$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3BABBD7699E611EAB3C00943C4F9AE02.roa File: 3BABBD7699E611EAB3C00943C4F9AE02.roa (raw, json) Hash identifier: goeW12JBA3cKKGwjatqM92u32XRcfD8Zb78gB6ELWSk= Subject key identifier: F4:8D:E4:8B:BF:28:07:BD:93:21:D6:EA:54:49:A6:59:B1:95:E7:03 Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Certificate serial: 0A1F Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3BABBD7699E611EAB3C00943C4F9AE02.roa Signing time: Thu 26 Mar 2026 20:26:57 +0000 ROA not before: Thu 26 Mar 2026 20:26:57 +0000 ROA not after: Sat 01 May 2027 00:00:00 +0000 asID: 63916 IP address blocks: 43.245.220.0/22 maxlen: 22 43.245.220.0/24 maxlen: 24 43.245.221.0/24 maxlen: 24 43.245.222.0/24 maxlen: 24 43.245.223.0/24 maxlen: 24 103.209.100.0/24 maxlen: 24 103.209.101.0/24 maxlen: 24 103.209.102.0/24 maxlen: 24 103.209.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 19:45:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2591 (0xa1f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156342, serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37 Validity Not Before: Mar 26 20:26:57 2026 GMT Not After : May 1 00:00:00 2027 GMT Subject: CN=69c59691-f349 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:63:0c:20:8e:b7:43:3d:ba:26:01:00:7b:e7: b1:44:16:bc:94:96:24:fb:a2:40:5c:1e:12:14:10: d8:3e:ed:38:06:8a:48:3b:64:b5:ad:db:01:9e:05: ce:c2:7c:07:08:d4:df:b9:d5:24:16:52:88:04:5b: 0f:e1:30:b7:f6:ee:30:a0:e8:50:30:bb:de:a6:fb: 96:51:4a:54:9d:0e:fd:c3:3e:31:34:39:44:54:a4: 48:2b:a8:3c:e2:69:f9:0c:43:9b:a5:4b:46:93:c4: e3:7d:29:15:fa:cd:f1:d4:19:b3:e5:35:80:35:4c: 60:73:50:77:47:0e:ee:8d:43:56:47:44:9c:1a:cb: aa:0c:4d:16:1e:d7:8a:67:d5:66:d1:c3:f0:8c:0f: 8e:25:70:49:8f:b0:34:f8:72:72:fa:de:c8:6a:b7: 07:1e:68:1d:65:4e:e1:34:ff:0a:d1:2d:b7:52:56: 62:f3:e2:d0:ef:91:f4:16:a9:a3:f0:07:91:3c:ac: d9:d8:96:78:b8:16:4b:59:64:c8:57:c3:5c:37:ce: a5:7f:44:0c:24:f7:6e:67:5e:cd:1b:4f:e3:f0:09: 34:09:07:75:bc:90:97:1d:53:13:75:56:98:a8:89: db:87:8c:ab:5d:4e:8b:97:a9:73:15:76:1f:67:de: 27:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:8D:E4:8B:BF:28:07:BD:93:21:D6:EA:54:49:A6:59:B1:95:E7:03 X509v3 Authority Key Identifier: keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3BABBD7699E611EAB3C00943C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 43.245.220.0/22 103.209.100.0/22 Signature Algorithm: sha256WithRSAEncryption 7b:91:7f:89:d0:4b:95:5d:3a:4a:7e:6c:20:f2:9d:19:09:5f: 2e:db:03:15:cc:84:d3:2f:e2:6f:61:60:e7:8e:33:35:f9:e5: 76:03:26:08:0d:f2:95:65:be:08:e2:8f:b8:86:fb:8e:bd:92: 5f:21:3e:0a:b8:52:91:03:87:44:4f:36:0e:9c:78:33:02:d5: 84:d7:77:83:b5:a6:b3:02:3f:1e:0f:57:fc:9a:08:d8:0b:e9: 01:b9:5e:82:4f:7c:bd:9a:42:7a:8f:5d:27:2b:a3:c6:3a:c5: 3b:ea:cc:31:7e:fe:57:f1:27:51:c0:64:c0:60:8b:fa:55:51: 06:62:c2:0b:02:f9:e2:8d:9a:1d:16:9f:e2:94:86:3d:5a:2b: c5:4d:7f:62:d1:07:02:41:63:2b:e3:6a:cd:b3:16:66:6e:3c: 69:70:29:61:42:15:65:d6:25:d8:1c:90:ba:c3:64:5d:6d:9f: ae:71:ea:3e:49:71:b9:c3:7a:a9:6f:54:7a:2e:18:35:6e:9c: 1c:6d:fa:50:14:86:a9:41:2e:a6:8b:45:df:56:8a:ac:15:3f: 22:bc:6d:b3:f6:5b:58:00:04:06:fb:da:32:84:60:9f:83:24: d6:b6:6b:2d:78:b4:66:94:3b:95:78:1e:6e:08:81:18:c6:df: bc:e1:50:8e -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgICCh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD Q0I2RThFMzcwHhcNMjYwMzI2MjAyNjU3WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWM1OTY5MS1mMzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlWMMII63Qz26JgEAe+exRBa8lJYk+6JAXB4SFBDYPu04BopIO2S1rdsBngXO wnwHCNTfudUkFlKIBFsP4TC39u4woOhQMLvepvuWUUpUnQ79wz4xNDlEVKRIK6g8 4mn5DEObpUtGk8TjfSkV+s3x1Bmz5TWANUxgc1B3Rw7ujUNWR0ScGsuqDE0WHteK Z9Vm0cPwjA+OJXBJj7A0+HJy+t7IarcHHmgdZU7hNP8K0S23UlZi8+LQ75H0Fqmj 8AeRPKzZ2JZ4uBZLWWTIV8NcN86lf0QMJPduZ17NG0/j8Ak0CQd1vJCXHVMTdVaY qInbh4yrXU6Ll6lzFXYfZ94nyQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFPSN5Iu/ KAe9kyHW6lRJplmxlecDMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5 RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0JBQkJENzY5 OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCK/XcAwQCZ9FkMA0GCSqGSIb3DQEBCwUAA4IBAQB7kX+J0EuVXTpK fmwg8p0ZCV8u2wMVzITTL+JvYWDnjjM1+eV2AyYIDfKVZb4I4o+4hvuOvZJfIT4K uFKRA4dETzYOnHgzAtWE13eDtaazAj8eD1f8mgjYC+kBuV6CT3y9mkJ6j10nK6PG OsU76swxfv5X8SdRwGTAYIv6VVEGYsILAvnijZodFp/ilIY9WivFTX9i0QcCQWMr 42rNsxZmbjxpcClhQhVl1iXYHJC6w2RdbZ+uceo+SXG5w3qpb1R6Lhg1bpwcbfpQ FIapQS6mi0XfVoqsFT8ivG2z9ltYAAQG+9oyhGCfgyTWtmsteLRmlDuVeB5uCIEY xt+84VCO -----END CERTIFICATE-----Generated at Fri Apr 17 15:33:45 2026 by rpki-client