$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/3C5E55F041A411ECA73C8C0EC4F9AE02.roa File: 3C5E55F041A411ECA73C8C0EC4F9AE02.roa (raw, json) Hash identifier: 4TxPeOpygNRd5FzhVRcLMiJfVHn++ivvWRelDGah+N0= Subject key identifier: F4:01:42:3A:A8:A5:88:9B:50:CE:0E:4B:51:21:44:B1:DF:29:DB:CF Certificate issuer: /CN=A91B2C88/serialNumber=DA013E178358CB35A8B765C9BC090AE9CF1C4FBE Certificate serial: 06CB Authority key identifier: DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/3C5E55F041A411ECA73C8C0EC4F9AE02.roa Signing time: Sun 01 Mar 2026 12:34:05 +0000 ROA not before: Tue 18 Nov 2025 21:42:37 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 44356 IP address blocks: 103.229.96.0/24 maxlen: 24 180.178.72.0/22 maxlen: 22 180.178.72.0/24 maxlen: 24 180.178.73.0/24 maxlen: 24 180.178.74.0/24 maxlen: 24 180.178.75.0/24 maxlen: 24 180.178.76.0/24 maxlen: 24 180.178.77.0/24 maxlen: 24 180.178.78.0/23 maxlen: 24 2402:4400::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.crl rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 31 Mar 2026 21:59:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1739 (0x6cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2C88, serialNumber=DA013E178358CB35A8B765C9BC090AE9CF1C4FBE Validity Not Before: Nov 18 21:42:37 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69a4323d-cd04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:29:a1:b1:1f:4c:bc:c9:41:fe:2e:33:5f:80: dd:44:e3:e9:77:83:28:9c:8b:e5:9c:50:4b:7c:67: c6:80:1e:d5:c0:dc:94:ed:63:8e:cd:ef:55:66:ee: 8f:5f:65:3e:38:c3:1f:47:12:5c:9c:b2:cd:25:5a: b0:7a:5e:1d:ef:9a:e7:8c:e1:e2:eb:f6:de:c6:0d: c5:6c:60:0f:4b:3d:4d:ee:3e:15:b1:7e:3d:27:69: 8d:c8:7e:8b:fa:26:73:4f:f8:64:87:3b:44:ce:fb: 65:85:da:70:6a:2c:a4:22:ec:56:1b:a4:8d:15:fd: 04:d0:06:6e:ce:f9:c8:72:e4:99:e1:1b:79:47:ec: e9:81:28:ea:f4:23:ab:e4:11:b9:b2:52:56:05:1e: 3f:54:92:b9:a2:b7:ef:c5:97:39:02:75:ac:d6:8f: 55:04:51:c4:6c:8c:07:48:66:01:cd:fe:26:2e:1d: de:63:56:08:1b:ed:ab:0f:27:e2:83:4b:c5:3b:da: b0:95:f7:c4:d4:9f:8d:29:dd:f0:8c:3f:f5:f1:31: a3:33:bb:9e:2d:42:20:8e:d6:85:9f:2a:40:04:42: e7:01:3e:f8:0d:28:93:18:5a:a4:8e:45:b8:a2:5a: 54:c9:d2:62:2a:aa:b6:a4:18:68:0e:7d:ba:89:22: 7a:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:01:42:3A:A8:A5:88:9B:50:CE:0E:4B:51:21:44:B1:DF:29:DB:CF X509v3 Authority Key Identifier: keyid:DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/3C5E55F041A411ECA73C8C0EC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.229.96.0/24 180.178.72.0/21 IPv6: 2402:4400::/32 Signature Algorithm: sha256WithRSAEncryption 66:37:09:7d:af:10:57:7a:60:fd:fe:e3:b3:16:ee:6b:57:dd: 5f:61:d3:0c:98:f4:14:0f:10:76:b3:3b:f9:dd:17:9f:c6:9a: 1a:79:22:af:8e:51:ab:09:d9:13:3b:e9:64:30:ca:0a:a3:9f: 38:67:21:75:db:f3:ee:53:77:10:37:b6:11:7a:de:0a:5f:d4: 24:ab:e2:89:e9:38:6d:0f:01:5c:ba:7a:1e:49:39:f4:a1:a6: 89:41:4a:b1:54:37:32:e2:66:d9:90:c4:2d:f0:5b:fd:78:4a: 34:81:aa:94:0a:96:a9:06:27:21:96:8a:eb:cb:70:c6:be:66: 5f:69:97:ba:37:26:60:bb:a7:7f:a4:44:cd:d8:69:cc:6a:6d: c5:b4:af:9f:af:65:bc:41:73:8b:a1:84:f4:38:1d:ef:bf:b8: 54:9e:2f:0e:14:41:91:13:89:1b:7d:20:3c:0c:25:8a:1c:55: b1:60:e8:73:30:cd:64:db:d7:e6:80:ee:2b:97:28:c0:4e:75: 59:a2:a4:b7:e7:95:51:6a:e1:a8:b8:46:eb:37:cf:7c:9f:ed: 4e:c2:26:f4:05:63:81:02:36:9f:7d:f5:93:9e:c7:a3:2e:a6: a8:f2:71:6e:62:0e:72:8c:02:3e:20:8a:4f:15:0e:cd:ac:52: 18:8a:67:1d -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICBsswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJDODgxMTAvBgNVBAUTKERBMDEzRTE3ODM1OENCMzVBOEI3NjVDOUJDMDkwQUU5 Q0YxQzRGQkUwHhcNMjUxMTE4MjE0MjM3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0MzIzZC1jZDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5SmhsR9MvMlB/i4zX4DdROPpd4MonIvlnFBLfGfGgB7VwNyU7WOOze9VZu6P X2U+OMMfRxJcnLLNJVqwel4d75rnjOHi6/bexg3FbGAPSz1N7j4VsX49J2mNyH6L +iZzT/hkhztEzvtlhdpwaiykIuxWG6SNFf0E0AZuzvnIcuSZ4Rt5R+zpgSjq9COr 5BG5slJWBR4/VJK5orfvxZc5AnWs1o9VBFHEbIwHSGYBzf4mLh3eY1YIG+2rDyfi g0vFO9qwlffE1J+NKd3wjD/18TGjM7ueLUIgjtaFnypABELnAT74DSiTGFqkjkW4 olpUydJiKqq2pBhoDn26iSJ6UwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFPQBQjqo pYibUM4OS1EhRLHfKdvPMB8GA1UdIwQYMBaAFNoBPheDWMs1qLdlybwJCunPHE++ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkM4OC8yNDI5OURDQTk3 OEUxMUVCQkQ4MUIwNTVDNEY5QUUwMi8yZ0UtRjROWXl6V290MlhKdkFrSzZjOGNU NzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJnRS1GNE5ZeXpXb3QyWEp2QWtLNmM4Y1Q3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjJDODgvMjQyOTlEQ0E5NzhFMTFFQkJEODFCMDU1QzRGOUFFMDIvM0M1RTU1RjA0 MUE0MTFFQ0E3M0M4QzBFQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQAZ+VgAwQDtLJIMA0EAgACMAcDBQAkAkQAMA0GCSqGSIb3DQEBCwUA A4IBAQBmNwl9rxBXemD9/uOzFu5rV91fYdMMmPQUDxB2szv53RefxpoaeSKvjlGr CdkTO+lkMMoKo584ZyF12/PuU3cQN7YRet4KX9Qkq+KJ6ThtDwFcunoeSTn0oaaJ QUqxVDcy4mbZkMQt8Fv9eEo0gaqUCpapBichlorry3DGvmZfaZe6NyZgu6d/pETN 2GnMam3FtK+fr2W8QXOLoYT0OB3vv7hUni8OFEGRE4kbfSA8DCWKHFWxYOhzMM1k 29fmgO4rlyjATnVZoqS355VRauGouEbrN898n+1Owib0BWOBAjafffWTnsejLqao 8nFuYg5yjAI+IIpPFQ7NrFIYimcd -----END CERTIFICATE-----Generated at Thu Mar 26 07:28:30 2026 by rpki-client