$ rpki-client -vvf rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/3802A98EC8AC11E9877DCE2FC4F9AE02.roa File: 3802A98EC8AC11E9877DCE2FC4F9AE02.roa (raw, json) Hash identifier: 5AhgINS9PwniKFtC6UdMhxxWx5F0pu9QmvKHh6K5mSA= Subject key identifier: 78:C7:A7:42:76:18:88:E3:4E:43:D3:29:6B:CA:2F:50:97:61:C0:4C Certificate issuer: /CN=A91A08FD/serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D Certificate serial: 0DC8 Authority key identifier: 3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/3802A98EC8AC11E9877DCE2FC4F9AE02.roa Signing time: Thu 16 Oct 2025 18:56:42 +0000 ROA not before: Thu 16 Oct 2025 18:56:42 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 135589 IP address blocks: 103.129.76.0/22 maxlen: 22 103.129.76.0/24 maxlen: 24 103.129.77.0/24 maxlen: 24 103.129.78.0/24 maxlen: 24 103.129.79.0/24 maxlen: 24 2403:79c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.crl rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3528 (0xdc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A08FD, serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D Validity Not Before: Oct 16 18:56:42 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=68f13fea-c86b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:10:91:3d:5a:d2:43:09:67:d2:0d:60:34:6d: fc:ac:ec:6a:29:f5:5a:d9:49:e7:23:2e:ab:49:a6: 57:17:56:de:0a:12:86:a0:6e:43:49:1f:91:97:ee: 8f:ce:46:48:86:ae:7d:e2:fb:e5:3b:a3:81:57:bc: 8c:70:cc:66:04:22:82:a6:78:9e:9d:f5:74:34:d5: 9d:5d:69:bd:63:b5:2f:5f:3a:70:ed:4a:32:6d:13: 53:11:b7:e6:14:e5:43:e9:b9:36:cb:a0:a0:92:90: f4:e2:9d:42:f8:00:1e:b5:eb:29:89:f4:cd:5b:f3: b9:fc:3b:88:be:09:bf:b2:e4:0d:54:c0:09:43:99: 98:4e:b1:99:af:18:00:4b:09:98:76:d9:fb:f6:26: 7f:31:e6:e5:05:ce:68:63:82:38:aa:ab:bb:67:51: a1:19:57:a1:c3:81:a4:76:17:2f:49:76:ed:0d:c8: fa:2c:b8:fd:24:f3:cd:aa:41:03:1e:05:52:88:a7: d7:2f:f6:95:4c:eb:cb:50:14:18:42:64:5e:29:30: 48:33:b6:0f:e2:f8:3c:32:4f:a7:ba:52:31:e4:7e: 19:71:8f:12:18:5b:dd:9a:eb:49:ad:14:8e:e7:c4: b2:95:2f:0b:62:21:15:fc:02:14:e8:88:36:a7:ac: 4d:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:C7:A7:42:76:18:88:E3:4E:43:D3:29:6B:CA:2F:50:97:61:C0:4C X509v3 Authority Key Identifier: keyid:3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/3802A98EC8AC11E9877DCE2FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.129.76.0/22 IPv6: 2403:79c0::/32 Signature Algorithm: sha256WithRSAEncryption 22:fc:0a:e6:28:13:c9:c3:b9:0d:00:09:87:ab:28:00:57:6a: 24:08:cb:dd:8b:2f:ef:94:86:60:55:4d:72:78:03:37:3a:c2: 47:94:96:37:0c:71:e8:6a:2f:55:b0:cd:cb:62:59:3c:57:6b: 55:09:3f:97:87:49:a3:c3:7f:39:e8:f6:b4:39:19:47:02:e3: 0c:be:4e:98:32:4f:d8:28:5d:90:a9:f3:3a:20:2b:aa:18:9a: 28:88:c0:d1:98:38:77:07:cb:30:46:a0:fa:c7:46:7c:14:7f: b4:dd:66:b4:07:a3:59:64:a1:46:c2:f5:71:46:75:ff:16:e5: d5:5e:e6:aa:59:b5:8e:f0:c5:c1:f3:e9:dd:20:61:bf:52:96: 18:0f:dc:08:b2:88:26:21:f1:02:1a:81:85:38:07:a6:22:20: cc:62:4b:27:e8:b1:dd:1e:68:73:64:af:74:1a:66:a6:a1:8b: 98:ad:d1:d7:70:bc:ad:d9:8c:af:fb:cc:bd:bf:f3:e0:44:43: 83:ee:c1:37:33:0c:72:4a:55:ce:84:ca:63:87:3e:0c:33:2b: 44:c1:49:2b:82:c7:ad:d2:6d:6c:b6:05:e6:b4:1c:31:7b:99: 93:00:f2:54:65:9b:70:fc:e1:98:fd:98:07:d3:64:e6:c5:bc: 77:93:8a:27 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICDcgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA4RkQxMTAvBgNVBAUTKDNDMUZERDhCQTMwMURDRTNEQjNGMEJDQzI1Qzg2OTRD RTFCQ0RDN0QwHhcNMjUxMDE2MTg1NjQyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OGYxM2ZlYS1jODZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArRCRPVrSQwln0g1gNG38rOxqKfVa2UnnIy6rSaZXF1beChKGoG5DSR+Rl+6P zkZIhq594vvlO6OBV7yMcMxmBCKCpnienfV0NNWdXWm9Y7UvXzpw7UoybRNTEbfm FOVD6bk2y6CgkpD04p1C+AAetespifTNW/O5/DuIvgm/suQNVMAJQ5mYTrGZrxgA SwmYdtn79iZ/MeblBc5oY4I4qqu7Z1GhGVehw4GkdhcvSXbtDcj6LLj9JPPNqkED HgVSiKfXL/aVTOvLUBQYQmReKTBIM7YP4vg8Mk+nulIx5H4ZcY8SGFvdmutJrRSO 58SylS8LYiEV/AIU6Ig2p6xNOQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHjHp0J2 GIjjTkPTKWvKL1CXYcBMMB8GA1UdIwQYMBaAFDwf3YujAdzj2z8LzCXIaUzhvNx9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDhGRC85RjQyRUFEOEM4 QUIxMUU5ODI5RDI4MkZDNEY5QUUwMi9QQl9kaTZNQjNPUGJQd3ZNSmNocFRPRzgz SDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BCX2RpNk1CM09QYlB3dk1KY2hwVE9HODNIMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTA4RkQvOUY0MkVBRDhDOEFCMTFFOTgyOUQyODJGQzRGOUFFMDIvMzgwMkE5OEVD OEFDMTFFOTg3N0RDRTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAJngUwwDQQCAAIwBwMFACQDecAwDQYJKoZIhvcNAQELBQAD ggEBACL8CuYoE8nDuQ0ACYerKABXaiQIy92LL++UhmBVTXJ4Azc6wkeUljcMcehq L1WwzctiWTxXa1UJP5eHSaPDfzno9rQ5GUcC4wy+TpgyT9goXZCp8zogK6oYmiiI wNGYOHcHyzBGoPrHRnwUf7TdZrQHo1lkoUbC9XFGdf8W5dVe5qpZtY7wxcHz6d0g Yb9SlhgP3AiyiCYh8QIagYU4B6YiIMxiSyfosd0eaHNkr3QaZqahi5it0ddwvK3Z jK/7zL2/8+BEQ4PuwTczDHJKVc6EymOHPgwzK0TBSSuCx63SbWy2Bea0HDF7mZMA 8lRlm3D84Zj9mAfTZObFvHeTiic= -----END CERTIFICATE-----Generated at Wed Nov 5 11:22:27 2025 by rpki-client