$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/3F3EDA068CAB11EF8A61C244C4F9AE02.roa File: 3F3EDA068CAB11EF8A61C244C4F9AE02.roa (raw, json) Hash identifier: tlKS/saXcUEqSUdoVe/orILud6VMLOZGDh0+a8Ti4+w= Subject key identifier: 44:B8:D7:6E:CC:C6:5A:20:E3:27:D8:A5:3F:71:19:A5:5B:B2:1C:AD Certificate issuer: /CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4 Certificate serial: 0210 Authority key identifier: B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/3F3EDA068CAB11EF8A61C244C4F9AE02.roa Signing time: Thu 31 Jul 2025 04:10:42 +0000 ROA not before: Thu 31 Jul 2025 04:10:42 +0000 ROA not after: Wed 30 Sep 2026 00:00:00 +0000 asID: 153371 IP address blocks: 103.224.172.0/23 maxlen: 24 2401:b60:2c::/48 maxlen: 48 2401:b60:37::/48 maxlen: 48 2401:b60:38::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 03:07:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 528 (0x210) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EE03B, serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4 Validity Not Before: Jul 31 04:10:42 2025 GMT Not After : Sep 30 00:00:00 2026 GMT Subject: CN=688aecc2-4a0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:dd:89:c5:8d:90:6e:d8:2b:99:25:c8:14:9f: 4b:2c:90:84:74:88:52:62:e5:b9:77:2c:bf:d9:cf: 97:68:61:00:20:33:80:83:30:74:d7:ee:58:a5:33: b1:03:e5:af:15:45:83:fb:a9:06:8e:73:17:86:11: 51:6f:2b:a8:19:0d:1e:8b:2a:0e:bf:dd:d3:65:15: 3c:92:ac:db:93:22:c6:d3:87:32:7d:84:83:c2:cb: 3b:ce:e2:d5:79:be:f6:a8:c0:c0:45:95:80:3e:81: a5:ef:87:67:8c:af:a0:26:09:57:03:73:c0:7f:14: 05:11:74:55:53:33:9e:64:27:b3:dc:b9:e4:ee:a7: 57:98:41:7e:63:05:ed:ea:56:22:41:8f:2f:c0:b7: ee:10:ef:24:d7:a8:dc:bb:cd:3d:96:39:79:a3:c6: 60:d5:fe:78:92:46:03:c3:91:ee:ba:e7:e2:11:7b: 2c:53:db:61:67:be:84:c3:a0:65:a7:4e:28:56:7e: 78:a2:b1:bc:6f:fc:c9:e2:d4:be:cb:9c:52:cc:06: 75:83:11:b8:a1:35:7d:70:d4:aa:f1:0b:8c:cc:5a: ea:f5:7d:27:d2:53:8a:7f:ab:b4:c4:71:d2:bf:91: 56:5e:aa:75:f7:d6:6d:78:f6:13:b2:37:b9:43:98: cb:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:B8:D7:6E:CC:C6:5A:20:E3:27:D8:A5:3F:71:19:A5:5B:B2:1C:AD X509v3 Authority Key Identifier: keyid:B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/3F3EDA068CAB11EF8A61C244C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.224.172.0/23 IPv6: 2401:b60:2c::/48 2401:b60:37::-2401:b60:38:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 42:d3:cc:a9:e4:63:05:d6:10:5e:4b:4e:36:ff:bf:84:61:aa: 8c:55:d2:2b:cc:07:58:48:08:7f:18:af:9d:89:90:11:a0:b1: 6f:7e:8e:22:a9:74:80:e3:eb:15:b9:25:61:2b:32:a9:c4:b6: cf:92:84:7a:91:6a:01:b7:81:d3:96:f9:e1:c8:74:1e:f8:e3: 95:ee:61:f5:f2:06:09:dc:69:73:16:94:50:57:bf:05:67:f5: 3e:ff:d4:f6:8c:55:f5:30:23:47:21:1c:a2:83:03:b0:2a:b1: a7:d6:6c:b6:14:e7:40:b8:90:3e:36:e5:31:1f:fd:7f:15:ca: e3:f7:ca:e7:db:38:2d:2e:57:79:6c:44:86:df:70:fe:4e:d5: ca:2e:5d:a3:d1:15:ab:65:2c:3b:5b:32:49:98:c5:0f:5b:2f: 7d:6f:d5:d6:d6:c8:8c:86:03:b1:93:f4:8f:eb:7b:55:e4:59: 50:dd:aa:3d:9a:7c:2e:93:2e:cd:33:d6:fa:b3:35:06:f1:e8: 0e:9a:cc:8f:8e:c7:17:dd:ff:dc:6e:6d:85:77:e0:95:9f:82: a9:3e:07:03:28:4f:57:ea:b7:1f:8a:84:6e:21:d9:fa:6a:89: 83:a8:8e:00:3e:b9:aa:f9:79:d5:6d:8f:80:4d:24:a9:4a:05: f6:04:1b:5f -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICAhAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUUwM0IxMTAvBgNVBAUTKEI5RTYwQ0YxNzlGNEVBQ0JEQjk0OTJCQTVGN0NBQ0Y0 NTIzOUNDRjQwHhcNMjUwNzMxMDQxMDQyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02ODhhZWNjMi00YTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuN2JxY2QbtgrmSXIFJ9LLJCEdIhSYuW5dyy/2c+XaGEAIDOAgzB01+5YpTOx A+WvFUWD+6kGjnMXhhFRbyuoGQ0eiyoOv93TZRU8kqzbkyLG04cyfYSDwss7zuLV eb72qMDARZWAPoGl74dnjK+gJglXA3PAfxQFEXRVUzOeZCez3Lnk7qdXmEF+YwXt 6lYiQY8vwLfuEO8k16jcu809ljl5o8Zg1f54kkYDw5HuuufiEXssU9thZ76Ew6Bl p04oVn54orG8b/zJ4tS+y5xSzAZ1gxG4oTV9cNSq8QuMzFrq9X0n0lOKf6u0xHHS v5FWXqp199ZtePYTsje5Q5jLjwIDAQABo4ICujCCArYwHQYDVR0OBBYEFES4127M xlog4yfYpT9xGaVbshytMB8GA1UdIwQYMBaAFLnmDPF59OrL25SSul98rPRSOcz0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTAzQi9BRjk2NzE2NjBC NkUxMUVFQjI5QkIxNzBDNEY5QUUwMi91ZVlNOFhuMDZzdmJsSks2WDN5czlGSTV6 UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3VlWU04WG4wNnN2YmxKSzZYM3lzOUZJNXpQUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUUwM0IvQUY5NjcxNjYwQjZFMTFFRUIyOUJCMTcwQzRGOUFFMDIvM0YzRURBMDY4 Q0FCMTFFRjhBNjFDMjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMAwEAgABMAYDBAFn4KwwIwQCAAIwHQMHACQBC2AALDASAwcAJAELYAA3AwcA JAELYAA4MA0GCSqGSIb3DQEBCwUAA4IBAQBC08yp5GMF1hBeS042/7+EYaqMVdIr zAdYSAh/GK+diZARoLFvfo4iqXSA4+sVuSVhKzKpxLbPkoR6kWoBt4HTlvnhyHQe +OOV7mH18gYJ3GlzFpRQV78FZ/U+/9T2jFX1MCNHIRyigwOwKrGn1my2FOdAuJA+ NuUxH/1/Fcrj98rn2zgtLld5bESG33D+TtXKLl2j0RWrZSw7WzJJmMUPWy99b9XW 1siMhgOxk/SP63tV5FlQ3ao9mnwuky7NM9b6szUG8egOmsyPjscX3f/cbm2Fd+CV n4KpPgcDKE9X6rcfioRuIdn6aomDqI4APrmq+XnVbY+ATSSpSgX2BBtf -----END CERTIFICATE-----Generated at Wed Nov 5 12:24:12 2025 by rpki-client