$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3BABBD7699E611EAB3C00943C4F9AE02.roa File: 3BABBD7699E611EAB3C00943C4F9AE02.roa (raw, json) Hash identifier: LO9ouDVpuivnYHBghIyjyP9NLDarWKgm/7HMedCaaUg= Subject key identifier: A0:A6:9B:62:74:0B:A3:01:69:9E:EE:54:6C:B1:FD:8F:0E:E3:75:2E Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 0A0C Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3BABBD7699E611EAB3C00943C4F9AE02.roa Signing time: Sun 01 Mar 2026 15:40:28 +0000 ROA not before: Thu 18 Dec 2025 19:19:33 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 63916 IP address blocks: 43.245.220.0/22 maxlen: 22 43.245.220.0/24 maxlen: 24 43.245.221.0/24 maxlen: 24 43.245.222.0/24 maxlen: 24 43.245.223.0/24 maxlen: 24 103.209.100.0/24 maxlen: 24 103.209.101.0/24 maxlen: 24 103.209.102.0/24 maxlen: 24 103.209.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 00:19:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2572 (0xa0c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342, serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Dec 18 19:19:33 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=69a45dec-cca8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e3:79:9c:98:a8:2f:6c:ee:46:b4:f8:d2:a4: 68:d2:a5:8c:51:ee:40:93:78:b7:c0:f7:da:49:bc: 61:53:e8:fc:59:b0:d1:95:38:5c:99:6c:7a:93:80: 08:5a:8e:a8:b6:a4:74:c9:f7:82:e4:5c:1d:18:8f: d9:91:e0:01:de:90:fc:32:b1:71:08:5e:3c:03:a8: b9:45:71:d3:3c:e1:04:f8:50:70:2f:8e:d6:8d:bd: 23:e5:c8:56:7d:f5:c4:51:0d:3c:a6:98:5f:52:ab: 83:62:03:b2:de:3b:f7:cc:8a:1c:8b:6e:b5:39:14: b1:2a:ee:b4:a6:67:0c:f1:1b:4e:bb:41:73:ec:c5: 80:aa:88:3a:66:05:da:4d:36:8c:c4:01:b1:f8:20: ab:48:a8:f7:4a:eb:74:aa:89:5d:52:02:40:52:02: 12:09:1b:14:70:1a:a7:86:c1:2d:48:27:ed:e0:03: b0:58:7d:ff:cf:c6:a3:ab:48:21:14:bb:bc:f0:74: c6:92:54:5c:2b:fb:9e:79:6f:78:9e:88:b4:9d:8d: 71:61:54:7d:44:04:ae:3c:1c:6b:75:91:d8:70:71: 30:ec:70:41:6e:64:60:18:9b:13:b1:16:de:1b:c0: 0d:94:06:5d:60:dd:e0:db:70:90:ec:a5:17:84:7d: be:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:A6:9B:62:74:0B:A3:01:69:9E:EE:54:6C:B1:FD:8F:0E:E3:75:2E X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3BABBD7699E611EAB3C00943C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.220.0/22 103.209.100.0/22 Signature Algorithm: sha256WithRSAEncryption 8e:e0:c6:59:82:8b:b4:a3:87:00:dc:9c:69:19:8e:23:b7:b7: db:3c:4f:e4:70:4c:33:e8:2d:37:96:ab:76:ab:06:49:11:20: a2:08:fd:60:9a:5d:a8:07:fb:63:7b:c9:aa:a7:e8:1c:bb:f4: 5e:08:6f:92:34:a2:fb:f1:cf:76:f4:78:06:35:7d:40:4b:de: cf:b4:e5:0c:a6:18:33:47:d1:66:2a:42:07:07:f8:16:3c:f8: 38:fb:f3:c2:21:38:9c:74:c8:56:e2:fb:78:81:df:26:16:e4: c1:9c:20:45:7a:4a:82:63:bb:85:1f:87:78:a2:7f:21:1c:24: e7:e0:b0:2f:a9:15:e9:c9:5c:e2:3a:2b:8b:0c:de:a5:01:9d: b4:30:ea:27:cb:52:38:cb:5e:ed:3d:f5:e6:9f:ac:fa:aa:81: 60:f9:a8:55:81:8e:e8:37:fc:8c:1d:cc:93:ab:92:3a:b5:16: b1:4a:01:ba:b9:a7:56:73:2f:4a:21:1a:87:07:13:b6:43:eb: 89:0b:5b:b9:2d:9e:ad:58:af:e6:75:b0:43:d9:ed:3f:60:e8: 79:56:80:4c:73:51:fb:04:37:f1:10:a4:88:a9:e4:84:09:dd: 39:3d:17:ba:2a:92:b4:e8:e7:38:51:c6:8d:36:63:3a:1e:be: 29:23:c6:40 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICCgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjUxMjE4MTkxOTMzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NWRlYy1jY2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt+N5nJioL2zuRrT40qRo0qWMUe5Ak3i3wPfaSbxhU+j8WbDRlThcmWx6k4AI Wo6otqR0yfeC5FwdGI/ZkeAB3pD8MrFxCF48A6i5RXHTPOEE+FBwL47Wjb0j5chW ffXEUQ08pphfUquDYgOy3jv3zIoci261ORSxKu60pmcM8RtOu0Fz7MWAqog6ZgXa TTaMxAGx+CCrSKj3Sut0qoldUgJAUgISCRsUcBqnhsEtSCft4AOwWH3/z8ajq0gh FLu88HTGklRcK/ueeW94noi0nY1xYVR9RASuPBxrdZHYcHEw7HBBbmRgGJsTsRbe G8ANlAZdYN3g23CQ7KUXhH2+cQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFKCmm2J0 C6MBaZ7uVGyx/Y8O43UuMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0JBQkJENzY5 OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCK/XcAwQCZ9FkMA0GCSqGSIb3DQEBCwUAA4IBAQCO4MZZgou0o4cA 3JxpGY4jt7fbPE/kcEwz6C03lqt2qwZJESCiCP1gml2oB/tje8mqp+gcu/ReCG+S NKL78c929HgGNX1AS97PtOUMphgzR9FmKkIHB/gWPPg4+/PCITicdMhW4vt4gd8m FuTBnCBFekqCY7uFH4d4on8hHCTn4LAvqRXpyVziOiuLDN6lAZ20MOony1I4y17t PfXmn6z6qoFg+ahVgY7oN/yMHcyTq5I6tRaxSgG6uadWcy9KIRqHBxO2Q+uJC1u5 LZ6tWK/mdbBD2e0/YOh5VoBMc1H7BDfxEKSIqeSECd05PRe6KpK06Oc4UcaNNmM6 Hr4pI8ZA -----END CERTIFICATE-----Generated at Mon Mar 2 10:02:08 2026 by rpki-client