$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/3B4FFDCA227911F1A65F03CCA4833773.roa File: 3B4FFDCA227911F1A65F03CCA4833773.roa (raw, json) Hash identifier: PUzmzuD5bHk7VFgIzT0roiBPsQW1af5ietmADY31t40= Subject key identifier: 61:B0:5C:BF:E4:F7:4B:9D:EA:E7:0D:59:C3:F7:84:A5:7A:FD:2C:CF Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013 Certificate serial: 07F1 Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/3B4FFDCA227911F1A65F03CCA4833773.roa Signing time: Wed 18 Mar 2026 03:19:27 +0000 ROA not before: Wed 18 Mar 2026 03:19:27 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 42960 IP address blocks: 43.247.132.0/22 maxlen: 24 43.254.164.0/22 maxlen: 24 43.255.120.0/22 maxlen: 24 43.255.156.0/23 maxlen: 24 43.255.159.0/24 maxlen: 24 103.24.216.0/22 maxlen: 24 103.30.76.0/22 maxlen: 24 103.171.34.0/23 maxlen: 24 103.231.56.0/22 maxlen: 24 103.240.196.0/22 maxlen: 24 2001:df7:3480::/48 maxlen: 48 2401:2660::/36 maxlen: 36 2401:2660:1000::/36 maxlen: 36 2401:2660:1001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 22:42:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2033 (0x7f1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139322, serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013 Validity Not Before: Mar 18 03:19:27 2026 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69ba19bf-4c6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:60:97:cb:34:83:0f:7f:27:5e:3d:13:43:0e: 7e:98:77:ae:e3:1d:71:ef:cd:c4:79:ea:2d:7c:9c: c3:76:96:cd:76:b0:9f:92:e7:93:41:d3:38:a3:66: a0:20:d3:ef:21:d3:61:d8:34:e2:d8:e4:ce:12:96: 88:8e:4a:0a:0b:18:a1:af:7c:55:87:0f:b7:80:11: b6:f5:6d:c4:72:07:03:5a:73:e5:60:25:e2:8f:56: f9:8b:1d:d2:c5:f0:52:06:41:95:d1:c3:82:84:06: 4b:e7:fb:8a:b3:f7:bc:a3:bd:62:17:0f:2e:d4:f9: 4b:fc:f6:31:3a:e4:85:df:1f:49:58:60:e4:20:fe: 52:79:60:e5:cd:98:67:ab:79:ca:c9:b8:4e:c3:05: 68:32:31:50:0d:a5:70:ff:86:3d:d4:1b:64:d3:70: 79:b7:39:f0:2f:06:b8:ff:60:31:d5:d1:74:f0:43: 6c:0a:be:c5:66:33:98:06:e6:4e:d8:2b:2e:4f:01: f7:a6:e3:73:d2:d2:9d:73:a8:a2:87:54:b5:b3:ab: 3e:2e:8f:38:b9:25:53:d7:35:cb:99:3e:f5:5d:7b: 52:40:a1:3a:b9:0a:b1:da:d1:b3:ca:6c:07:02:99: 45:57:33:f1:c3:c6:11:14:5e:12:fc:8c:d8:db:5f: 35:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:B0:5C:BF:E4:F7:4B:9D:EA:E7:0D:59:C3:F7:84:A5:7A:FD:2C:CF X509v3 Authority Key Identifier: keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/3B4FFDCA227911F1A65F03CCA4833773.roa sbgp-ipAddrBlock: critical IPv4: 43.247.132.0/22 43.254.164.0/22 43.255.120.0/22 43.255.156.0/23 43.255.159.0/24 103.24.216.0/22 103.30.76.0/22 103.171.34.0/23 103.231.56.0/22 103.240.196.0/22 IPv6: 2001:df7:3480::/48 2401:2660::/35 Signature Algorithm: sha256WithRSAEncryption aa:24:d6:ca:ba:42:6c:83:a7:ac:8f:08:9e:a2:8d:0e:b7:95: c7:06:e8:67:44:10:58:55:fc:02:49:26:4a:4f:8c:aa:03:57: 31:c7:58:10:ec:8b:41:e3:cb:e5:53:ac:0f:81:af:38:63:23: 8d:d8:db:1d:93:77:b5:c2:18:dd:02:a0:f8:31:2f:f2:7a:30: d6:8c:19:74:5c:0e:50:12:ad:54:83:a6:25:2a:84:d8:d8:17: 9d:25:82:b6:93:07:f9:44:d4:9a:94:6e:85:99:e3:50:82:f5: 1a:dd:86:b0:65:63:fb:fd:1a:06:ad:87:f9:79:4a:d0:9f:4d: bd:6d:f6:42:a0:71:a9:c6:6d:55:d4:00:a1:3b:f2:47:33:ae: 95:0a:39:d6:55:35:10:c6:1e:a3:76:99:aa:3e:d2:84:c5:6d: cd:c4:46:96:3a:e2:74:c8:29:ee:2b:df:e8:74:66:af:66:39: fc:ab:9f:e4:b3:3b:2a:f0:54:45:12:1a:d2:86:d7:ac:7e:86: 4d:67:9c:2b:dc:77:f3:37:50:a7:ef:78:02:f2:1f:2e:bb:c0: 01:76:d0:27:cd:88:6d:78:4f:44:6d:ee:a6:cd:48:aa:ee:8b: ea:46:16:4f:34:d5:1a:00:bc:df:9f:89:da:ff:76:36:0d:a0: 5b:2a:65:e4 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgICB/EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF QTNDNzEwMTMwHhcNMjYwMzE4MDMxOTI3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWJhMTliZi00YzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm2CXyzSDD38nXj0TQw5+mHeu4x1x783EeeotfJzDdpbNdrCfkueTQdM4o2ag INPvIdNh2DTi2OTOEpaIjkoKCxihr3xVhw+3gBG29W3EcgcDWnPlYCXij1b5ix3S xfBSBkGV0cOChAZL5/uKs/e8o71iFw8u1PlL/PYxOuSF3x9JWGDkIP5SeWDlzZhn q3nKybhOwwVoMjFQDaVw/4Y91Btk03B5tznwLwa4/2Ax1dF08ENsCr7FZjOYBuZO 2CsuTwH3puNz0tKdc6iih1S1s6s+Lo84uSVT1zXLmT71XXtSQKE6uQqx2tGzymwH AplFVzPxw8YRFF4S/IzY21817wIDAQABo4ICrzCCAqswHQYDVR0OBBYEFGGwXL/k 90ud6ucNWcP3hKV6/SzPMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2 NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvM0I0RkZEQ0Ey Mjc5MTFGMUE2NUYwM0NDQTQ4MzM3NzMucm9hMG4GCCsGAQUFBwEHAQH/BF8wXTBC BAIAATA8AwQCK/eEAwQCK/6kAwQCK/94AwQBK/+cAwQAK/+fAwQCZxjYAwQCZx5M AwQBZ6siAwQCZ+c4AwQCZ/DEMBcEAgACMBEDBwAgAQ33NIADBgUkASZgADANBgkq hkiG9w0BAQsFAAOCAQEAqiTWyrpCbIOnrI8InqKNDreVxwboZ0QQWFX8AkkmSk+M qgNXMcdYEOyLQePL5VOsD4GvOGMjjdjbHZN3tcIY3QKg+DEv8now1owZdFwOUBKt VIOmJSqE2NgXnSWCtpMH+UTUmpRuhZnjUIL1Gt2GsGVj+/0aBq2H+XlK0J9NvW32 QqBxqcZtVdQAoTvyRzOulQo51lU1EMYeo3aZqj7ShMVtzcRGljridMgp7ivf6HRm r2Y5/Kuf5LM7KvBURRIa0obXrH6GTWecK9x38zdQp+94AvIfLrvAAXbQJ82IbXhP RG3ups1Iqu6L6kYWTzTVGgC835+J2v92Ng2gWypl5A== -----END CERTIFICATE-----Generated at Thu Mar 26 17:45:20 2026 by rpki-client