$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3F8C7AFCD4D211F0AAA38168C4F9AE02.roa File: 3F8C7AFCD4D211F0AAA38168C4F9AE02.roa (raw, json) Hash identifier: 6/6l+GbC4OEgCabFw3FXhrdcI86km7BgbGBr/nsLkXw= Subject key identifier: C5:86:1B:61:CA:2B:AB:9C:4F:1E:82:4B:82:12:CD:37:D5:EE:3C:59 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: DB9A Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3F8C7AFCD4D211F0AAA38168C4F9AE02.roa Signing time: Mon 09 Mar 2026 05:51:12 +0000 ROA not before: Mon 09 Mar 2026 05:51:12 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 141480 IP address blocks: 103.155.130.0/23 maxlen: 24 103.160.236.0/23 maxlen: 24 163.227.152.0/24 maxlen: 24 163.227.153.0/24 maxlen: 24 203.109.33.0/24 maxlen: 24 203.109.34.0/24 maxlen: 24 203.109.35.0/24 maxlen: 24 2001:df1:f840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Apr 2026 19:04:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56218 (0xdb9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Mar 9 05:51:12 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69ae5fd0-c86e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:d8:59:bd:56:35:ca:59:c1:98:69:61:29:48: e3:d3:cb:00:8f:96:55:04:34:a7:47:b9:3a:58:37: da:1c:aa:21:30:27:b2:5f:47:cf:5c:78:c2:9b:3c: 72:69:72:fc:a4:b0:be:58:04:17:17:d6:56:96:70: 57:7d:d1:ae:23:d5:3b:f3:76:30:f2:60:c2:b8:53: a8:25:0b:32:fe:46:a4:c9:40:e3:c5:c6:ce:23:fa: e5:e8:1b:b4:db:0d:7b:bb:7d:3c:3d:78:06:9a:75: cf:95:9b:57:9c:34:be:e4:8f:9a:c9:ae:be:4f:6f: 77:d9:77:9b:e6:f1:99:8a:c9:22:75:4d:64:1f:97: aa:90:44:86:6f:06:22:b9:01:91:7a:24:0e:93:6b: 36:ec:59:f0:5e:65:6f:d0:cd:49:e8:1d:5c:ec:9c: 98:9f:64:a3:ba:74:1c:3a:ec:16:1f:4e:83:d6:64: 59:ad:ef:7d:8b:6d:8b:18:56:70:b4:0c:63:66:a0: 36:b2:d7:54:f3:7f:4b:82:86:a4:d7:d1:60:b5:d6: 29:44:1f:fa:96:d1:a8:19:d9:60:96:dc:44:20:b9: 42:7d:28:cb:27:06:d7:ab:92:47:3e:82:52:73:3b: ab:d7:82:63:f4:e9:19:f8:d5:d3:65:48:67:b7:eb: 8f:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:86:1B:61:CA:2B:AB:9C:4F:1E:82:4B:82:12:CD:37:D5:EE:3C:59 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3F8C7AFCD4D211F0AAA38168C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.155.130.0/23 103.160.236.0/23 163.227.152.0/23 203.109.33.0-203.109.35.255 IPv6: 2001:df1:f840::/48 Signature Algorithm: sha256WithRSAEncryption 04:9e:9f:1a:dd:c4:ab:33:b4:75:d7:93:f8:98:96:42:9a:f4: f5:f1:c3:17:8b:27:d5:fb:07:cf:a8:79:36:47:4b:62:69:82: bf:a4:05:32:bd:a4:aa:14:e9:f0:ef:4c:6b:e6:d8:57:34:40: a4:05:88:96:f2:b8:5e:d0:9a:7f:09:06:07:85:f5:53:41:3c: 25:59:6d:3f:b1:c8:a7:3a:82:08:2b:2d:7f:d3:69:f4:14:c9: d2:bd:73:81:fb:42:a0:ff:57:66:2b:88:17:40:4e:c6:80:c9: 5c:ff:e4:aa:e1:46:0b:70:e6:80:a6:a9:8b:82:fc:c6:ff:a7: 0f:23:c7:19:e2:01:ed:1e:f3:1f:58:b3:89:5a:d4:a2:97:42: 72:2d:fa:4f:68:71:49:4c:b6:4a:44:fa:05:ca:bf:82:36:6c: 6f:7a:27:af:5d:13:a6:ca:54:48:9e:e5:7b:9b:dd:de:78:32: 07:66:c7:54:25:12:53:b1:4c:97:80:b5:e5:c2:39:f1:2c:0c: 26:83:a4:09:eb:0e:bc:1b:d8:b6:73:a4:1c:c3:89:ce:11:3c: cb:af:3a:37:fc:31:c4:0d:79:89:a2:df:c1:d3:d8:cf:43:90: 79:78:61:6b:2c:5b:9c:a3:9d:39:bf:8b:9b:04:39:51:20:2a: ba:34:e3:f2 -----BEGIN CERTIFICATE----- MIIFaDCCBFCgAwIBAgIDANuaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI2MDMwOTA1NTExMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjlhZTVmZDAtYzg2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJbYWb1WNcpZwZhpYSlI49PLAI+WVQQ0p0e5Olg32hyqITAnsl9Hz1x4wps8 cmly/KSwvlgEFxfWVpZwV33RriPVO/N2MPJgwrhTqCULMv5GpMlA48XGziP65egb tNsNe7t9PD14Bpp1z5WbV5w0vuSPmsmuvk9vd9l3m+bxmYrJInVNZB+XqpBEhm8G IrkBkXokDpNrNuxZ8F5lb9DNSegdXOycmJ9ko7p0HDrsFh9Og9ZkWa3vfYttixhW cLQMY2agNrLXVPN/S4KGpNfRYLXWKUQf+pbRqBnZYJbcRCC5Qn0oyycG16uSRz6C UnM7q9eCY/TpGfjV02VIZ7frjy8CAwEAAaOCAoswggKHMB0GA1UdDgQWBBTFhhth yiurnE8egkuCEs031e48WTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBlgYIKwYBBQUHAQsEgYkwgYYwgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzNGOEM3QUZD RDREMjExRjBBQUEzODE2OEM0RjlBRTAyLnJvYTBKBggrBgEFBQcBBwEB/wQ7MDkw JgQCAAEwIAMEAWebggMEAWeg7AMEAaPjmDAMAwQAy20hAwQCy20gMA8EAgACMAkD BwAgAQ3x+EAwDQYJKoZIhvcNAQELBQADggEBAASenxrdxKsztHXXk/iYlkKa9PXx wxeLJ9X7B8+oeTZHS2Jpgr+kBTK9pKoU6fDvTGvm2Fc0QKQFiJbyuF7Qmn8JBgeF 9VNBPCVZbT+xyKc6gggrLX/TafQUydK9c4H7QqD/V2YriBdATsaAyVz/5KrhRgtw 5oCmqYuC/Mb/pw8jxxniAe0e8x9Ys4la1KKXQnIt+k9ocUlMtkpE+gXKv4I2bG96 J69dE6bKVEie5Xub3d54Mgdmx1QlElOxTJeAteXCOfEsDCaDpAnrDrwb2LZzpBzD ic4RPMuvOjf8McQNeYmi38HT2M9DkHl4YWssW5yjnTm/i5sEOVEgKro04/I= -----END CERTIFICATE-----Generated at Thu Mar 26 10:10:46 2026 by rpki-client