$ rpki-client -vvf rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3C1382D0BEA211E68902BC3DC4F9AE02.roa File: 3C1382D0BEA211E68902BC3DC4F9AE02.roa (raw, json) Hash identifier: 4tdhNCoXuQpi6+LVzEflBnVNgk5q7DhclUHPWv4LN4k= Subject key identifier: BC:54:2F:97:E3:A2:B2:6B:78:78:7C:DC:65:34:57:18:BE:FF:F8:50 Certificate issuer: /CN=A914E1E3/serialNumber=DC57E95F6292133A29E38848365096235D1937CA Certificate serial: 1D2F Authority key identifier: DC:57:E9:5F:62:92:13:3A:29:E3:88:48:36:50:96:23:5D:19:37:CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3C1382D0BEA211E68902BC3DC4F9AE02.roa Signing time: Sat 30 Aug 2025 16:34:50 +0000 ROA not before: Sat 30 Aug 2025 16:34:50 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 134452 IP address blocks: 103.194.152.0/22 maxlen: 22 103.194.152.0/23 maxlen: 23 103.194.152.0/23 maxlen: 24 103.194.152.0/24 maxlen: 24 103.194.153.0/24 maxlen: 24 103.194.154.0/23 maxlen: 23 103.194.154.0/24 maxlen: 24 103.194.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.crl rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:27:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7471 (0x1d2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E1E3, serialNumber=DC57E95F6292133A29E38848365096235D1937CA Validity Not Before: Aug 30 16:34:50 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=68b3282a-8046 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:14:ce:46:9d:4c:38:28:3c:12:70:46:d5:8a: b5:d8:cf:61:8d:46:5d:07:88:bb:3e:c7:02:65:4a: d0:21:4a:10:0a:39:ee:cf:25:f2:fb:87:de:ae:57: 7b:51:04:ff:ba:b7:e8:cd:79:b6:3a:cc:17:5b:e7: 38:eb:52:69:0d:14:e1:fa:6a:91:ac:4e:a5:75:23: a5:a6:98:4b:0c:e8:23:61:5c:14:d8:4c:ce:38:85: a8:6c:9d:0e:05:09:ff:20:c1:08:25:02:a4:90:c1: b4:37:26:5e:5a:f5:4b:19:72:d1:d6:af:c5:0f:8b: f2:d5:15:30:59:49:39:ab:e8:d9:a5:d9:88:78:0f: 5a:c3:c4:8b:65:85:04:da:b1:aa:d8:f5:ac:89:73: bd:b6:ec:e1:34:bf:a3:38:35:90:10:a1:3d:89:33: 24:26:59:41:75:70:0b:23:35:22:c1:1c:de:91:1d: 74:4f:d7:4d:be:05:4d:93:7a:44:43:8e:3f:c3:d4: ce:33:9d:ae:7a:21:eb:54:26:83:c2:17:be:f0:db: 65:a9:b5:35:fa:c8:cf:2e:c2:98:eb:7e:aa:a1:6d: db:e5:dc:2c:08:bc:8c:9b:38:33:df:fa:70:9c:27: af:9d:49:32:d6:1a:eb:3a:91:de:e2:ed:ff:98:5e: 36:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:54:2F:97:E3:A2:B2:6B:78:78:7C:DC:65:34:57:18:BE:FF:F8:50 X509v3 Authority Key Identifier: keyid:DC:57:E9:5F:62:92:13:3A:29:E3:88:48:36:50:96:23:5D:19:37:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3FfpX2KSEzop44hINlCWI10ZN8o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FfpX2KSEzop44hINlCWI10ZN8o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E1E3/021AE92ABDE311E684CE0B54C4F9AE02/3C1382D0BEA211E68902BC3DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.194.152.0/22 Signature Algorithm: sha256WithRSAEncryption 9c:59:92:83:f1:20:66:4a:e2:c3:1e:87:5e:7b:f0:83:3f:57: 61:d5:89:5b:67:b4:2c:90:13:34:03:49:bf:3b:40:12:9f:92: 69:6d:4d:b3:6a:e8:c8:98:24:b0:8a:31:1f:87:32:c7:92:56: 42:ed:b2:66:46:46:16:6a:51:3f:05:dc:9a:ad:51:7e:28:bf: 4e:bf:0d:2a:cf:68:e3:d5:ed:34:88:84:1f:a1:89:0b:af:bb: 88:2f:05:a5:ff:f2:54:4f:92:1c:9c:8f:41:ea:23:de:a3:d2: 40:a6:22:04:6e:c8:70:63:a9:a9:e8:fd:32:84:8d:8d:e3:f4: 10:e7:e2:71:15:4d:aa:f5:a3:7d:f1:b2:ce:a9:07:a2:a8:9f: 93:bd:96:51:7b:3a:26:b4:93:bf:b2:42:fc:9b:bc:b9:67:a1: f0:97:2a:94:94:ea:6b:e9:6f:ef:8c:9c:9e:3b:6e:76:f1:cf: 25:3d:d9:41:4a:c5:33:6e:6f:3b:d0:26:43:43:30:a7:5b:04: f5:bf:65:02:1e:0d:19:e7:2d:54:cd:0b:f6:d4:73:11:59:59: 82:ba:5e:43:c6:f5:a8:1d:24:df:33:f6:fb:49:db:49:c6:6d: 35:5d:71:45:f5:38:d8:dc:33:5c:22:22:14:e6:8c:ac:ae:92: de:08:1c:93 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICHS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUxRTMxMTAvBgNVBAUTKERDNTdFOTVGNjI5MjEzM0EyOUUzODg0ODM2NTA5NjIz NUQxOTM3Q0EwHhcNMjUwODMwMTYzNDUwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OGIzMjgyYS04MDQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2RTORp1MOCg8EnBG1Yq12M9hjUZdB4i7PscCZUrQIUoQCjnuzyXy+4ferld7 UQT/urfozXm2OswXW+c461JpDRTh+mqRrE6ldSOlpphLDOgjYVwU2EzOOIWobJ0O BQn/IMEIJQKkkMG0NyZeWvVLGXLR1q/FD4vy1RUwWUk5q+jZpdmIeA9aw8SLZYUE 2rGq2PWsiXO9tuzhNL+jODWQEKE9iTMkJllBdXALIzUiwRzekR10T9dNvgVNk3pE Q44/w9TOM52ueiHrVCaDwhe+8NtlqbU1+sjPLsKY636qoW3b5dwsCLyMmzgz3/pw nCevnUky1hrrOpHe4u3/mF42wQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLxUL5fj orJreHh83GU0Vxi+//hQMB8GA1UdIwQYMBaAFNxX6V9ikhM6KeOISDZQliNdGTfK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTFFMy8wMjFBRTkyQUJE RTMxMUU2ODRDRTBCNTRDNEY5QUUwMi8zRmZwWDJLU0V6b3A0NGhJTmxDV0kxMFpO OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZnBYMktTRXpvcDQ0aElObENXSTEwWk44by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEUxRTMvMDIxQUU5MkFCREUzMTFFNjg0Q0UwQjU0QzRGOUFFMDIvM0MxMzgyRDBC RUEyMTFFNjg5MDJCQzNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBAJnwpgwDQYJKoZIhvcNAQELBQADggEBAJxZkoPxIGZK4sMe h1578IM/V2HViVtntCyQEzQDSb87QBKfkmltTbNq6MiYJLCKMR+HMseSVkLtsmZG RhZqUT8F3JqtUX4ov06/DSrPaOPV7TSIhB+hiQuvu4gvBaX/8lRPkhycj0HqI96j 0kCmIgRuyHBjqano/TKEjY3j9BDn4nEVTar1o33xss6pB6Kon5O9llF7Oia0k7+y QvybvLlnofCXKpSU6mvpb++MnJ47bnbxzyU92UFKxTNubzvQJkNDMKdbBPW/ZQIe DRnnLVTNC/bUcxFZWYK6XkPG9agdJN8z9vtJ20nGbTVdcUX1ONjcM1wiIhTmjKyu kt4IHJM= -----END CERTIFICATE-----Generated at Mon Oct 20 16:44:07 2025 by rpki-client