$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3AFD491C99E611EAB3C00943C4F9AE02.roa File: 3AFD491C99E611EAB3C00943C4F9AE02.roa (raw, json) Hash identifier: Zmk+e16+6eqsGa5Xu4c3qgkHkTU472qL2Fssh+v6Tm4= Subject key identifier: 84:B0:22:D2:FA:9D:3B:67:DC:54:7A:D7:0E:0E:32:20:66:3C:5B:A9 Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 0A0B Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3AFD491C99E611EAB3C00943C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:40:27 +0000 ROA not before: Thu 20 Mar 2025 20:30:39 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 55799 IP address blocks: 43.245.220.0/22 maxlen: 22 43.245.220.0/24 maxlen: 24 43.245.222.0/24 maxlen: 24 43.245.223.0/24 maxlen: 24 103.209.100.0/24 maxlen: 24 103.209.101.0/24 maxlen: 24 103.209.102.0/24 maxlen: 24 103.209.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:19:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2571 (0xa0b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342, serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Mar 20 20:30:39 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a45deb-e565 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:21:ab:76:e3:ee:c3:00:86:dd:61:6d:02:46: fc:34:a5:b6:4f:58:ef:43:cd:d8:32:38:d3:a2:17: 89:a6:3e:dd:cb:b1:dc:bf:b7:f4:30:59:ee:23:18: 13:22:89:c6:5e:8e:47:eb:33:7f:e3:ab:e5:7e:c5: 7a:85:d0:46:42:b5:48:3b:ea:e1:ba:f0:16:35:4c: 92:11:14:d2:40:cb:78:53:23:36:61:9d:ae:b1:ff: b5:d2:63:cd:af:90:d1:35:1b:1c:41:27:a8:a8:d0: 6e:da:3c:61:19:29:99:35:5e:86:38:9d:ee:7c:4c: 54:71:4c:cc:3d:bb:38:95:81:55:f6:a9:28:68:7f: 78:71:99:37:b4:ff:1c:ac:93:20:66:e4:6f:bf:9b: ee:a3:19:24:e5:44:91:28:26:62:99:b8:07:32:62: ef:bb:7c:ad:ce:97:99:36:8b:8e:e0:32:1c:42:32: 0a:9f:34:d4:33:10:92:fe:81:31:45:9a:1a:fa:6d: 7f:18:3a:ab:44:5e:4c:ab:06:15:ff:71:d8:49:be: d5:a2:c2:72:b2:0e:24:3f:c0:5d:54:27:a1:82:e1: e1:a1:2d:71:c1:63:93:af:28:c9:b1:98:bf:fa:0a: 4b:80:a5:a2:6a:f9:91:77:b8:49:72:e1:0e:54:e2: 74:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:B0:22:D2:FA:9D:3B:67:DC:54:7A:D7:0E:0E:32:20:66:3C:5B:A9 X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3AFD491C99E611EAB3C00943C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.220.0/22 103.209.100.0/22 Signature Algorithm: sha256WithRSAEncryption a1:15:20:48:aa:b6:32:b2:84:19:a1:d9:8f:68:5c:7b:66:e8: 1a:c0:2c:15:f7:e1:42:36:43:19:df:33:39:12:22:f2:74:fa: 41:fc:eb:38:77:d1:d9:6e:22:f8:6f:ed:d9:b6:1d:7e:e6:5e: 78:bf:ca:38:72:68:b8:65:12:53:9e:d1:ef:ef:20:eb:e4:1f: 3f:b1:20:9d:18:7f:a3:ef:ef:e9:f8:ed:bc:6f:74:b8:84:ec: 6d:d8:b2:db:68:d8:34:e7:5b:18:95:ef:70:3d:df:40:db:21: 5e:cb:ed:d1:13:99:b9:18:7d:20:3c:65:29:6f:51:95:08:06: 78:9d:4c:85:a0:03:c6:b7:d9:11:5e:33:d3:ea:4c:27:d0:a0: 05:65:f3:88:3a:3c:f3:4b:fb:39:bb:02:ba:c7:51:09:ca:0d: 2d:ec:4d:dd:02:70:79:d1:9a:5e:84:06:0d:c6:f2:4c:91:67: 95:57:ed:2e:1f:b6:0d:af:14:9d:81:6d:1e:02:82:3f:8c:9f: d7:68:48:3e:46:81:86:88:a5:91:c2:e8:cf:06:6a:c8:d1:56: ff:8b:fc:b7:19:98:1b:91:f2:96:32:a3:32:57:f2:c4:ec:44: 1d:c9:a0:ce:de:96:d9:38:ef:56:fd:22:24:17:12:6a:0a:8d: 17:55:d0:42 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICCgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjUwMzIwMjAzMDM5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWRlYi1lNTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAziGrduPuwwCG3WFtAkb8NKW2T1jvQ83YMjjToheJpj7dy7Hcv7f0MFnuIxgT IonGXo5H6zN/46vlfsV6hdBGQrVIO+rhuvAWNUySERTSQMt4UyM2YZ2usf+10mPN r5DRNRscQSeoqNBu2jxhGSmZNV6GOJ3ufExUcUzMPbs4lYFV9qkoaH94cZk3tP8c rJMgZuRvv5vuoxkk5USRKCZimbgHMmLvu3ytzpeZNouO4DIcQjIKnzTUMxCS/oEx RZoa+m1/GDqrRF5MqwYV/3HYSb7VosJysg4kP8BdVCehguHhoS1xwWOTryjJsZi/ +gpLgKWiavmRd7hJcuEOVOJ0AwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFISwItL6 nTtn3FR61w4OMiBmPFupMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0FGRDQ5MUM5 OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCK/XcAwQCZ9FkMA0GCSqGSIb3DQEBCwUAA4IBAQChFSBIqrYysoQZ odmPaFx7ZugawCwV9+FCNkMZ3zM5EiLydPpB/Os4d9HZbiL4b+3Zth1+5l54v8o4 cmi4ZRJTntHv7yDr5B8/sSCdGH+j7+/p+O28b3S4hOxt2LLbaNg051sYle9wPd9A 2yFey+3RE5m5GH0gPGUpb1GVCAZ4nUyFoAPGt9kRXjPT6kwn0KAFZfOIOjzzS/s5 uwK6x1EJyg0t7E3dAnB50ZpehAYNxvJMkWeVV+0uH7YNrxSdgW0eAoI/jJ/XaEg+ RoGGiKWRwujPBmrI0Vb/i/y3GZgbkfKWMqMyV/LE7EQdyaDO3pbZOO9W/SIkFxJq Co0XVdBC -----END CERTIFICATE-----Generated at Mon Mar 2 09:56:31 2026 by rpki-client