$ rpki-client -vvf rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/3FBB06DAA33E11F087A31D6FC4F9AE02.roa File: 3FBB06DAA33E11F087A31D6FC4F9AE02.roa (raw, json) Hash identifier: 3hX8h88yIE4bG4c6BEhKQMbhzT9emXY29GoQUCoDJvc= Subject key identifier: 01:5C:FB:95:19:67:8E:B3:7F:72:96:71:F8:11:03:4E:E1:71:52:B8 Certificate issuer: /CN=A9183B95/serialNumber=FAD7ECC9C05CD8EB2056909D6C614715E2C5133E Certificate serial: 0470 Authority key identifier: FA:D7:EC:C9:C0:5C:D8:EB:20:56:90:9D:6C:61:47:15:E2:C5:13:3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tfsycBc2OsgVpCdbGFHFeLFEz4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/3FBB06DAA33E11F087A31D6FC4F9AE02.roa Signing time: Fri 24 Oct 2025 06:57:46 +0000 ROA not before: Fri 24 Oct 2025 06:57:46 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 55154 IP address blocks: 43.228.157.0/24 maxlen: 24 103.47.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/-tfsycBc2OsgVpCdbGFHFeLFEz4.crl rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/-tfsycBc2OsgVpCdbGFHFeLFEz4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tfsycBc2OsgVpCdbGFHFeLFEz4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:23:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1136 (0x470) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9183B95, serialNumber=FAD7ECC9C05CD8EB2056909D6C614715E2C5133E Validity Not Before: Oct 24 06:57:46 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=68fb236a-72d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:bd:d3:a9:e6:14:61:14:a7:7e:ef:d8:83:f1: 44:75:52:9d:37:29:d3:00:02:8d:96:78:4d:6c:91: 9e:37:36:b6:06:d8:eb:85:cd:01:51:98:13:88:1f: a0:45:cb:d8:a1:7c:67:1f:0d:a5:ef:5a:89:69:b8: 84:7f:c0:59:85:9c:dd:32:82:8b:17:4a:ee:72:05: e3:5a:44:a1:63:db:80:19:a0:4b:0f:19:23:3f:56: 3c:73:d2:d7:7e:29:9d:9b:83:9e:24:f1:78:8e:9f: ac:c7:74:e3:55:e3:94:32:4b:0f:de:5d:e1:a5:79: 32:7c:ae:c2:5e:ed:de:70:c2:1d:ed:55:c6:9d:0a: 61:e0:ba:ba:7f:cc:64:2b:e4:11:0c:d3:f3:05:84: 60:8d:93:d5:c7:a9:ea:bf:1c:94:a0:5b:23:79:1b: 55:ab:67:ae:38:e7:9b:ef:85:93:01:f2:4b:eb:bf: 09:c9:84:35:a6:7d:65:ea:a9:53:0a:79:06:2c:45: 71:e3:43:37:74:1b:4c:53:86:6b:a7:fd:3b:8f:75: e6:cb:0e:61:74:a1:41:e7:fa:53:13:ba:d0:9f:da: 6c:e2:fb:9d:bf:fe:10:6e:bc:04:ab:01:db:20:f1: 57:54:61:a1:14:3b:9b:f4:27:1f:80:a7:71:37:6b: 7f:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:5C:FB:95:19:67:8E:B3:7F:72:96:71:F8:11:03:4E:E1:71:52:B8 X509v3 Authority Key Identifier: keyid:FA:D7:EC:C9:C0:5C:D8:EB:20:56:90:9D:6C:61:47:15:E2:C5:13:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/-tfsycBc2OsgVpCdbGFHFeLFEz4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tfsycBc2OsgVpCdbGFHFeLFEz4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/3FBB06DAA33E11F087A31D6FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.157.0/24 103.47.145.0/24 Signature Algorithm: sha256WithRSAEncryption 8c:37:69:78:a3:ac:66:c5:0b:7a:d7:ab:f2:fe:b3:73:dd:53: eb:a9:fa:a0:54:ff:34:1d:83:98:ed:61:f4:3d:fe:48:d6:01: c4:b1:00:4b:6c:1c:dc:27:ab:23:7f:61:34:2e:e8:f8:ed:99: 9c:60:6b:3c:33:89:6d:df:c4:02:86:a5:05:9b:07:fa:cf:6a: ed:53:59:48:91:1c:11:a4:5c:7b:16:f6:fd:31:41:fc:ad:11: ec:f3:41:3c:64:55:70:30:93:a2:7a:11:b7:d0:ba:3b:ac:f6: 2a:63:14:b1:e6:b6:0c:64:12:01:a9:88:a5:c7:17:07:42:40: 88:7e:bf:29:75:dc:47:f6:0f:18:65:af:3f:a4:9d:01:d8:46: 1b:14:d6:ca:c8:68:47:eb:1a:99:66:56:88:79:0a:05:06:86: 74:7d:2f:87:96:a2:d5:11:d9:e6:e2:72:86:ff:69:6e:84:b3: 24:90:25:b6:81:4a:76:c2:00:57:de:32:44:eb:81:35:20:c7: c6:08:75:fc:b3:2f:16:fc:b2:14:ad:7e:67:86:5e:dd:5a:0e: 77:e1:18:4a:6e:01:14:62:80:47:83:43:14:fd:2c:2b:fb:ed: bb:a5:52:1c:37:e4:e2:d0:3b:49:e8:74:81:bc:ee:42:f2:8e: 5b:b1:a9:9b -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICBHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODNCOTUxMTAvBgNVBAUTKEZBRDdFQ0M5QzA1Q0Q4RUIyMDU2OTA5RDZDNjE0NzE1 RTJDNTEzM0UwHhcNMjUxMDI0MDY1NzQ2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGZiMjM2YS03MmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAk73TqeYUYRSnfu/Yg/FEdVKdNynTAAKNlnhNbJGeNza2Btjrhc0BUZgTiB+g RcvYoXxnHw2l71qJabiEf8BZhZzdMoKLF0rucgXjWkShY9uAGaBLDxkjP1Y8c9LX fimdm4OeJPF4jp+sx3TjVeOUMksP3l3hpXkyfK7CXu3ecMId7VXGnQph4Lq6f8xk K+QRDNPzBYRgjZPVx6nqvxyUoFsjeRtVq2euOOeb74WTAfJL678JyYQ1pn1l6qlT CnkGLEVx40M3dBtMU4Zrp/07j3Xmyw5hdKFB5/pTE7rQn9ps4vudv/4QbrwEqwHb IPFXVGGhFDub9CcfgKdxN2t/aQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAFc+5UZ Z46zf3KWcfgRA07hcVK4MB8GA1UdIwQYMBaAFPrX7MnAXNjrIFaQnWxhRxXixRM+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4M0I5NS9CNTRBM0MzNDgw MzUxMUVDOUFEREE1NEZDNEY5QUUwMi8tdGZzeWNCYzJPc2dWcENkYkdGSEZlTEZF ejQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy10ZnN5Y0JjMk9zZ1ZwQ2RiR0ZIRmVMRkV6NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx ODNCOTUvQjU0QTNDMzQ4MDM1MTFFQzlBRERBNTRGQzRGOUFFMDIvM0ZCQjA2REFB MzNFMTFGMDg3QTMxRDZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAAr5J0DBABnL5EwDQYJKoZIhvcNAQELBQADggEBAIw3aXij rGbFC3rXq/L+s3PdU+up+qBU/zQdg5jtYfQ9/kjWAcSxAEtsHNwnqyN/YTQu6Pjt mZxgazwziW3fxAKGpQWbB/rPau1TWUiRHBGkXHsW9v0xQfytEezzQTxkVXAwk6J6 EbfQujus9ipjFLHmtgxkEgGpiKXHFwdCQIh+vyl13Ef2Dxhlrz+knQHYRhsU1srI aEfrGplmVoh5CgUGhnR9L4eWotUR2ebicob/aW6EsySQJbaBSnbCAFfeMkTrgTUg x8YIdfyzLxb8shStfmeGXt1aDnfhGEpuARRigEeDQxT9LCv77bulUhw35OLQO0no dIG87kLyjluxqZs= -----END CERTIFICATE-----Generated at Wed Nov 5 10:14:09 2025 by rpki-client