$ rpki-client -vvf rpki.apnic.net/member_repository/A913D03A/926B43E8219011EB82A41B48C4F9AE02/3A9F3ADC234A11EBA0C40C2FC4F9AE02.roa File: 3A9F3ADC234A11EBA0C40C2FC4F9AE02.roa (raw, json) Hash identifier: 6v/MAZZg1lG1nyy4jfUZa7RKFxydOW7o7hmcCf0ksdk= Subject key identifier: 3E:D9:B8:42:04:FA:84:54:70:CA:ED:BA:F6:9C:E4:8F:30:7C:19:68 Certificate issuer: /CN=A913D03A/serialNumber=DBBE9BFC7F8A3D3BE05BB5B6021F7545BE981BF0 Certificate serial: 07F7 Authority key identifier: DB:BE:9B:FC:7F:8A:3D:3B:E0:5B:B5:B6:02:1F:75:45:BE:98:1B:F0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/276b_H-KPTvgW7W2Ah91Rb6YG_A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913D03A/926B43E8219011EB82A41B48C4F9AE02/3A9F3ADC234A11EBA0C40C2FC4F9AE02.roa Signing time: Sun 01 Mar 2026 08:39:42 +0000 ROA not before: Fri 30 May 2025 21:51:22 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 135376 IP address blocks: 103.84.97.0/24 maxlen: 24 103.139.179.0/24 maxlen: 24 103.215.210.0/24 maxlen: 24 103.215.211.0/24 maxlen: 24 103.216.160.0/24 maxlen: 24 185.193.212.0/24 maxlen: 24 185.193.213.0/24 maxlen: 24 185.193.214.0/24 maxlen: 24 185.193.215.0/24 maxlen: 24 202.3.76.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913D03A/926B43E8219011EB82A41B48C4F9AE02/276b_H-KPTvgW7W2Ah91Rb6YG_A.crl rsync://rpki.apnic.net/member_repository/A913D03A/926B43E8219011EB82A41B48C4F9AE02/276b_H-KPTvgW7W2Ah91Rb6YG_A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/276b_H-KPTvgW7W2Ah91Rb6YG_A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 23:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2039 (0x7f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913D03A, serialNumber=DBBE9BFC7F8A3D3BE05BB5B6021F7545BE981BF0 Validity Not Before: May 30 21:51:22 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a3fb4e-98cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f1:a9:09:d3:23:9b:0c:d8:05:b2:31:ec:a7: 81:41:9a:94:25:fa:f6:ec:f8:23:d9:fa:a1:6a:51: a1:45:e8:f1:6f:9c:c3:1a:0b:4c:3e:3a:54:41:bc: af:5e:6a:1a:92:66:41:47:3e:47:37:70:34:84:ed: 7d:cc:9d:64:a8:9c:90:06:33:2d:be:21:18:34:52: 40:d8:5a:00:39:3f:8d:59:42:75:bb:08:5e:d6:05: 14:bc:46:e7:b9:09:1c:65:2b:1c:c3:5e:68:b1:b2: c5:6d:21:e4:ed:33:f8:ea:c7:5c:bf:a8:b3:0e:7c: 7b:60:b3:ba:df:06:e3:c3:f6:85:f9:9e:41:9e:08: 17:db:ef:da:59:65:ae:eb:b9:b7:c1:a4:59:3e:1e: 57:ea:17:f5:02:28:3f:11:eb:50:46:2a:19:6e:37: 2f:72:1e:52:5a:81:67:c6:ea:35:19:e4:c8:73:02: 05:d2:9b:10:8f:db:a7:bb:08:5d:51:db:b4:6d:dc: 48:94:f9:c1:3d:18:37:c0:aa:df:2c:eb:c6:c4:ee: c0:6c:3d:f9:99:6e:7c:b3:78:04:4e:2f:3e:2c:13: db:42:01:e3:1c:0a:bd:1b:f3:7d:b5:8f:88:f4:ef: c9:e8:d5:29:3b:0c:cd:58:d5:9e:10:64:ec:6a:b3: d4:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:D9:B8:42:04:FA:84:54:70:CA:ED:BA:F6:9C:E4:8F:30:7C:19:68 X509v3 Authority Key Identifier: keyid:DB:BE:9B:FC:7F:8A:3D:3B:E0:5B:B5:B6:02:1F:75:45:BE:98:1B:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913D03A/926B43E8219011EB82A41B48C4F9AE02/276b_H-KPTvgW7W2Ah91Rb6YG_A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/276b_H-KPTvgW7W2Ah91Rb6YG_A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D03A/926B43E8219011EB82A41B48C4F9AE02/3A9F3ADC234A11EBA0C40C2FC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.84.97.0/24 103.139.179.0/24 103.215.210.0/23 103.216.160.0/24 185.193.212.0/22 202.3.76.0/24 Signature Algorithm: sha256WithRSAEncryption d8:81:a9:eb:96:22:b3:96:ba:fc:84:77:de:24:c0:64:f2:4f: 1b:5d:d3:43:f3:42:da:71:65:03:40:a5:60:37:b3:67:51:f5: ee:47:12:41:49:50:04:17:c2:9d:f4:0a:26:d1:be:42:18:20: 1a:0a:a6:a4:72:a3:47:96:c7:50:58:d1:93:37:62:8a:74:4a: 19:7b:f9:57:7a:ca:38:d1:28:74:2c:f7:d3:03:7e:80:95:ad: 78:fb:56:f0:c4:cf:3c:2f:bb:d6:67:08:21:1e:36:1e:98:34: 8a:da:f3:85:c4:de:f3:67:42:e6:ea:a7:61:99:42:b8:81:61: 57:1f:2b:59:e6:d4:61:a4:53:05:b4:50:dc:74:64:02:fd:67: d7:09:de:ae:15:e9:e6:ad:cb:db:48:e9:d0:c3:ba:2d:70:7c: a9:b5:f2:8d:d0:a1:63:98:1c:1a:32:cd:c6:3d:cc:47:d4:5b: ed:73:1f:e2:9e:3b:5b:da:2e:27:09:c7:70:34:a5:9b:74:8d: 84:ff:9f:0c:8e:3f:5b:a6:32:a0:3b:1a:13:a2:b3:c3:fb:65: 64:03:9d:5e:18:79:a8:75:4b:86:c5:28:c6:73:7c:d6:44:d1: 2b:88:e6:8a:78:70:1d:14:76:1f:63:b0:81:b9:23:2b:02:1f: a3:63:fe:99 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgICB/cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0QwM0ExMTAvBgNVBAUTKERCQkU5QkZDN0Y4QTNEM0JFMDVCQjVCNjAyMUY3NTQ1 QkU5ODFCRjAwHhcNMjUwNTMwMjE1MTIyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWEzZmI0ZS05OGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqvGpCdMjmwzYBbIx7KeBQZqUJfr27Pgj2fqhalGhRejxb5zDGgtMPjpUQbyv XmoakmZBRz5HN3A0hO19zJ1kqJyQBjMtviEYNFJA2FoAOT+NWUJ1uwhe1gUUvEbn uQkcZSscw15osbLFbSHk7TP46sdcv6izDnx7YLO63wbjw/aF+Z5BnggX2+/aWWWu 67m3waRZPh5X6hf1Aig/EetQRioZbjcvch5SWoFnxuo1GeTIcwIF0psQj9unuwhd Udu0bdxIlPnBPRg3wKrfLOvGxO7AbD35mW58s3gETi8+LBPbQgHjHAq9G/N9tY+I 9O/J6NUpOwzNWNWeEGTsarPU/wIDAQABo4ICfjCCAnowHQYDVR0OBBYEFD7ZuEIE +oRUcMrtuvac5I8wfBloMB8GA1UdIwQYMBaAFNu+m/x/ij074Fu1tgIfdUW+mBvw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRDAzQS85MjZCNDNFODIx OTAxMUVCODJBNDFCNDhDNEY5QUUwMi8yNzZiX0gtS1BUdmdXN1cyQWg5MVJiNllH X0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzI3NmJfSC1LUFR2Z1c3VzJBaDkxUmI2WUdfQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0QwM0EvOTI2QjQzRTgyMTkwMTFFQjgyQTQxQjQ4QzRGOUFFMDIvM0E5RjNBREMy MzRBMTFFQkEwQzQwQzJGQzRGOUFFMDIucm9hMD0GCCsGAQUFBwEHAQH/BC4wLDAq BAIAATAkAwQAZ1RhAwQAZ4uzAwQBZ9fSAwQAZ9igAwQCucHUAwQAygNMMA0GCSqG SIb3DQEBCwUAA4IBAQDYganrliKzlrr8hHfeJMBk8k8bXdND80LacWUDQKVgN7Nn UfXuRxJBSVAEF8Kd9Aom0b5CGCAaCqakcqNHlsdQWNGTN2KKdEoZe/lXeso40Sh0 LPfTA36Ala14+1bwxM88L7vWZwghHjYemDSK2vOFxN7zZ0Lm6qdhmUK4gWFXHytZ 5tRhpFMFtFDcdGQC/WfXCd6uFenmrcvbSOnQw7otcHyptfKN0KFjmBwaMs3GPcxH 1Fvtcx/injtb2i4nCcdwNKWbdI2E/58Mjj9bpjKgOxoTorPD+2VkA51eGHmodUuG xSjGc3zWRNEriOaKeHAdFHYfY7CBuSMrAh+jY/6Z -----END CERTIFICATE-----Generated at Mon Mar 2 11:17:38 2026 by rpki-client