aXj096iAxIZkdYAT2K+g03zhFphh4ydoN+D9ww9owfo4FUxJNGkmj1YJ2Sit+N DCys5Mrcuj0f1gS+NlKG78Gca/NzsnTAkISVc476zrAC2g230apG3HZmgU2Wdk8q Dfvn8NmDUbZ7mluDsw5tzEbOWeccS8e0qEraYN2jzYJxRBydgwFiigEYBAWJT6Gu DOx6V4bZ3wyoRppfy5qUvOfCJmAvD+o+Muqx6bbeiDerOQ== -----END CERTIFICATE-----Generated at Thu Aug 21 05:47:06 2025 by rpki-client