$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/3C35A3F86B7B11F083D73127C4F9AE02.roa File: 3C35A3F86B7B11F083D73127C4F9AE02.roa (raw, json) Hash identifier: 9qNy5zVh8UXs98buBEPxj4R5vBqOAXtHLxU85YpvOEQ= Subject key identifier: 8E:36:C0:01:44:79:8E:F7:EC:4C:A6:BB:D3:5D:09:53:22:D9:A7:32 Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Certificate serial: 0C26 Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/3C35A3F86B7B11F083D73127C4F9AE02.roa Signing time: Mon 28 Jul 2025 06:22:28 +0000 ROA not before: Mon 28 Jul 2025 06:22:28 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 15412 IP address blocks: 45.124.60.0/22 maxlen: 22 103.7.208.0/22 maxlen: 22 103.8.84.0/24 maxlen: 24 103.8.85.0/24 maxlen: 24 103.8.86.0/24 maxlen: 24 103.8.87.0/24 maxlen: 24 103.21.104.0/24 maxlen: 24 103.21.106.0/24 maxlen: 24 103.225.192.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3110 (0xc26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Validity Not Before: Jul 28 06:22:28 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=68871724-a7cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:86:c7:1d:0d:82:00:8e:58:c1:cf:96:28:d3: 45:bc:52:4f:7c:dc:d9:d8:a4:c6:1e:5d:d8:e7:69: 09:47:ba:1e:f8:cb:00:85:14:ae:73:16:e3:e0:3a: 6b:46:49:e3:3c:f1:ad:1c:b7:de:33:ab:ef:3c:e6: 13:a3:de:29:7f:fe:82:a6:3e:c8:e7:54:b3:5d:30: b0:45:47:82:15:38:51:ae:a7:7d:08:76:11:a6:9c: 05:35:63:f1:ed:fd:ad:8b:47:aa:f6:69:a7:55:66: 3e:5f:d3:85:69:9a:85:f9:60:6b:77:ee:7d:b9:6b: f8:c0:07:71:22:ef:3b:b5:92:c8:01:4f:50:50:e5: 7e:1a:9c:e2:98:f4:fe:cf:ae:fe:af:cb:7b:19:8a: 4a:2e:ef:37:6e:50:19:6e:45:08:92:bb:65:39:bd: 7c:01:5d:c6:f9:63:df:92:00:7e:2b:5a:3c:75:2f: 28:9f:ee:9d:47:81:b2:ae:2a:cb:68:21:1c:ed:87: 04:87:37:a6:87:37:c8:01:3a:de:91:8b:4f:fb:19: 61:38:d7:37:cc:12:d2:d4:37:83:db:40:64:b1:af: cb:75:8e:9e:7b:a7:65:ac:eb:7e:50:d5:b8:ce:c6: d3:95:25:63:4c:86:84:76:0e:85:bd:ee:33:ed:dd: 96:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:36:C0:01:44:79:8E:F7:EC:4C:A6:BB:D3:5D:09:53:22:D9:A7:32 X509v3 Authority Key Identifier: keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/3C35A3F86B7B11F083D73127C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.124.60.0/22 103.7.208.0/22 103.8.84.0/22 103.21.104.0/24 103.21.106.0/24 103.225.192.0/22 Signature Algorithm: sha256WithRSAEncryption 33:6a:a9:15:fe:ce:1b:b6:8e:10:c5:26:1a:29:08:43:40:94: 90:bf:3d:5a:9e:34:c6:27:3e:6c:6a:5f:59:b6:5d:65:11:67: 1b:ed:0b:95:e0:88:fb:7d:c0:4f:d2:76:d5:48:8a:f0:de:bf: 5a:6d:2f:a2:4a:0e:fb:6c:a0:90:5b:0b:f1:dc:d9:ab:a3:43: f4:1d:68:47:df:e1:95:c1:0e:fd:0e:68:37:89:46:2e:88:5d: 2b:58:23:56:aa:c1:d9:c4:ca:30:23:a4:93:0e:e4:b4:cf:83: 19:ab:22:38:06:05:77:98:89:52:df:37:e0:21:51:71:f5:41: 0d:3f:91:0d:d9:d2:eb:67:66:25:d3:9c:9f:bb:45:1b:48:85: e5:ac:05:2c:cb:d3:be:7c:b3:d8:2f:25:97:0e:a5:9b:46:d8: 01:fe:18:e5:2c:75:b2:bb:7d:cb:63:28:21:d6:4e:ff:fd:bb: f1:01:fc:28:b1:b3:35:00:26:05:0b:c8:95:a8:ca:08:82:e8: 2a:86:f0:bb:67:45:5f:9f:31:a9:ab:f5:03:61:e4:cc:82:74: 1a:a2:16:ca:64:6c:ca:5c:2b:19:bc:64:e4:8c:be:4c:7b:4d: 70:99:88:31:e2:1e:a2:25:f7:30:97:73:46:fe:f1:b1:90:35: 60:d3:2c:37 -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgICDCYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG NjlDQkE4NDYwHhcNMjUwNzI4MDYyMjI4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDEw02ODg3MTcyNC1hN2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0YbHHQ2CAI5Ywc+WKNNFvFJPfNzZ2KTGHl3Y52kJR7oe+MsAhRSucxbj4Dpr RknjPPGtHLfeM6vvPOYTo94pf/6Cpj7I51SzXTCwRUeCFThRrqd9CHYRppwFNWPx 7f2ti0eq9mmnVWY+X9OFaZqF+WBrd+59uWv4wAdxIu87tZLIAU9QUOV+GpzimPT+ z67+r8t7GYpKLu83blAZbkUIkrtlOb18AV3G+WPfkgB+K1o8dS8on+6dR4GyrirL aCEc7YcEhzemhzfIATrekYtP+xlhONc3zBLS1DeD20Bksa/LdY6ee6dlrOt+UNW4 zsbTlSVjTIaEdg6Fve4z7d2WRQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFI42wAFE eY737Eymu9NdCVMi2acyMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvM0MzNUEzRjg2 QjdCMTFGMDgzRDczMTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E LjAsMCoEAgABMCQDBAItfDwDBAJnB9ADBAJnCFQDBABnFWgDBABnFWoDBAJn4cAw DQYJKoZIhvcNAQELBQADggEBADNqqRX+zhu2jhDFJhopCENAlJC/PVqeNMYnPmxq X1m2XWURZxvtC5XgiPt9wE/SdtVIivDev1ptL6JKDvtsoJBbC/Hc2aujQ/QdaEff 4ZXBDv0OaDeJRi6IXStYI1aqwdnEyjAjpJMO5LTPgxmrIjgGBXeYiVLfN+AhUXH1 QQ0/kQ3Z0utnZiXTnJ+7RRtIheWsBSzL0758s9gvJZcOpZtG2AH+GOUsdbK7fctj KCHWTv/9u/EB/CixszUAJgULyJWoygiC6CqG8LtnRV+fMamr9QNh5MyCdBqiFspk bMpcKxm8ZOSMvkx7TXCZiDHiHqIl9zCXc0b+8bGQNWDTLDc= -----END CERTIFICATE-----Generated at Sat Aug 9 05:47:37 2025 by rpki-client