$ rpki-client -vvf rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/3FACB1ECAE3911F099A5E452C4F9AE02.roa File: 3FACB1ECAE3911F099A5E452C4F9AE02.roa (raw, json) Hash identifier: v0qe3Is5q3yvzdsZV9nmpFuwmP+tm+rwCc0Ad6aEiXk= Subject key identifier: 35:69:86:95:AA:89:D0:C7:11:EF:C7:98:04:5C:D1:26:B1:2A:8C:84 Certificate issuer: /CN=A91E41C9/serialNumber=6546F510C1B92491CA7090BE747A2428924183AA Certificate serial: 02 Authority key identifier: 65:46:F5:10:C1:B9:24:91:CA:70:90:BE:74:7A:24:28:92:41:83:AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUb1EMG5JJHKcJC-dHokKJJBg6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/3FACB1ECAE3911F099A5E452C4F9AE02.roa Signing time: Tue 21 Oct 2025 04:48:56 +0000 ROA not before: Tue 21 Oct 2025 04:48:56 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 140896 IP address blocks: 103.153.30.0/24 maxlen: 24 2001:df4:2c80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/ZUb1EMG5JJHKcJC-dHokKJJBg6o.crl rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/ZUb1EMG5JJHKcJC-dHokKJJBg6o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUb1EMG5JJHKcJC-dHokKJJBg6o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:31:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E41C9, serialNumber=6546F510C1B92491CA7090BE747A2428924183AA Validity Not Before: Oct 21 04:48:56 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=68f710b7-8dc1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:12:30:d5:78:dc:e1:28:91:44:81:ab:6f:b1: 57:a5:bc:30:e9:21:a7:c2:bf:e0:2c:fb:54:ec:35: 00:75:8f:1e:9d:4c:c0:5c:ed:5e:a0:41:70:1c:d8: 27:5b:32:6f:d2:4c:97:99:53:e8:4c:25:55:da:9b: c2:58:bb:ff:77:33:e6:ad:35:f9:16:b2:85:6a:8d: 0e:8a:a8:07:7d:06:8b:92:b3:bc:5a:1b:86:93:91: 47:38:20:07:59:de:c3:ab:cf:fd:55:1c:97:57:ec: 4b:92:38:ae:82:46:82:eb:73:43:f6:43:72:16:29: ec:da:84:b2:c3:63:6e:d8:d6:78:43:60:0a:de:ad: 57:86:38:fc:0b:44:97:32:28:e5:e3:70:9e:43:f2: a5:4f:3e:a5:7b:d1:cd:9e:8f:51:40:64:6f:0a:50: 85:0c:85:ce:5f:bc:1e:90:7e:59:ff:04:00:67:bb: e2:90:6e:02:9a:16:97:f5:af:0c:11:8d:43:30:18: 1b:3c:ba:1c:43:ba:3e:8f:fa:be:e6:4f:c3:0c:90: d5:dc:0b:71:5c:3a:ee:26:18:be:5c:f0:ee:cb:b8: bd:95:e2:12:a9:5e:1e:80:db:c4:98:f9:88:7f:0b: e0:16:88:1a:55:1d:70:62:5e:19:c8:e5:82:d4:eb: 25:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:69:86:95:AA:89:D0:C7:11:EF:C7:98:04:5C:D1:26:B1:2A:8C:84 X509v3 Authority Key Identifier: keyid:65:46:F5:10:C1:B9:24:91:CA:70:90:BE:74:7A:24:28:92:41:83:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/ZUb1EMG5JJHKcJC-dHokKJJBg6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUb1EMG5JJHKcJC-dHokKJJBg6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/3FACB1ECAE3911F099A5E452C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.153.30.0/24 IPv6: 2001:df4:2c80::/48 Signature Algorithm: sha256WithRSAEncryption 3a:6a:02:95:64:54:e8:f2:aa:24:06:62:9c:25:4a:3b:f5:d0: 49:3f:eb:6d:0a:2f:83:00:9f:be:d8:8d:1f:27:1e:cb:55:b4: 16:63:26:b1:11:a2:bb:74:0b:58:06:07:70:6a:f4:56:ff:bd: b8:04:46:7d:c4:ac:4b:31:79:57:59:03:f8:fc:18:47:c6:4b: 88:2c:2f:7f:9c:e6:68:02:87:c1:37:c7:2c:08:9a:2d:b0:f7: 50:25:49:9c:d0:cd:7b:67:e9:ab:91:58:76:77:47:fc:d3:93: 3f:12:28:ed:34:16:3f:5a:6b:bc:cf:4b:66:d1:8c:56:d7:15: 40:98:df:58:7d:17:d7:e6:b6:b8:59:54:b0:17:5f:85:a1:07: ef:44:90:4e:e7:c2:2d:b6:03:e9:a3:b5:aa:b3:12:43:fa:75: 87:2b:12:89:94:a4:76:a8:d7:26:74:97:41:6c:d8:34:b5:9a: 97:32:69:a8:92:b7:02:eb:bf:91:34:ad:ed:57:77:ff:44:11: 86:55:8a:16:b2:11:4d:19:f7:df:0a:0a:e0:7e:fa:65:88:92: 7a:96:02:da:2c:af:2a:d5:ea:28:3b:4e:62:3a:ec:9c:a7:70: 58:0b:2a:b2:5c:a9:50:c5:df:16:76:aa:d0:39:34:e3:02:2c: ae:2a:cf:5a -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NDFDOTExMC8GA1UEBRMoNjU0NkY1MTBDMUI5MjQ5MUNBNzA5MEJFNzQ3QTI0Mjg5 MjQxODNBQTAeFw0yNTEwMjEwNDQ4NTZaFw0yNjEwMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4ZjcxMGI3LThkYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCxEjDVeNzhKJFEgatvsVelvDDpIafCv+As+1TsNQB1jx6dTMBc7V6gQXAc2Cdb Mm/STJeZU+hMJVXam8JYu/93M+atNfkWsoVqjQ6KqAd9BouSs7xaG4aTkUc4IAdZ 3sOrz/1VHJdX7EuSOK6CRoLrc0P2Q3IWKezahLLDY27Y1nhDYArerVeGOPwLRJcy KOXjcJ5D8qVPPqV70c2ej1FAZG8KUIUMhc5fvB6Qfln/BABnu+KQbgKaFpf1rwwR jUMwGBs8uhxDuj6P+r7mT8MMkNXcC3FcOu4mGL5c8O7LuL2V4hKpXh6A28SY+Yh/ C+AWiBpVHXBiXhnI5YLU6yVhAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUNWmGlaqJ 0McR78eYBFzRJrEqjIQwHwYDVR0jBBgwFoAUZUb1EMG5JJHKcJC+dHokKJJBg6ow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0MUM5LzQ5QkQ5REE2QzBG ODExRUE4QUM2QzQ2Q0M0RjlBRTAyL1pVYjFFTUc1SkpIS2NKQy1kSG9rS0pKQmc2 by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWlViMUVNRzVKSkhLY0pDLWRIb2tLSkpCZzZvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDFDOS80OUJEOURBNkMwRjgxMUVBOEFDNkM0NkNDNEY5QUUwMi8zRkFDQjFFQ0FF MzkxMUYwOTlBNUU0NTJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAGeZHjAPBAIAAjAJAwcAIAEN9CyAMA0GCSqGSIb3DQEBCwUA A4IBAQA6agKVZFTo8qokBmKcJUo79dBJP+ttCi+DAJ++2I0fJx7LVbQWYyaxEaK7 dAtYBgdwavRW/724BEZ9xKxLMXlXWQP4/BhHxkuILC9/nOZoAofBN8csCJotsPdQ JUmc0M17Z+mrkVh2d0f805M/EijtNBY/Wmu8z0tm0YxW1xVAmN9YfRfX5ra4WVSw F1+FoQfvRJBO58IttgPpo7WqsxJD+nWHKxKJlKR2qNcmdJdBbNg0tZqXMmmokrcC 67+RNK3tV3f/RBGGVYoWshFNGfffCgrgfvpliJJ6lgLaLK8q1eooO05iOuycp3BY CyqyXKlQxd8WdqrQOTTjAiyuKs9a -----END CERTIFICATE-----Generated at Wed Nov 5 09:35:12 2025 by rpki-client