$ rpki-client -vvf rpki.apnic.net/member_repository/A915CB36/C6D4D0BC733511F09CC59451C4F9AE02/A34995A0733611F08B36357EC4F9AE02.roa File: A34995A0733611F08B36357EC4F9AE02.roa (raw, json) Hash identifier: 3gyKIBhhVCuLkaaGqX6IUF1yiNlF1HDxwo5W0jFJsGs= Subject key identifier: C7:67:A5:7D:E7:B0:46:5A:BB:31:B2:DF:3D:7A:90:C0:87:CD:6E:D4 Certificate issuer: /CN=A915CB36/serialNumber=34354CFCDA22985161B5EB628B5493FDD2E96C3B Certificate serial: 14 Authority key identifier: 34:35:4C:FC:DA:22:98:51:61:B5:EB:62:8B:54:93:FD:D2:E9:6C:3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NDVM_NoimFFhtetii1ST_dLpbDs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915CB36/C6D4D0BC733511F09CC59451C4F9AE02/A34995A0733611F08B36357EC4F9AE02.roa Signing time: Tue 02 Sep 2025 05:03:22 +0000 ROA not before: Tue 02 Sep 2025 05:03:22 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 23693 IP address blocks: 39.192.0.0/10 maxlen: 10 39.194.1.0/24 maxlen: 24 39.194.2.0/24 maxlen: 24 39.194.3.0/24 maxlen: 24 39.194.4.0/24 maxlen: 24 39.194.5.0/24 maxlen: 24 39.194.6.0/24 maxlen: 24 39.194.7.0/24 maxlen: 24 39.194.8.0/24 maxlen: 24 39.194.9.0/24 maxlen: 24 39.194.10.0/24 maxlen: 24 39.194.11.0/24 maxlen: 24 39.194.12.0/24 maxlen: 24 39.194.13.0/24 maxlen: 24 39.194.14.0/24 maxlen: 24 39.194.15.0/24 maxlen: 24 39.194.16.0/24 maxlen: 24 43.255.196.0/22 maxlen: 22 103.239.188.0/22 maxlen: 22 2400:82e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915CB36/C6D4D0BC733511F09CC59451C4F9AE02/NDVM_NoimFFhtetii1ST_dLpbDs.crl rsync://rpki.apnic.net/member_repository/A915CB36/C6D4D0BC733511F09CC59451C4F9AE02/NDVM_NoimFFhtetii1ST_dLpbDs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NDVM_NoimFFhtetii1ST_dLpbDs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:16:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915CB36, serialNumber=34354CFCDA22985161B5EB628B5493FDD2E96C3B Validity Not Before: Sep 2 05:03:22 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68b67a99-8708 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:75:ff:c8:94:c6:9a:c5:18:28:5b:55:e2:67: c0:d2:60:20:f4:81:dd:58:ae:3f:06:25:0c:46:d9: a9:b8:0a:ca:dd:fa:d1:75:5f:4b:5c:6b:1b:43:bb: 01:52:00:8e:56:1f:c5:9c:ed:80:dc:53:4b:d1:08: 0d:2a:d4:a2:ff:f7:40:08:ab:a6:da:d9:be:ad:3c: a8:01:cb:31:73:d8:1c:39:3c:67:5b:bb:fd:2f:b7: c8:33:6f:83:65:86:c0:ba:65:2e:e7:20:c7:c3:31: 23:bb:52:fd:0a:13:cd:4a:1b:37:b7:47:94:91:1f: 81:74:d5:90:d8:39:c8:55:fc:06:b9:e8:2b:d8:ce: c5:ed:12:2f:43:98:bd:18:71:6d:3a:d0:dc:b1:7f: 3f:21:87:53:1a:8f:23:9e:b1:bc:9b:cf:16:10:a6: 71:1d:cb:f5:61:bb:d9:42:3f:6e:37:2a:95:c0:95: ba:b0:0c:27:77:1d:3d:65:f6:d6:6d:b7:c3:29:2f: 1d:4f:83:53:2f:f9:1e:f9:3f:43:8d:e6:47:c8:29: 74:26:36:17:39:73:fb:1f:3a:53:10:52:73:22:d8: 6c:f2:f0:a8:41:bd:b1:50:4a:07:2f:39:f6:90:a8: ef:b5:ed:47:d8:e7:c1:fc:d4:47:f3:27:2e:19:d3: 85:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:67:A5:7D:E7:B0:46:5A:BB:31:B2:DF:3D:7A:90:C0:87:CD:6E:D4 X509v3 Authority Key Identifier: keyid:34:35:4C:FC:DA:22:98:51:61:B5:EB:62:8B:54:93:FD:D2:E9:6C:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915CB36/C6D4D0BC733511F09CC59451C4F9AE02/NDVM_NoimFFhtetii1ST_dLpbDs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NDVM_NoimFFhtetii1ST_dLpbDs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915CB36/C6D4D0BC733511F09CC59451C4F9AE02/A34995A0733611F08B36357EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 39.192.0.0/10 43.255.196.0/22 103.239.188.0/22 IPv6: 2400:82e0::/32 Signature Algorithm: sha256WithRSAEncryption 5e:ec:33:92:61:88:da:72:26:22:fa:e2:0b:c6:94:41:e4:26: 32:c7:e0:2a:00:15:f6:2a:71:87:ed:1b:c6:15:ba:bf:d5:4e: af:dd:79:c9:67:36:4b:47:13:99:02:76:e1:52:bd:fe:89:64: 46:9a:39:62:af:ff:5e:62:f5:48:72:a4:5a:10:c0:b7:8c:db: d9:7b:bc:aa:70:c7:90:44:77:58:04:97:8c:f7:c2:be:f2:ee: bd:f9:be:3a:db:4b:5f:4b:39:99:19:95:ce:05:9f:d4:6e:77: 4c:be:96:fa:45:98:7d:03:3d:76:2d:6f:a1:a9:0c:52:28:01: 5e:1a:ca:92:9a:3e:b4:bd:71:90:47:93:9a:81:8c:2d:c6:31: 4a:1d:dd:57:9a:c1:ee:bf:99:a9:e4:7d:c4:c8:1a:ae:4e:d8: f6:94:d0:ce:68:11:7a:9b:cd:51:76:41:6a:a1:a5:58:7e:00: 5e:3e:5b:f1:99:86:53:0c:39:4e:6b:53:2f:7f:89:37:3f:88: b5:ea:0f:5b:0b:7c:c7:6e:79:a9:ba:5b:0d:0c:64:f3:b5:26: 4d:f2:2a:02:62:c1:9d:05:3d:bd:76:bf:79:35:3c:ef:43:65: 60:46:68:b6:39:b8:05:32:4f:86:6b:7a:30:44:81:e7:50:74: e2:9b:8d:04 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 Q0IzNjExMC8GA1UEBRMoMzQzNTRDRkNEQTIyOTg1MTYxQjVFQjYyOEI1NDkzRkRE MkU5NkMzQjAeFw0yNTA5MDIwNTAzMjJaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY4YjY3YTk5LTg3MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDPdf/IlMaaxRgoW1XiZ8DSYCD0gd1Yrj8GJQxG2am4Csrd+tF1X0tcaxtDuwFS AI5WH8Wc7YDcU0vRCA0q1KL/90AIq6ba2b6tPKgByzFz2Bw5PGdbu/0vt8gzb4Nl hsC6ZS7nIMfDMSO7Uv0KE81KGze3R5SRH4F01ZDYOchV/Aa56CvYzsXtEi9DmL0Y cW060Nyxfz8hh1MajyOesbybzxYQpnEdy/Vhu9lCP243KpXAlbqwDCd3HT1l9tZt t8MpLx1Pg1Mv+R75P0ON5kfIKXQmNhc5c/sfOlMQUnMi2Gzy8KhBvbFQSgcvOfaQ qO+17UfY58H81EfzJy4Z04UHAgMBAAGjggKvMIICqzAdBgNVHQ4EFgQUx2elfeew Rlq7MbLfPXqQwIfNbtQwHwYDVR0jBBgwFoAUNDVM/NoimFFhtetii1ST/dLpbDsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVDQjM2L0M2RDREMEJDNzMz NTExRjA5Q0M1OTQ1MUM0RjlBRTAyL05EVk1fTm9pbUZGaHRldGlpMVNUX2RMcGJE cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTkRWTV9Ob2ltRkZodGV0aWkxU1RfZExwYkRzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 Q0IzNi9DNkQ0RDBCQzczMzUxMUYwOUNDNTk0NTFDNEY5QUUwMi9BMzQ5OTVBMDcz MzYxMUYwOEIzNjM1N0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq MCgwFwQCAAEwEQMDBifAAwQCK//EAwQCZ++8MA0EAgACMAcDBQAkAILgMA0GCSqG SIb3DQEBCwUAA4IBAQBe7DOSYYjaciYi+uILxpRB5CYyx+AqABX2KnGH7RvGFbq/ 1U6v3XnJZzZLRxOZAnbhUr3+iWRGmjlir/9eYvVIcqRaEMC3jNvZe7yqcMeQRHdY BJeM98K+8u69+b4620tfSzmZGZXOBZ/UbndMvpb6RZh9Az12LW+hqQxSKAFeGsqS mj60vXGQR5OagYwtxjFKHd1XmsHuv5mp5H3EyBquTtj2lNDOaBF6m81RdkFqoaVY fgBePlvxmYZTDDlOa1Mvf4k3P4i16g9bC3zHbnmpulsNDGTztSZN8ioCYsGdBT29 dr95NTzvQ2VgRmi2ObgFMk+Ga3owRIHnUHTim40E -----END CERTIFICATE-----Generated at Mon Oct 20 10:44:21 2025 by rpki-client