$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa File: 3A58D9F499E611EAB3C00943C4F9AE02.roa (raw, json) Hash identifier: Ix/A1HAv4E1o+T96OwAx6diCaMu8Un7l8lL1cR9lZ0I= Subject key identifier: 8E:9F:7D:10:62:5B:FB:98:13:7E:01:62:BB:B5:CA:24:4B:A2:F7:F9 Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 0A1D Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa Signing time: Thu 26 Mar 2026 20:26:54 +0000 ROA not before: Thu 26 Mar 2026 20:26:53 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 134520 IP address blocks: 43.245.220.0/22 maxlen: 22 103.209.100.0/24 maxlen: 24 103.209.101.0/24 maxlen: 24 103.209.102.0/24 maxlen: 24 103.209.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 19:45:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2589 (0xa1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342, serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Mar 26 20:26:53 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69c5968d-02ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:3d:27:13:f4:78:74:d7:c6:00:f7:e9:3f:80: c3:8f:51:23:1a:e3:49:4a:99:7c:93:3f:61:a4:67: c8:1e:53:ab:01:de:11:88:9d:85:ab:0d:22:5f:c8: a8:77:dc:83:3f:b4:1a:6e:f4:9f:81:17:3d:bf:a0: fa:53:af:10:ca:1c:e9:7a:d4:7a:37:72:91:d6:9c: 94:e9:3f:da:2c:30:17:b7:28:0d:20:8c:1a:92:6b: 34:5a:f5:b2:9a:4f:f3:6d:c0:18:af:4b:29:50:36: 47:3b:89:12:85:98:e7:27:5b:c9:14:e2:07:a2:87: d4:00:bc:0d:4e:d7:18:81:99:21:a5:76:00:87:7f: 3a:18:17:c7:dd:dc:29:ec:c0:7d:8e:7d:10:fc:8b: 89:6f:cb:65:18:52:2c:0a:98:4f:c2:e9:8c:e4:00: ab:e3:29:3d:e1:bc:96:e4:d3:81:2b:ee:7b:28:9b: 94:b4:81:44:29:25:bf:d8:64:99:ac:fc:44:d9:65: 8d:bf:47:4c:f3:f2:9c:98:ce:34:8a:72:b2:0a:f7: 55:e7:cc:2f:a5:3b:20:21:c0:5c:ce:d9:cc:59:4f: 59:a2:10:1f:02:23:78:47:0b:1b:60:e3:74:a8:e9: 9d:82:90:b8:60:ed:82:34:f2:46:96:f6:e3:d0:fa: 64:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:9F:7D:10:62:5B:FB:98:13:7E:01:62:BB:B5:CA:24:4B:A2:F7:F9 X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.220.0/22 103.209.100.0/22 Signature Algorithm: sha256WithRSAEncryption 2f:a7:c2:af:e9:77:05:fd:d9:90:e2:11:3d:59:57:6b:24:82: e9:e3:cd:80:a4:b0:71:2f:c3:b1:95:f9:c6:e2:b5:27:e5:10: 40:e6:c7:90:ea:5b:20:ab:a1:f7:a4:32:41:48:6e:dc:e6:15: 6d:53:12:91:5e:b6:95:8b:18:65:0a:42:46:f8:14:f8:d6:02: 7c:b1:16:86:8e:fb:55:04:a2:06:2f:e8:9e:9f:ef:40:55:19: 20:fc:e6:25:01:1a:56:9f:65:2d:41:40:8a:7d:11:70:58:46: 9e:e0:f1:b0:87:72:1e:2a:5e:93:1e:a1:60:fe:1a:87:04:04: ce:00:62:cc:4a:05:6a:d4:4a:89:97:c7:34:b7:b7:3f:70:cd: 0c:c8:cb:82:47:93:87:67:f4:d8:ba:7a:46:5c:86:7d:a9:15: 69:47:0c:cc:20:ba:e1:17:3a:67:5d:22:48:8f:1e:19:a4:48: 76:e3:02:64:c2:f7:7d:3e:ff:71:e1:2c:e0:10:ab:0f:90:39: fc:8d:ff:b1:7b:83:00:1d:7b:18:ea:2f:e7:e4:37:5e:b8:5b: 30:51:ea:73:fe:cd:15:60:cc:7a:b0:0f:99:4a:24:f2:db:4d: 2e:a0:68:cc:c3:34:30:dc:97:18:70:91:f9:de:1a:f8:e7:8f: 91:5c:99:6f -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICCh0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjYwMzI2MjAyNjUzWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWM1OTY4ZC0wMmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtj0nE/R4dNfGAPfpP4DDj1EjGuNJSpl8kz9hpGfIHlOrAd4RiJ2Fqw0iX8io d9yDP7QabvSfgRc9v6D6U68QyhzpetR6N3KR1pyU6T/aLDAXtygNIIwakms0WvWy mk/zbcAYr0spUDZHO4kShZjnJ1vJFOIHoofUALwNTtcYgZkhpXYAh386GBfH3dwp 7MB9jn0Q/IuJb8tlGFIsCphPwumM5ACr4yk94byW5NOBK+57KJuUtIFEKSW/2GSZ rPxE2WWNv0dM8/KcmM40inKyCvdV58wvpTsgIcBcztnMWU9ZohAfAiN4RwsbYON0 qOmdgpC4YO2CNPJGlvbj0PpkDwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFI6ffRBi W/uYE34BYru1yiRLovf5MB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0E1OEQ5RjQ5 OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCK/XcAwQCZ9FkMA0GCSqGSIb3DQEBCwUAA4IBAQAvp8Kv6XcF/dmQ 4hE9WVdrJILp482ApLBxL8OxlfnG4rUn5RBA5seQ6lsgq6H3pDJBSG7c5hVtUxKR XraVixhlCkJG+BT41gJ8sRaGjvtVBKIGL+ien+9AVRkg/OYlARpWn2UtQUCKfRFw WEae4PGwh3IeKl6THqFg/hqHBATOAGLMSgVq1EqJl8c0t7c/cM0MyMuCR5OHZ/TY unpGXIZ9qRVpRwzMILrhFzpnXSJIjx4ZpEh24wJkwvd9Pv9x4SzgEKsPkDn8jf+x e4MAHXsY6i/n5DdeuFswUepz/s0VYMx6sA+ZSiTy200uoGjMwzQw3JcYcJH53hr4 54+RXJlv -----END CERTIFICATE-----Generated at Fri Apr 17 15:20:50 2026 by rpki-client