
$ rpki-client -vvf rpki.apnic.net/member_repository/A91924F8/71FD1338641111F18113D0D69B47A888/CA5882E06D4611F1934851767447A888.roa
File: CA5882E06D4611F1934851767447A888.roa (raw, json)
Hash identifier: PfXIGwgTTCIusRlPGqdMeq1XMVW+gcuIfsglflOola4=
Subject key identifier: 3D:B2:B9:D8:14:CA:0F:0A:66:A1:8C:EE:9A:DA:BB:C6:2C:F1:15:D8
Certificate issuer: /CN=A91924F8/serialNumber=1F35F40C364B88B089AE12FDEDB6815C3F11A906
Certificate serial: 08
Authority key identifier: 1F:35:F4:0C:36:4B:88:B0:89:AE:12:FD:ED:B6:81:5C:3F:11:A9:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HzX0DDZLiLCJrhL97baBXD8RqQY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91924F8/71FD1338641111F18113D0D69B47A888/CA5882E06D4611F1934851767447A888.roa
Signing time: Sun 21 Jun 2026 07:57:04 +0000
ROA not before: Sun 21 Jun 2026 07:57:03 +0000
ROA not after: Tue 31 Aug 2027 00:00:00 +0000
asID: 132023
IP address blocks: 2402:5fe0::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91924F8/71FD1338641111F18113D0D69B47A888/HzX0DDZLiLCJrhL97baBXD8RqQY.crl
rsync://rpki.apnic.net/member_repository/A91924F8/71FD1338641111F18113D0D69B47A888/HzX0DDZLiLCJrhL97baBXD8RqQY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HzX0DDZLiLCJrhL97baBXD8RqQY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 10 Jul 2026 10:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91924F8, serialNumber=1F35F40C364B88B089AE12FDEDB6815C3F11A906
Validity
Not Before: Jun 21 07:57:03 2026 GMT
Not After : Aug 31 00:00:00 2027 GMT
Subject: CN=6a37994f-274b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:62:ac:22:21:e3:18:04:d1:4e:bc:cc:f6:4e:
42:88:16:0d:e0:1c:d6:8c:c4:ad:d9:dc:9d:d4:c0:
c2:36:c5:62:3b:45:82:06:82:54:67:25:90:c9:73:
35:14:75:88:b0:71:8e:5a:7c:35:e0:cd:5e:e5:84:
e5:8d:0e:65:d0:a5:12:9a:41:e9:d5:75:62:dc:86:
10:23:48:17:c2:8b:60:d3:d8:fc:47:6b:3c:00:c9:
7c:1c:7d:14:77:ac:a2:5a:97:69:db:b6:a9:e2:00:
78:5b:dc:b0:95:f6:25:97:37:9b:dd:19:77:37:d5:
2c:55:b7:b3:59:a7:98:9c:97:09:28:40:1a:22:83:
6b:e0:40:2f:c0:e4:3e:11:d4:38:74:e8:d6:30:a1:
36:96:a2:51:b5:72:37:d3:fb:63:cb:ca:db:a4:24:
9b:74:1e:cf:15:9d:83:d2:71:22:27:91:a6:0c:d1:
d9:7a:50:99:3a:25:12:ea:27:df:45:92:d7:e0:a9:
b5:30:5f:1c:fc:9d:ce:63:59:1c:38:da:9c:1c:29:
63:75:68:31:80:f5:3c:da:41:1a:66:bb:21:d1:bb:
47:0f:75:9b:6a:c4:34:4a:7f:1e:23:f4:0f:ee:72:
11:a6:96:36:fb:2f:12:83:ef:ec:b2:ab:b7:07:b4:
24:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B2:B9:D8:14:CA:0F:0A:66:A1:8C:EE:9A:DA:BB:C6:2C:F1:15:D8
X509v3 Authority Key Identifier:
keyid:1F:35:F4:0C:36:4B:88:B0:89:AE:12:FD:ED:B6:81:5C:3F:11:A9:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91924F8/71FD1338641111F18113D0D69B47A888/HzX0DDZLiLCJrhL97baBXD8RqQY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HzX0DDZLiLCJrhL97baBXD8RqQY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91924F8/71FD1338641111F18113D0D69B47A888/CA5882E06D4611F1934851767447A888.roa
sbgp-ipAddrBlock: critical
IPv6:
2402:5fe0::/32
Signature Algorithm: sha256WithRSAEncryption
32:20:8e:60:a0:00:59:87:06:16:7a:b2:9a:8f:3b:6e:eb:5d:
d6:cf:01:57:dc:ca:b4:56:2b:b8:25:76:a6:ff:2d:98:60:3a:
ff:2f:b4:d0:c5:2a:6f:34:dc:5a:5d:2a:b6:bf:d0:36:07:dd:
24:9b:20:aa:d9:eb:56:60:48:5c:76:30:87:a1:9b:14:b6:b8:
f9:6e:58:8b:16:f9:cb:d9:d5:07:89:67:dd:de:1e:2d:3d:e1:
f5:98:25:3a:37:0b:84:77:9e:6c:fe:76:a1:ab:20:8c:ae:26:
d5:96:42:38:6d:28:ef:ac:f4:44:05:b3:96:43:eb:03:d0:14:
41:98:c0:1a:c7:79:3d:9a:bd:3b:e1:c8:b3:08:da:51:ea:44:
05:d1:67:d6:31:84:a2:95:b2:aa:b4:f1:76:13:2a:10:14:9a:
31:85:ee:1b:f6:3a:fe:a9:5a:79:de:dc:2b:8f:61:e2:92:e5:
5c:d2:5f:d2:a0:04:85:1e:09:59:c9:db:48:55:dc:29:0d:e3:
96:31:54:a8:d8:12:b9:18:84:34:f6:78:6f:8a:34:83:39:11:
c4:ca:8b:39:e5:99:72:88:66:38:01:b2:8c:f2:c2:6c:b3:bb:
5f:d4:b0:86:7d:8f:c4:eb:63:81:c5:94:74:28:3c:00:40:d2:
b9:d6:3a:2a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MjRGODExMC8GA1UEBRMoMUYzNUY0MEMzNjRCODhCMDg5QUUxMkZERURCNjgxNUMz
RjExQTkwNjAeFw0yNjA2MjEwNzU3MDNaFw0yNzA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTZhMzc5OTRmLTI3NGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD2YqwiIeMYBNFOvMz2TkKIFg3gHNaMxK3Z3J3UwMI2xWI7RYIGglRnJZDJczUU
dYiwcY5afDXgzV7lhOWNDmXQpRKaQenVdWLchhAjSBfCi2DT2PxHazwAyXwcfRR3
rKJal2nbtqniAHhb3LCV9iWXN5vdGXc31SxVt7NZp5iclwkoQBoig2vgQC/A5D4R
1Dh06NYwoTaWolG1cjfT+2PLytukJJt0Hs8VnYPScSInkaYM0dl6UJk6JRLqJ99F
ktfgqbUwXxz8nc5jWRw42pwcKWN1aDGA9TzaQRpmuyHRu0cPdZtqxDRKfx4j9A/u
chGmljb7LxKD7+yyq7cHtCT7AgMBAAGjggJhMIICXTAdBgNVHQ4EFgQUPbK52BTK
DwpmoYzumtq7xizxFdgwHwYDVR0jBBgwFoAUHzX0DDZLiLCJrhL97baBXD8RqQYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkyNEY4LzcxRkQxMzM4NjQx
MTExRjE4MTEzRDBENjlCNDdBODg4L0h6WDBERFpMaUxDSnJoTDk3YmFCWEQ4UnFR
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSHpYMEREWkxpTENKcmhMOTdiYUJYRDhScVFZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MjRGOC83MUZEMTMzODY0MTExMUYxODExM0QwRDY5QjQ3QTg4OC9DQTU4ODJFMDZE
NDYxMUYxOTM0ODUxNzY3NDQ3QTg4OC5yb2EwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgACMAcDBQAkAl/gMA0GCSqGSIb3DQEBCwUAA4IBAQAyII5goABZhwYWerKajztu
613WzwFX3Mq0Viu4JXam/y2YYDr/L7TQxSpvNNxaXSq2v9A2B90kmyCq2etWYEhc
djCHoZsUtrj5bliLFvnL2dUHiWfd3h4tPeH1mCU6NwuEd55s/nahqyCMribVlkI4
bSjvrPREBbOWQ+sD0BRBmMAax3k9mr074cizCNpR6kQF0WfWMYSilbKqtPF2EyoQ
FJoxhe4b9jr+qVp53twrj2HikuVc0l/SoASFHglZydtIVdwpDeOWMVSo2BK5GIQ0
9nhvijSDORHEyos55ZlyiGY4AbKM8sJss7tf1LCGfY/E62OBxZR0KDwAQNK51joq
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:36:29 2026 by rpki-client