
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/CD145D246E4E11EDBE02B065C4F9AE02.roa
File: CD145D246E4E11EDBE02B065C4F9AE02.roa (raw, json)
Hash identifier: 5PMpMbiDvOrHyA2aZdrK2EqToeI6RWLqz3P1054gczc=
Subject key identifier: 67:A2:86:B0:76:31:30:DC:61:29:EE:7B:AF:FD:F6:C4:35:69:A5:9A
Certificate issuer: /CN=A9122219/serialNumber=D0D2F45A46D26766014B786019A09A8334873DAD
Certificate serial: 0C07
Authority key identifier: D0:D2:F4:5A:46:D2:67:66:01:4B:78:60:19:A0:9A:83:34:87:3D:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/CD145D246E4E11EDBE02B065C4F9AE02.roa
Signing time: Thu 02 Jul 2026 19:19:41 +0000
ROA not before: Thu 02 Jul 2026 19:19:41 +0000
ROA not after: Thu 30 Sep 2027 00:00:00 +0000
asID: 38744
IP address blocks: 49.0.32.0/20 maxlen: 24
49.0.48.0/21 maxlen: 24
117.58.240.0/21 maxlen: 24
2404:b580::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.crl
rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 Jul 2026 18:57:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3079 (0xc07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122219, serialNumber=D0D2F45A46D26766014B786019A09A8334873DAD
Validity
Not Before: Jul 2 19:19:41 2026 GMT
Not After : Sep 30 00:00:00 2027 GMT
Subject: CN=6a46b9cd-e728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:22:0f:54:c4:00:8f:e2:5b:7c:06:56:bd:1d:
23:ee:bf:b6:ac:11:43:20:c1:9c:2b:b5:48:bb:dc:
48:81:3a:db:8f:d1:4c:3b:db:e7:6a:87:29:22:af:
73:12:51:d4:3e:d2:26:04:4c:a6:94:fd:d5:bc:a6:
32:57:d4:b4:a2:1f:b5:db:c0:fe:9e:36:02:df:a1:
e2:8a:15:2e:34:11:be:70:22:da:b9:63:89:9b:cd:
b6:20:d2:eb:60:bf:0b:f1:4b:0c:be:2a:89:4b:82:
70:21:a4:6d:4b:ff:ee:3e:a5:05:ee:a9:cb:be:9d:
af:ee:33:6d:21:66:ad:6b:b0:3f:2e:5f:b0:d8:2c:
1c:a4:c5:a7:c1:63:d9:55:26:b0:46:83:7a:45:72:
05:8c:2d:b9:0d:de:09:56:1d:18:ba:49:66:a8:e3:
25:4d:ed:14:e2:d1:d3:e8:7e:22:5e:be:a7:85:b9:
8d:c7:db:f4:52:d6:8a:15:74:c0:6d:9e:19:86:04:
7c:43:c8:42:d9:6e:b1:c4:a0:4b:e8:94:5d:85:e0:
e6:95:16:76:92:d7:85:ef:59:e4:93:bd:57:e5:e3:
0e:fe:bd:41:47:63:71:d2:f0:47:81:14:97:50:7d:
80:14:d6:79:d2:ca:f9:f4:0a:cc:66:c4:f1:c0:96:
4b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A2:86:B0:76:31:30:DC:61:29:EE:7B:AF:FD:F6:C4:35:69:A5:9A
X509v3 Authority Key Identifier:
keyid:D0:D2:F4:5A:46:D2:67:66:01:4B:78:60:19:A0:9A:83:34:87:3D:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/0NL0WkbSZ2YBS3hgGaCagzSHPa0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NL0WkbSZ2YBS3hgGaCagzSHPa0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122219/82FE89CC3C3711EA873E1460C4F9AE02/CD145D246E4E11EDBE02B065C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
49.0.32.0-49.0.55.255
117.58.240.0/21
IPv6:
2404:b580::/32
Signature Algorithm: sha256WithRSAEncryption
a7:5f:44:a4:dd:8a:51:3e:fa:45:25:29:21:f6:91:32:ee:5b:
a4:80:a5:1f:c1:c8:a7:b1:ad:e2:b8:62:9b:64:f1:2f:9c:cd:
35:a6:98:39:a3:36:e5:a4:93:4b:7f:ea:80:25:a1:26:a6:8a:
6f:95:e3:a7:26:05:cb:31:a9:7b:84:0b:7d:70:b0:88:be:a7:
61:26:6b:05:b0:6a:17:44:36:9a:cc:81:16:c8:23:90:39:a8:
9c:b7:8e:34:2a:b6:ec:83:75:15:18:30:a2:a2:57:ab:17:62:
3e:4b:4e:4e:0e:5e:8a:03:d4:20:53:25:ff:3c:c7:5b:2c:4e:
46:b1:92:e5:40:82:1a:83:22:09:fb:85:cf:55:4a:ee:61:1b:
61:e7:33:88:cd:78:f7:5a:cc:f8:f1:51:f2:d2:39:2b:8a:35:
d4:65:1c:1e:36:a1:fe:dd:73:d6:cd:d1:eb:65:7c:cf:f0:32:
65:1e:7e:74:f8:ad:44:17:8e:83:98:07:06:8f:d6:a5:04:b1:
68:6d:14:c5:35:c4:8f:d5:8f:1c:23:0a:c0:90:87:38:27:a0:
19:bf:a9:a4:c3:d9:84:2f:44:25:66:c4:5b:3e:d7:e5:4d:92:
e4:a4:79:d0:5a:00:1f:f6:4f:49:26:ce:12:0e:24:89:02:6d:
e8:b6:0f:08
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgICDAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjIyMTkxMTAvBgNVBAUTKEQwRDJGNDVBNDZEMjY3NjYwMTRCNzg2MDE5QTA5QTgz
MzQ4NzNEQUQwHhcNMjYwNzAyMTkxOTQxWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ2YjljZC1lNzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmSIPVMQAj+JbfAZWvR0j7r+2rBFDIMGcK7VIu9xIgTrbj9FMO9vnaocpIq9z
ElHUPtImBEymlP3VvKYyV9S0oh+128D+njYC36HiihUuNBG+cCLauWOJm822INLr
YL8L8UsMviqJS4JwIaRtS//uPqUF7qnLvp2v7jNtIWata7A/Ll+w2CwcpMWnwWPZ
VSawRoN6RXIFjC25Dd4JVh0YuklmqOMlTe0U4tHT6H4iXr6nhbmNx9v0UtaKFXTA
bZ4ZhgR8Q8hC2W6xxKBL6JRdheDmlRZ2kteF71nkk71X5eMO/r1BR2Nx0vBHgRSX
UH2AFNZ50sr59ArMZsTxwJZLCQIDAQABo4ICfTCCAnkwHQYDVR0OBBYEFGeihrB2
MTDcYSnue6/99sQ1aaWaMB8GA1UdIwQYMBaAFNDS9FpG0mdmAUt4YBmgmoM0hz2t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMjIxOS84MkZFODlDQzND
MzcxMUVBODczRTE0NjBDNEY5QUUwMi8wTkwwV2tiU1oyWUJTM2hnR2FDYWd6U0hQ
YTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBOTDBXa2JTWjJZQlMzaGdHYUNhZ3pTSFBhMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjIyMTkvODJGRTg5Q0MzQzM3MTFFQTg3M0UxNDYwQzRGOUFFMDIvQ0QxNDVEMjQ2
RTRFMTFFREJFMDJCMDY1QzRGOUFFMDIucm9hMDwGCCsGAQUFBwEHAQH/BC0wKzAa
BAIAATAUMAwDBAUxACADBAMxADADBAN1OvAwDQQCAAIwBwMFACQEtYAwDQYJKoZI
hvcNAQELBQADggEBAKdfRKTdilE++kUlKSH2kTLuW6SApR/ByKexreK4Yptk8S+c
zTWmmDmjNuWkk0t/6oAloSamim+V46cmBcsxqXuEC31wsIi+p2EmawWwahdENprM
gRbII5A5qJy3jjQqtuyDdRUYMKKiV6sXYj5LTk4OXooD1CBTJf88x1ssTkaxkuVA
ghqDIgn7hc9VSu5hG2HnM4jNePdazPjxUfLSOSuKNdRlHB42of7dc9bN0etlfM/w
MmUefnT4rUQXjoOYBwaP1qUEsWhtFMU1xI/VjxwjCsCQhzgnoBm/qaTD2YQvRCVm
xFs+1+VNkuSkedBaAB/2T0kmzhIOJIkCbei2Dwg=
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:23:39 2026 by rpki-client