
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/321C6B5C2C6711F0B5DEE20CC4F9AE02.roa
File: 321C6B5C2C6711F0B5DEE20CC4F9AE02.roa (raw, json)
Hash identifier: /aTSxcHxRkOfKrRCHUaeDVdu5n6tqyMBf2gXf3ZAFRk=
Subject key identifier: F8:DA:DC:3C:22:67:2C:A2:B0:4E:91:E6:03:8B:C7:BA:14:96:EB:E7
Certificate issuer: /CN=A9147049/serialNumber=D9D1B055FEFC89F5803A7FA8E2B902619F338D8E
Certificate serial: D9
Authority key identifier: D9:D1:B0:55:FE:FC:89:F5:80:3A:7F:A8:E2:B9:02:61:9F:33:8D:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dGwVf78ifWAOn-o4rkCYZ8zjY4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/321C6B5C2C6711F0B5DEE20CC4F9AE02.roa
Signing time: Fri 03 Jul 2026 07:34:30 +0000
ROA not before: Fri 03 Jul 2026 07:34:30 +0000
ROA not after: Tue 31 Aug 2027 00:00:00 +0000
asID: 134090
IP address blocks: 2402:920::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/2dGwVf78ifWAOn-o4rkCYZ8zjY4.crl
rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/2dGwVf78ifWAOn-o4rkCYZ8zjY4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dGwVf78ifWAOn-o4rkCYZ8zjY4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Jul 2026 07:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 217 (0xd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147049, serialNumber=D9D1B055FEFC89F5803A7FA8E2B902619F338D8E
Validity
Not Before: Jul 3 07:34:30 2026 GMT
Not After : Aug 31 00:00:00 2027 GMT
Subject: CN=6a476606-9cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:21:43:18:0c:66:09:03:9a:23:2e:d4:c0:4d:
da:34:a4:ef:c9:75:82:b1:c9:ed:c8:5c:4e:3f:15:
73:03:20:ec:82:dc:f3:e2:f0:6d:c6:89:b9:31:4d:
f2:6e:16:4d:bb:42:17:fc:23:33:cf:48:8a:f5:33:
89:ac:77:32:83:77:ca:00:33:5d:24:88:b1:3c:6b:
ae:c2:8f:7c:83:35:3c:0e:45:71:8c:ac:84:f7:f8:
3b:0a:fc:a2:6f:f3:bd:b7:0a:4f:8b:3b:1a:d0:b5:
e8:6e:df:b3:b1:bf:81:25:78:f5:27:fa:92:9d:c6:
07:0a:db:0b:12:d6:1e:20:33:55:f1:c7:12:53:e3:
c9:23:4f:2c:3d:b2:14:e2:a0:4f:23:1a:af:64:d3:
ce:7c:de:82:04:37:52:77:7d:53:5b:25:f4:cd:b9:
11:c1:de:6f:26:cc:f4:dc:6e:b4:1d:40:60:da:b2:
40:e4:50:6d:3a:b7:a9:25:2f:25:f6:ed:39:19:7e:
fc:b9:33:ec:7d:35:02:34:14:fa:1a:e5:e8:f9:23:
fc:5a:55:d0:3d:88:e0:39:c9:06:85:6e:76:03:29:
fe:a2:0b:53:9b:da:f1:04:4c:21:08:51:f0:15:13:
0a:73:d6:66:75:29:1f:8c:16:a1:f6:2e:56:58:9f:
59:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DA:DC:3C:22:67:2C:A2:B0:4E:91:E6:03:8B:C7:BA:14:96:EB:E7
X509v3 Authority Key Identifier:
keyid:D9:D1:B0:55:FE:FC:89:F5:80:3A:7F:A8:E2:B9:02:61:9F:33:8D:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/2dGwVf78ifWAOn-o4rkCYZ8zjY4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2dGwVf78ifWAOn-o4rkCYZ8zjY4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147049/B09CBD662C6611F09DA56B0BC4F9AE02/321C6B5C2C6711F0B5DEE20CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv6:
2402:920::/32
Signature Algorithm: sha256WithRSAEncryption
86:a5:4e:eb:3c:3f:4b:2c:c2:54:1a:aa:be:9f:6e:d6:38:15:
bc:4d:17:cc:70:37:01:80:ab:27:b5:57:31:f8:b6:87:eb:f9:
ea:62:65:08:f8:b3:3c:ea:b7:0e:08:04:72:c1:4d:6a:4c:69:
0a:7c:d0:c4:e4:14:b9:06:b3:a2:8c:fb:c5:b9:de:6a:78:61:
e0:f0:fd:f8:91:73:a7:56:c1:c5:40:c9:65:7c:a1:b5:b5:b8:
49:d8:8e:a2:30:15:28:cd:4c:64:b0:9c:d2:fd:e0:14:03:c4:
27:2c:98:e1:bb:c3:39:06:98:51:33:d8:42:58:59:bd:4a:08:
94:bd:bc:57:aa:94:3b:fa:94:17:f4:fc:3e:c2:98:3a:61:71:
0e:99:8c:bc:2c:90:73:71:60:00:23:2d:c0:c8:65:d1:cc:e3:
24:a7:14:74:76:a0:0e:b6:7c:ea:54:6d:f9:95:75:9c:0c:dd:
4c:04:25:94:3d:cd:68:5a:37:8b:98:1e:0d:ac:02:b4:c1:ae:
c9:bc:e7:23:69:af:ed:20:dc:6f:19:5a:19:6b:53:91:04:f0:
f1:d1:9a:61:d5:96:05:99:8f:e3:3e:d4:c2:86:2f:82:45:a0:
8e:a2:b9:84:e4:8b:05:e3:e5:a4:5d:aa:e4:70:b1:cd:36:26:
52:ea:23:16
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgICANkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDcwNDkxMTAvBgNVBAUTKEQ5RDFCMDU1RkVGQzg5RjU4MDNBN0ZBOEUyQjkwMjYx
OUYzMzhEOEUwHhcNMjYwNzAzMDczNDMwWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3NjYwNi05Y2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkCFDGAxmCQOaIy7UwE3aNKTvyXWCscntyFxOPxVzAyDsgtzz4vBtxom5MU3y
bhZNu0IX/CMzz0iK9TOJrHcyg3fKADNdJIixPGuuwo98gzU8DkVxjKyE9/g7Cvyi
b/O9twpPizsa0LXobt+zsb+BJXj1J/qSncYHCtsLEtYeIDNV8ccSU+PJI08sPbIU
4qBPIxqvZNPOfN6CBDdSd31TWyX0zbkRwd5vJsz03G60HUBg2rJA5FBtOrepJS8l
9u05GX78uTPsfTUCNBT6GuXo+SP8WlXQPYjgOckGhW52Ayn+ogtTm9rxBEwhCFHw
FRMKc9ZmdSkfjBah9i5WWJ9ZCwIDAQABo4ICYTCCAl0wHQYDVR0OBBYEFPja3Dwi
ZyyisE6R5gOLx7oUluvnMB8GA1UdIwQYMBaAFNnRsFX+/In1gDp/qOK5AmGfM42O
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzA0OS9CMDlDQkQ2NjJD
NjYxMUYwOURBNTZCMEJDNEY5QUUwMi8yZEd3VmY3OGlmV0FPbi1vNHJrQ1laOHpq
WTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJkR3dWZjc4aWZXQU9uLW80cmtDWVo4empZNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDcwNDkvQjA5Q0JENjYyQzY2MTFGMDlEQTU2QjBCQzRGOUFFMDIvMzIxQzZCNUMy
QzY3MTFGMEI1REVFMjBDQzRGOUFFMDIucm9hMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAIJIDANBgkqhkiG9w0BAQsFAAOCAQEAhqVO6zw/SyzCVBqqvp9u
1jgVvE0XzHA3AYCrJ7VXMfi2h+v56mJlCPizPOq3DggEcsFNakxpCnzQxOQUuQaz
ooz7xbneanhh4PD9+JFzp1bBxUDJZXyhtbW4SdiOojAVKM1MZLCc0v3gFAPEJyyY
4bvDOQaYUTPYQlhZvUoIlL28V6qUO/qUF/T8PsKYOmFxDpmMvCyQc3FgACMtwMhl
0czjJKcUdHagDrZ86lRt+ZV1nAzdTAQllD3NaFo3i5geDawCtMGuybznI2mv7SDc
bxlaGWtTkQTw8dGaYdWWBZmP4z7UwoYvgkWgjqK5hOSLBePlpF2q5HCxzTYmUuoj
Fg==
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:12:42 2026 by rpki-client