
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/2A40C41C6EC511ED9672CB40C4F9AE02.roa
File: 2A40C41C6EC511ED9672CB40C4F9AE02.roa (raw, json)
Hash identifier: 63Mc6PfxkqkDwQtpOI9U8lomk1Cxh7mzQMzSOn5gi4U=
Subject key identifier: AB:DD:9B:26:FD:F5:49:DB:2E:A7:72:C4:BB:D0:15:AD:37:47:AD:CC
Certificate issuer: /CN=A91AC4FA/serialNumber=8AF7D8B864FD90452FFD6DE93B51456C79EFB3C7
Certificate serial: 02BA
Authority key identifier: 8A:F7:D8:B8:64:FD:90:45:2F:FD:6D:E9:3B:51:45:6C:79:EF:B3:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ivfYuGT9kEUv_W3pO1FFbHnvs8c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/2A40C41C6EC511ED9672CB40C4F9AE02.roa
Signing time: Sun 05 Jul 2026 02:27:56 +0000
ROA not before: Sun 05 Jul 2026 02:27:56 +0000
ROA not after: Tue 31 Aug 2027 00:00:00 +0000
asID: 17765
IP address blocks: 203.4.188.0/23 maxlen: 24
203.4.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/ivfYuGT9kEUv_W3pO1FFbHnvs8c.crl
rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/ivfYuGT9kEUv_W3pO1FFbHnvs8c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ivfYuGT9kEUv_W3pO1FFbHnvs8c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 14 Jul 2026 02:21:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 698 (0x2ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC4FA, serialNumber=8AF7D8B864FD90452FFD6DE93B51456C79EFB3C7
Validity
Not Before: Jul 5 02:27:56 2026 GMT
Not After : Aug 31 00:00:00 2027 GMT
Subject: CN=6a49c12c-b0a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:91:09:40:da:28:3a:b2:03:dd:8d:36:51:c5:
8d:0b:65:29:d2:6e:81:9a:66:c7:1d:ee:a0:a7:85:
ba:67:bf:d6:54:8b:4a:81:9c:de:f0:40:f4:1c:7f:
08:2a:cb:59:cb:79:19:89:86:e2:36:0a:42:c3:d9:
88:fb:47:1d:ef:7c:67:36:19:98:16:e6:cf:ff:aa:
3b:ee:d9:7a:c5:bd:33:13:8e:02:90:4d:e6:1c:cf:
14:c0:bf:7a:27:ef:14:b7:10:a5:9e:24:5c:08:65:
6c:d0:b3:80:c5:5d:b8:12:9c:bd:0a:ae:25:3a:99:
48:f0:f0:ea:bb:09:56:59:e4:bd:fb:72:fc:a4:ca:
0c:eb:2e:f1:78:30:4f:5f:8f:bd:1f:e3:db:dd:74:
da:b6:5f:8e:04:e9:19:7b:66:3d:8d:cc:6f:3d:ab:
d2:95:2c:7a:a0:25:2a:f1:76:64:b4:76:57:a3:1c:
18:1b:9c:7c:63:e1:ef:a6:29:73:39:9f:8b:9e:af:
38:e7:40:e4:a4:92:a0:84:ce:f6:54:fc:39:64:1a:
32:b0:9c:4a:fd:12:ff:1f:fe:29:91:6e:cb:0d:a2:
8a:a9:71:97:25:09:71:c7:79:dd:f6:4a:9c:fd:bb:
62:17:5a:c4:f3:26:b5:5b:02:55:98:5c:0f:10:9a:
5e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DD:9B:26:FD:F5:49:DB:2E:A7:72:C4:BB:D0:15:AD:37:47:AD:CC
X509v3 Authority Key Identifier:
keyid:8A:F7:D8:B8:64:FD:90:45:2F:FD:6D:E9:3B:51:45:6C:79:EF:B3:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/ivfYuGT9kEUv_W3pO1FFbHnvs8c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ivfYuGT9kEUv_W3pO1FFbHnvs8c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/2A40C41C6EC511ED9672CB40C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
203.4.188.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:9d:f2:10:94:93:b2:99:e6:82:9a:e7:b7:2a:5d:2b:86:2d:
45:5f:bc:64:db:c3:9d:86:21:fe:68:e0:80:40:7f:fc:a8:fd:
83:98:63:e8:b4:9f:60:c3:00:c4:2f:9e:a1:3a:ea:ac:43:29:
71:33:25:cf:82:fa:5b:e0:2f:f7:63:8d:cc:e5:ae:01:f2:53:
44:56:ee:7e:2b:ac:66:a2:c6:ca:d8:7d:57:f8:34:d0:bd:55:
01:f0:b4:9d:16:41:40:39:8b:92:90:cd:30:88:a3:65:1b:be:
cc:f1:f8:2d:68:5b:8e:bf:04:91:d6:06:ea:7a:23:64:45:c9:
c3:f7:7b:61:7c:cd:93:7b:e5:b8:dc:4e:19:72:79:a5:8c:b2:
3c:f3:b8:24:69:a0:60:f5:fb:24:91:86:46:12:09:5d:77:ab:
47:8b:5d:1d:7a:5c:55:39:45:4f:37:a6:96:b8:fb:cf:16:b4:
9c:f0:62:f4:e9:00:de:cc:3e:d2:93:0b:9f:3c:94:f8:98:44:
ad:fa:01:13:44:d8:12:ae:23:38:4a:6b:e2:65:1c:1f:61:b3:
4e:a1:7e:f6:d7:87:db:c8:93:60:9a:22:87:ad:50:ad:d6:66:
55:14:cd:5c:5e:c9:ea:8a:aa:76:e7:70:e9:3a:81:ad:b9:c8:
42:b6:6d:88
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICArowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUM0RkExMTAvBgNVBAUTKDhBRjdEOEI4NjRGRDkwNDUyRkZENkRFOTNCNTE0NTZD
NzlFRkIzQzcwHhcNMjYwNzA1MDIyNzU2WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5YzEyYy1iMGE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq5EJQNooOrID3Y02UcWNC2Up0m6BmmbHHe6gp4W6Z7/WVItKgZze8ED0HH8I
KstZy3kZiYbiNgpCw9mI+0cd73xnNhmYFubP/6o77tl6xb0zE44CkE3mHM8UwL96
J+8UtxClniRcCGVs0LOAxV24Epy9Cq4lOplI8PDquwlWWeS9+3L8pMoM6y7xeDBP
X4+9H+Pb3XTatl+OBOkZe2Y9jcxvPavSlSx6oCUq8XZktHZXoxwYG5x8Y+Hvpilz
OZ+Lnq8450DkpJKghM72VPw5ZBoysJxK/RL/H/4pkW7LDaKKqXGXJQlxx3nd9kqc
/btiF1rE8ya1WwJVmFwPEJpefwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFKvdmyb9
9UnbLqdyxLvQFa03R63MMB8GA1UdIwQYMBaAFIr32Lhk/ZBFL/1t6TtRRWx577PH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQzRGQS8zN0NCODc5ODZD
OEIxMUVEODdBRkY1NzFDNEY5QUUwMi9pdmZZdUdUOWtFVXZfVzNwTzFGRmJIbnZz
OGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2l2Zll1R1Q5a0VVdl9XM3BPMUZGYkhudnM4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUM0RkEvMzdDQjg3OTg2QzhCMTFFRDg3QUZGNTcxQzRGOUFFMDIvMkE0MEM0MUM2
RUM1MTFFRDk2NzJDQjQwQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCywS8MA0GCSqGSIb3DQEBCwUAA4IBAQC9nfIQlJOymeaCmue3Kl0r
hi1FX7xk28OdhiH+aOCAQH/8qP2DmGPotJ9gwwDEL56hOuqsQylxMyXPgvpb4C/3
Y43M5a4B8lNEVu5+K6xmosbK2H1X+DTQvVUB8LSdFkFAOYuSkM0wiKNlG77M8fgt
aFuOvwSR1gbqeiNkRcnD93thfM2Te+W43E4ZcnmljLI887gkaaBg9fskkYZGEgld
d6tHi10delxVOUVPN6aWuPvPFrSc8GL06QDezD7SkwufPJT4mESt+gETRNgSriM4
SmviZRwfYbNOoX7214fbyJNgmiKHrVCt1mZVFM1cXsnqiqp253DpOoGtuchCtm2I
-----END CERTIFICATE-----
Generated at Wed Jul 8 19:37:23 2026 by rpki-client