$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3AFD491C99E611EAB3C00943C4F9AE02.roa File: 3AFD491C99E611EAB3C00943C4F9AE02.roa (raw, json) Hash identifier: hAA41RG01uNOAJq/J2qFIRJdJvtjuAyTCQh8VD7YTr4= Subject key identifier: 24:D2:58:A6:C0:9E:7B:E3:CA:B5:34:96:19:9A:74:C1:96:7F:17:8A Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 0A1E Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3AFD491C99E611EAB3C00943C4F9AE02.roa Signing time: Thu 26 Mar 2026 20:26:55 +0000 ROA not before: Thu 26 Mar 2026 20:26:55 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 55799 IP address blocks: 43.245.220.0/22 maxlen: 22 43.245.220.0/24 maxlen: 24 43.245.222.0/24 maxlen: 24 43.245.223.0/24 maxlen: 24 103.209.100.0/24 maxlen: 24 103.209.101.0/24 maxlen: 24 103.209.102.0/24 maxlen: 24 103.209.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 19:45:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2590 (0xa1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342, serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Mar 26 20:26:55 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69c5968f-4f1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f9:69:ce:77:d2:d7:41:3b:7f:ef:b0:63:0a: e1:9c:e6:91:fb:74:62:4b:80:7e:f0:14:4a:30:f1: eb:8b:a1:1e:4a:30:b4:fd:6b:74:42:15:bd:9d:9f: 46:c5:d9:1e:04:08:28:17:a9:2c:54:63:75:78:be: f7:eb:3c:88:be:0b:4d:2e:62:5d:e4:61:41:ed:36: aa:53:97:99:82:f4:18:18:2d:7a:2b:d7:d5:60:d6: 1d:e7:3f:4b:48:4f:01:6c:cd:4f:eb:0f:e6:13:5e: 80:fd:db:0c:44:5e:66:05:d9:ea:bb:e8:c0:2c:db: 55:51:d6:79:a5:38:01:49:eb:4b:3f:aa:fd:bc:93: 2c:18:ba:7b:e7:a6:af:65:9f:0a:0d:1f:13:60:f7: 62:a5:84:1f:fb:8f:92:2b:02:ed:f2:7e:9a:4b:82: 7c:2b:5d:03:8b:1b:dd:80:13:81:39:ec:07:27:4a: 98:73:03:df:b4:f5:c1:22:78:8e:e2:35:f9:4b:04: 20:8a:c2:f3:d1:54:85:29:67:da:7f:87:a4:71:ea: 05:77:d2:c1:97:1c:ed:40:7b:0e:97:7d:d1:eb:43: e2:ae:2f:0d:73:f3:14:f8:e4:ec:24:79:38:c6:32: ca:d7:12:35:da:3b:9b:79:42:04:87:2a:b1:67:06: a4:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:D2:58:A6:C0:9E:7B:E3:CA:B5:34:96:19:9A:74:C1:96:7F:17:8A X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3AFD491C99E611EAB3C00943C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.220.0/22 103.209.100.0/22 Signature Algorithm: sha256WithRSAEncryption 8f:cf:9c:af:ff:62:d1:24:c9:93:d2:22:2e:64:57:11:a9:19: 56:4a:b2:03:45:3d:45:0f:b6:d4:1e:4f:56:57:fd:75:86:00: 1e:79:ca:6f:a6:48:63:a4:cd:ba:35:62:c8:54:ab:03:d9:4e: f3:a5:6c:5b:77:ea:61:ae:4d:cc:11:de:a5:d2:39:4b:fe:05: bd:e3:32:84:22:1a:02:f2:c8:95:0c:bd:5e:b0:0b:38:4c:76: 63:c7:15:bd:2e:24:8e:f6:16:9a:5b:87:b5:52:47:dd:48:69: ba:a2:cd:35:ef:b2:ae:3a:5b:21:5e:0e:15:e4:b0:c3:c4:dd: 61:62:d1:ac:a0:38:89:d3:7e:d6:09:dd:29:3a:c2:f2:85:b8: 1c:9f:1c:df:4a:35:1c:e0:d7:eb:3d:42:9c:0b:2a:d9:a9:6d: 4c:65:87:18:35:d4:ba:3b:e7:9f:e0:66:e1:6c:b4:26:7e:53: 63:7f:b7:5e:b2:bf:c8:79:fc:f8:23:1d:d7:f1:2c:da:a1:81: 0d:4d:be:55:56:12:b2:2c:6d:86:73:5c:37:1d:8d:67:f1:20: 52:2d:36:59:4a:a2:94:93:15:3e:c3:e3:5f:e8:e9:4d:74:53: 78:45:79:25:7f:59:4c:11:9c:58:62:c9:8e:c6:5a:41:68:58: 44:cc:4c:6d -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICCh4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjYwMzI2MjAyNjU1WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWM1OTY4Zi00ZjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsPlpznfS10E7f++wYwrhnOaR+3RiS4B+8BRKMPHri6EeSjC0/Wt0QhW9nZ9G xdkeBAgoF6ksVGN1eL736zyIvgtNLmJd5GFB7TaqU5eZgvQYGC16K9fVYNYd5z9L SE8BbM1P6w/mE16A/dsMRF5mBdnqu+jALNtVUdZ5pTgBSetLP6r9vJMsGLp756av ZZ8KDR8TYPdipYQf+4+SKwLt8n6aS4J8K10DixvdgBOBOewHJ0qYcwPftPXBIniO 4jX5SwQgisLz0VSFKWfaf4ekceoFd9LBlxztQHsOl33R60Piri8Nc/MU+OTsJHk4 xjLK1xI12jubeUIEhyqxZwakAQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFCTSWKbA nnvjyrU0lhmadMGWfxeKMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0FGRDQ5MUM5 OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCK/XcAwQCZ9FkMA0GCSqGSIb3DQEBCwUAA4IBAQCPz5yv/2LRJMmT 0iIuZFcRqRlWSrIDRT1FD7bUHk9WV/11hgAeecpvpkhjpM26NWLIVKsD2U7zpWxb d+phrk3MEd6l0jlL/gW94zKEIhoC8siVDL1esAs4THZjxxW9LiSO9haaW4e1Ukfd SGm6os0177KuOlshXg4V5LDDxN1hYtGsoDiJ037WCd0pOsLyhbgcnxzfSjUc4Nfr PUKcCyrZqW1MZYcYNdS6O+ef4GbhbLQmflNjf7desr/Iefz4Ix3X8SzaoYENTb5V VhKyLG2Gc1w3HY1n8SBSLTZZSqKUkxU+w+Nf6OlNdFN4RXklf1lMEZxYYsmOxlpB aFhEzExt -----END CERTIFICATE-----Generated at Fri Apr 17 16:36:46 2026 by rpki-client