$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa File: 3A58D9F499E611EAB3C00943C4F9AE02.roa (raw, json) Hash identifier: Od5KYLxvqq8bPa97Fy0kuI4FHkEaW4Gm3D6V7HRmSiU= Subject key identifier: B2:63:B8:ED:B6:6F:4F:CF:F1:17:BB:1A:92:32:96:7B:BD:CE:68:86 Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 0A0A Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:40:27 +0000 ROA not before: Thu 20 Mar 2025 20:30:38 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 134520 IP address blocks: 43.245.220.0/22 maxlen: 22 103.209.100.0/24 maxlen: 24 103.209.101.0/24 maxlen: 24 103.209.102.0/24 maxlen: 24 103.209.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:19:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2570 (0xa0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342, serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Mar 20 20:30:38 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a45dea-9993 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ff:1a:ba:d4:09:b3:ba:b6:5e:5c:84:41:88: 97:77:e4:86:d7:2d:c5:8f:d7:03:0f:48:d3:0b:c5: 4e:c0:e0:b3:35:1d:0b:65:5d:aa:6f:53:3b:36:03: 5e:3e:cc:b5:51:7c:ee:5f:01:00:57:f7:95:1d:2b: 42:9a:b0:1c:25:4f:4d:a3:b4:60:68:1c:4b:81:07: 3b:d7:01:43:de:b3:ee:d3:28:48:7f:3e:9f:59:11: 77:8d:ab:e0:59:c4:53:bf:ab:ab:19:11:38:6a:17: a8:e3:ee:86:1f:96:a9:bd:06:35:8f:ff:ca:5f:83: 07:73:4e:04:cd:cc:ed:e2:3d:c0:63:b4:f6:37:72: 16:91:4e:57:55:1f:db:dd:92:f5:39:e6:b2:df:4a: fe:98:38:fa:19:a7:a5:34:3b:0f:2c:29:e3:a4:26: a2:ef:6f:9e:2a:e7:e0:2c:a1:42:a0:2a:3f:6a:bd: 3a:43:13:d2:0f:16:91:a1:37:a7:a2:ff:10:01:56: a2:c9:74:d5:31:ce:fe:ca:d7:f9:1a:d3:99:47:40: 18:3d:07:ae:78:85:4d:3a:f6:88:31:66:00:37:fd: d3:ae:6d:c9:f1:5c:0c:d8:04:12:b9:2d:3c:8f:be: 3d:68:dd:a2:f2:85:ee:5b:34:6c:0d:18:74:b0:61: 5f:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:63:B8:ED:B6:6F:4F:CF:F1:17:BB:1A:92:32:96:7B:BD:CE:68:86 X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.220.0/22 103.209.100.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:c7:45:0d:a3:3b:59:8b:57:6d:85:a2:77:a9:4b:4d:45:3d: a8:6f:16:cc:c0:ba:3d:5c:da:99:a2:3a:4b:44:1d:60:7f:68: b5:95:f1:62:88:d6:5f:42:e3:9d:9c:0d:ba:d4:39:0d:16:5d: e2:51:5d:cf:55:be:55:aa:b3:18:df:cb:6a:52:07:94:b0:fa: 12:b7:2c:8c:b6:cf:d8:7a:6b:22:61:f1:a8:42:8a:f8:dd:3e: 62:93:79:97:76:2b:89:5b:88:9c:ea:57:83:b9:55:5d:ed:22: 0b:e2:57:07:91:e6:ea:95:82:f9:26:df:31:18:48:35:97:fc: d8:c9:90:18:4b:1e:83:d2:40:ae:aa:2b:77:18:38:77:bf:2f: e9:c3:4e:ed:9e:2d:53:b0:27:1b:77:11:45:10:48:b2:24:2e: 81:41:cb:36:ac:66:e2:5f:89:88:60:42:28:f0:5d:93:c4:23: a5:3e:08:0c:d8:27:4e:ab:7c:3b:ba:8f:59:79:b0:d7:f8:26: c8:80:f1:2b:04:05:ee:bc:9a:40:7b:94:7f:18:af:f9:7f:94: d1:4f:25:5a:d7:8d:48:63:54:32:08:95:19:e0:4d:72:de:20: 35:76:4a:2a:5f:81:9a:90:60:41:32:d9:60:5c:4c:5f:8b:1b: 7a:53:d7:72 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICCgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjUwMzIwMjAzMDM4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWRlYS05OTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqP8autQJs7q2XlyEQYiXd+SG1y3Fj9cDD0jTC8VOwOCzNR0LZV2qb1M7NgNe Psy1UXzuXwEAV/eVHStCmrAcJU9No7RgaBxLgQc71wFD3rPu0yhIfz6fWRF3javg WcRTv6urGRE4aheo4+6GH5apvQY1j//KX4MHc04Ezczt4j3AY7T2N3IWkU5XVR/b 3ZL1Oeay30r+mDj6GaelNDsPLCnjpCai72+eKufgLKFCoCo/ar06QxPSDxaRoTen ov8QAVaiyXTVMc7+ytf5GtOZR0AYPQeueIVNOvaIMWYAN/3Trm3J8VwM2AQSuS08 j749aN2i8oXuWzRsDRh0sGFfqwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFLJjuO22 b0/P8Re7GpIylnu9zmiGMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0E1OEQ5RjQ5 OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCK/XcAwQCZ9FkMA0GCSqGSIb3DQEBCwUAA4IBAQCfx0UNoztZi1dt haJ3qUtNRT2obxbMwLo9XNqZojpLRB1gf2i1lfFiiNZfQuOdnA261DkNFl3iUV3P Vb5VqrMY38tqUgeUsPoStyyMts/YemsiYfGoQor43T5ik3mXdiuJW4ic6leDuVVd 7SIL4lcHkebqlYL5Jt8xGEg1l/zYyZAYSx6D0kCuqit3GDh3vy/pw07tni1TsCcb dxFFEEiyJC6BQcs2rGbiX4mIYEIo8F2TxCOlPggM2CdOq3w7uo9ZebDX+CbIgPEr BAXuvJpAe5R/GK/5f5TRTyVa141IY1QyCJUZ4E1y3iA1dkoqX4GakGBBMtlgXExf ixt6U9dy -----END CERTIFICATE-----Generated at Mon Mar 2 06:06:14 2026 by rpki-client