
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C812/B25EF990E91611EAA705D84FC4F9AE02/477192ACF3FA11EAB9D11D26C4F9AE02.roa
File: 477192ACF3FA11EAB9D11D26C4F9AE02.roa (raw, json)
Hash identifier: llyuXvewMNe0VqKDq5oyIJpvEqxm6fBiNkxTAaxfIO4=
Subject key identifier: E0:D3:44:3E:E2:21:26:51:B6:B0:3B:18:DF:94:6F:D0:D8:C4:71:0E
Certificate issuer: /CN=A911C812/serialNumber=6A32BD13DFCD77EF1B5C052BE36ED89AD21270DB
Certificate serial: 08BF
Authority key identifier: 6A:32:BD:13:DF:CD:77:EF:1B:5C:05:2B:E3:6E:D8:9A:D2:12:70:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ajK9E9_Nd-8bXAUr427YmtIScNs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C812/B25EF990E91611EAA705D84FC4F9AE02/477192ACF3FA11EAB9D11D26C4F9AE02.roa
Signing time: Tue 16 Jun 2026 21:23:58 +0000
ROA not before: Tue 16 Jun 2026 21:23:58 +0000
ROA not after: Fri 30 Jul 2027 00:00:00 +0000
asID: 9534
IP address blocks: 43.240.20.0/22 maxlen: 22
43.240.20.0/24 maxlen: 24
43.240.21.0/24 maxlen: 24
43.240.22.0/24 maxlen: 24
43.240.23.0/24 maxlen: 24
103.239.248.0/22 maxlen: 22
202.75.128.0/19 maxlen: 19
202.75.160.0/19 maxlen: 19
202.151.192.0/18 maxlen: 19
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911C812/B25EF990E91611EAA705D84FC4F9AE02/ajK9E9_Nd-8bXAUr427YmtIScNs.crl
rsync://rpki.apnic.net/member_repository/A911C812/B25EF990E91611EAA705D84FC4F9AE02/ajK9E9_Nd-8bXAUr427YmtIScNs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ajK9E9_Nd-8bXAUr427YmtIScNs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Jul 2026 20:45:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2239 (0x8bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C812, serialNumber=6A32BD13DFCD77EF1B5C052BE36ED89AD21270DB
Validity
Not Before: Jun 16 21:23:58 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=6a31beee-d734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:eb:78:a6:0d:ad:c6:a0:22:42:c0:9f:12:42:
58:55:c1:db:58:25:e4:a6:1d:cf:78:08:cc:ff:bf:
80:5f:58:8b:01:07:00:0a:d2:de:de:76:ed:c7:e4:
59:41:09:7c:19:6f:34:51:14:47:52:eb:92:20:c9:
4a:22:a1:df:49:5c:72:0b:0b:d0:45:8a:3f:30:4f:
8d:ab:a8:58:27:2b:48:0c:ae:63:39:0f:f0:56:2f:
8a:13:92:e4:f8:72:d3:d3:21:df:e6:7f:88:88:ce:
fb:f8:4f:98:39:4c:c0:68:b9:8b:de:2e:c0:a0:e2:
21:bb:e4:db:71:f5:aa:50:60:24:c4:cc:c9:86:15:
1b:39:ed:6b:be:df:f4:0c:39:4a:49:cc:41:1e:23:
09:b2:df:33:0f:a9:4e:a6:bf:ce:5f:45:4d:d5:9b:
a3:90:ac:b1:54:d7:f8:39:04:68:b9:68:f0:ac:9b:
65:20:80:83:4b:0b:f2:32:eb:53:d8:d1:89:6b:91:
45:1e:0b:e4:1a:ca:3e:35:eb:0d:6f:ba:33:8b:ec:
44:ed:6c:43:38:6a:4d:06:69:dd:31:a8:d8:eb:50:
f4:97:3b:3b:f4:da:b3:d4:6d:12:41:33:3f:55:e6:
8f:22:b3:18:15:b0:33:fd:23:ad:10:84:be:9c:72:
73:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D3:44:3E:E2:21:26:51:B6:B0:3B:18:DF:94:6F:D0:D8:C4:71:0E
X509v3 Authority Key Identifier:
keyid:6A:32:BD:13:DF:CD:77:EF:1B:5C:05:2B:E3:6E:D8:9A:D2:12:70:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C812/B25EF990E91611EAA705D84FC4F9AE02/ajK9E9_Nd-8bXAUr427YmtIScNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ajK9E9_Nd-8bXAUr427YmtIScNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C812/B25EF990E91611EAA705D84FC4F9AE02/477192ACF3FA11EAB9D11D26C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.240.20.0/22
103.239.248.0/22
202.75.128.0/18
202.151.192.0/18
Signature Algorithm: sha256WithRSAEncryption
49:79:3c:6b:5a:02:cf:22:c7:03:85:1a:c3:8e:c0:af:24:15:
3f:84:e9:ed:44:8e:d6:5b:1b:d5:5c:ae:f0:87:91:ce:6b:b2:
21:29:dd:3a:e5:82:40:6c:23:dc:ee:c1:31:90:56:4f:6c:c6:
2e:57:91:95:2c:c9:46:24:30:fe:f1:f6:17:62:45:77:83:bc:
d2:a4:3f:42:6c:ea:37:39:e4:36:51:1a:95:f3:e8:c8:10:3a:
4f:19:6b:c9:8b:81:5e:8d:3f:57:27:1f:2a:29:2b:0d:5f:89:
82:98:7f:b4:bb:91:9e:9a:47:b0:8e:6b:a0:4d:59:e2:12:df:
c7:80:32:f4:69:98:eb:57:de:5c:29:8a:31:0d:df:21:8c:e8:
e9:4e:5a:df:23:03:4b:8d:29:b3:7f:6e:39:04:aa:b9:c4:e3:
fc:64:fd:e3:87:f5:50:e5:4e:5d:ee:bc:d4:01:1d:ed:ea:c4:
10:f3:79:28:06:8b:1a:95:5a:0d:26:81:c5:49:0a:62:4a:af:
75:fc:5e:ae:be:1f:b9:a2:ea:d6:35:b1:0f:24:26:45:38:44:
61:07:64:2d:52:3b:ca:d7:76:2e:0a:6b:4f:f9:ce:62:ba:75:
fd:30:3f:80:65:29:77:e7:aa:0d:02:45:2f:fd:ea:26:31:17:
9b:3a:78:59
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICCL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM4MTIxMTAvBgNVBAUTKDZBMzJCRDEzREZDRDc3RUYxQjVDMDUyQkUzNkVEODlB
RDIxMjcwREIwHhcNMjYwNjE2MjEyMzU4WhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTMxYmVlZS1kNzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvOt4pg2txqAiQsCfEkJYVcHbWCXkph3PeAjM/7+AX1iLAQcACtLe3nbtx+RZ
QQl8GW80URRHUuuSIMlKIqHfSVxyCwvQRYo/ME+Nq6hYJytIDK5jOQ/wVi+KE5Lk
+HLT0yHf5n+IiM77+E+YOUzAaLmL3i7AoOIhu+TbcfWqUGAkxMzJhhUbOe1rvt/0
DDlKScxBHiMJst8zD6lOpr/OX0VN1ZujkKyxVNf4OQRouWjwrJtlIICDSwvyMutT
2NGJa5FFHgvkGso+NesNb7ozi+xE7WxDOGpNBmndMajY61D0lzs79Nqz1G0SQTM/
VeaPIrMYFbAz/SOtEIS+nHJzgQIDAQABo4ICcjCCAm4wHQYDVR0OBBYEFODTRD7i
ISZRtrA7GN+Ub9DYxHEOMB8GA1UdIwQYMBaAFGoyvRPfzXfvG1wFK+Nu2JrSEnDb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzgxMi9CMjVFRjk5MEU5
MTYxMUVBQTcwNUQ4NEZDNEY5QUUwMi9haks5RTlfTmQtOGJYQVVyNDI3WW10SVNj
TnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FqSzlFOV9OZC04YlhBVXI0MjdZbXRJU2NOcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM4MTIvQjI1RUY5OTBFOTE2MTFFQUE3MDVEODRGQzRGOUFFMDIvNDc3MTkyQUNG
M0ZBMTFFQUI5RDExRDI2QzRGOUFFMDIucm9hMDEGCCsGAQUFBwEHAQH/BCIwIDAe
BAIAATAYAwQCK/AUAwQCZ+/4AwQGykuAAwQGypfAMA0GCSqGSIb3DQEBCwUAA4IB
AQBJeTxrWgLPIscDhRrDjsCvJBU/hOntRI7WWxvVXK7wh5HOa7IhKd065YJAbCPc
7sExkFZPbMYuV5GVLMlGJDD+8fYXYkV3g7zSpD9CbOo3OeQ2URqV8+jIEDpPGWvJ
i4FejT9XJx8qKSsNX4mCmH+0u5GemkewjmugTVniEt/HgDL0aZjrV95cKYoxDd8h
jOjpTlrfIwNLjSmzf245BKq5xOP8ZP3jh/VQ5U5d7rzUAR3t6sQQ83koBosalVoN
JoHFSQpiSq91/F6uvh+5ourWNbEPJCZFOERhB2QtUjvK13YuCmtP+c5iunX9MD+A
ZSl356oNAkUv/eomMRebOnhZ
-----END CERTIFICATE-----
Generated at Sat Jul 18 08:22:54 2026 by rpki-client