
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/048E963C92B611F0841D2F21C4F9AE02.roa
File: 048E963C92B611F0841D2F21C4F9AE02.roa (raw, json)
Hash identifier: e6kVpp+6mh2y+ENdwgMlIFqry/Q/rRLa8PViLSJTVGI=
Subject key identifier: 5B:C1:68:05:3E:02:C2:3D:50:05:F1:C1:2B:98:BF:F6:CE:EB:41:D0
Certificate issuer: /CN=A91C7B68/serialNumber=9B5A5365DA2B25FA698B703093CFBDC2A2C23FCF
Certificate serial: AD
Authority key identifier: 9B:5A:53:65:DA:2B:25:FA:69:8B:70:30:93:CF:BD:C2:A2:C2:3F:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m1pTZdorJfppi3Awk8-9wqLCP88.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/048E963C92B611F0841D2F21C4F9AE02.roa
Signing time: Tue 30 Jun 2026 21:24:15 +0000
ROA not before: Tue 30 Jun 2026 21:24:15 +0000
ROA not after: Fri 30 Oct 2026 00:00:00 +0000
asID: 152177
IP address blocks: 103.214.156.0/22 maxlen: 22
103.214.156.0/23 maxlen: 23
103.214.156.0/24 maxlen: 24
103.214.157.0/24 maxlen: 24
103.214.158.0/24 maxlen: 24
144.48.112.0/22 maxlen: 22
144.48.112.0/23 maxlen: 23
144.48.112.0/24 maxlen: 24
144.48.113.0/24 maxlen: 24
144.48.114.0/24 maxlen: 24
2407:ea40::/32 maxlen: 34
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/m1pTZdorJfppi3Awk8-9wqLCP88.crl
rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/m1pTZdorJfppi3Awk8-9wqLCP88.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m1pTZdorJfppi3Awk8-9wqLCP88.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 09 Jul 2026 20:10:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173 (0xad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7B68, serialNumber=9B5A5365DA2B25FA698B703093CFBDC2A2C23FCF
Validity
Not Before: Jun 30 21:24:15 2026 GMT
Not After : Oct 30 00:00:00 2026 GMT
Subject: CN=6a4433ff-e8ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:06:d7:fd:f4:c2:b6:d5:34:b3:87:b2:6e:e0:
ed:bf:ea:99:e2:07:28:c1:f3:c5:a3:56:b1:04:e2:
94:dc:f5:72:e7:c3:a1:c3:a8:d4:b3:37:30:c7:16:
22:d0:e0:fb:94:11:c5:1f:0e:f8:c2:10:18:92:8d:
96:8c:8e:ab:81:a6:29:b4:10:61:76:fc:b5:e6:7a:
01:8b:8b:ac:77:c4:31:57:cc:e8:e1:cc:a1:2c:19:
c5:4a:1d:21:b8:43:e5:b2:10:e7:58:cb:d9:4b:50:
1b:f2:26:1a:02:3e:9c:ea:b7:b7:b9:98:ea:c9:d2:
f9:bd:eb:ae:1a:2e:fe:e3:f5:89:b5:7c:c3:f7:e5:
4d:3c:7b:0b:12:18:1a:a9:bb:c5:10:80:b5:67:76:
62:21:0d:16:ce:9e:c2:41:91:a5:26:b9:b8:8e:07:
25:26:b9:62:ce:09:6d:94:f1:a0:9e:21:66:5c:74:
51:73:c6:03:60:63:13:4c:90:1c:33:f0:0f:73:8b:
57:02:a0:59:b5:79:33:cf:a5:dc:35:af:3b:91:da:
6d:7a:ed:13:40:44:f0:43:db:0f:d1:0d:90:87:c0:
fa:bf:c1:25:27:72:6b:f6:78:56:d0:00:2b:33:28:
8e:8b:69:0b:a9:c7:3d:fb:a1:62:53:18:31:f0:cf:
59:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C1:68:05:3E:02:C2:3D:50:05:F1:C1:2B:98:BF:F6:CE:EB:41:D0
X509v3 Authority Key Identifier:
keyid:9B:5A:53:65:DA:2B:25:FA:69:8B:70:30:93:CF:BD:C2:A2:C2:3F:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/m1pTZdorJfppi3Awk8-9wqLCP88.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m1pTZdorJfppi3Awk8-9wqLCP88.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7B68/53A7B92CB0A511EA8F92ED17C4F9AE02/048E963C92B611F0841D2F21C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.214.156.0/22
144.48.112.0/22
IPv6:
2407:ea40::/32
Signature Algorithm: sha256WithRSAEncryption
75:93:39:49:39:01:eb:cf:fd:d6:d9:54:58:1f:fb:1b:5c:58:
eb:ba:d5:4a:70:0e:7a:05:55:ad:75:30:e5:d0:01:4c:fc:fd:
9b:b3:58:19:2d:65:d8:6b:2a:70:c8:bd:85:ef:58:be:13:9f:
98:27:bb:76:70:e3:fc:68:da:88:14:f5:68:2b:2a:7a:57:e9:
41:56:06:22:55:69:8f:86:77:64:3a:0b:95:fa:70:ae:25:ed:
c7:00:41:ff:8c:e6:e0:74:13:b2:cd:80:50:ac:30:c1:a8:02:
9c:53:46:aa:d7:31:00:9c:a4:36:75:b8:1c:09:fe:71:49:3f:
0c:b0:75:05:f0:8f:91:28:4c:10:d7:e8:b8:ae:0e:98:c2:17:
d0:da:c3:b5:4a:ab:fa:0f:81:d2:a6:44:d9:83:dd:1a:d9:a5:
4c:c4:65:b7:71:92:58:c4:6f:b8:e0:bc:98:33:c7:f0:60:1d:
8c:b6:16:7b:3a:73:53:90:ec:20:16:55:dd:7d:9b:04:3a:70:
c1:1e:a0:8b:7c:73:e6:30:1d:95:c8:43:53:9a:f7:c1:70:2e:
89:8a:11:0f:a4:1a:1f:32:99:d4:00:9f:f5:a4:a6:4e:7a:92:
46:89:16:b4:fc:90:9a:dc:7a:16:cb:51:2b:cd:7e:a6:f0:90:
42:e1:75:6b
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICAK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdCNjgxMTAvBgNVBAUTKDlCNUE1MzY1REEyQjI1RkE2OThCNzAzMDkzQ0ZCREMy
QTJDMjNGQ0YwHhcNMjYwNjMwMjEyNDE1WhcNMjYxMDMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ0MzNmZi1lOGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtwbX/fTCttU0s4eybuDtv+qZ4gcowfPFo1axBOKU3PVy58Ohw6jUszcwxxYi
0OD7lBHFHw74whAYko2WjI6rgaYptBBhdvy15noBi4usd8QxV8zo4cyhLBnFSh0h
uEPlshDnWMvZS1Ab8iYaAj6c6re3uZjqydL5veuuGi7+4/WJtXzD9+VNPHsLEhga
qbvFEIC1Z3ZiIQ0Wzp7CQZGlJrm4jgclJrlizgltlPGgniFmXHRRc8YDYGMTTJAc
M/APc4tXAqBZtXkzz6XcNa87kdpteu0TQETwQ9sP0Q2Qh8D6v8ElJ3Jr9nhW0AAr
MyiOi2kLqcc9+6FiUxgx8M9ZqQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFFvBaAU+
AsI9UAXxwSuYv/bO60HQMB8GA1UdIwQYMBaAFJtaU2XaKyX6aYtwMJPPvcKiwj/P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0I2OC81M0E3QjkyQ0Iw
QTUxMUVBOEY5MkVEMTdDNEY5QUUwMi9tMXBUWmRvckpmcHBpM0F3azgtOXdxTENQ
ODguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL20xcFRaZG9ySmZwcGkzQXdrOC05d3FMQ1A4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdCNjgvNTNBN0I5MkNCMEE1MTFFQThGOTJFRDE3QzRGOUFFMDIvMDQ4RTk2M0M5
MkI2MTFGMDg0MUQyRjIxQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCZ9acAwQCkDBwMA0EAgACMAcDBQAkB+pAMA0GCSqGSIb3DQEBCwUA
A4IBAQB1kzlJOQHrz/3W2VRYH/sbXFjrutVKcA56BVWtdTDl0AFM/P2bs1gZLWXY
aypwyL2F71i+E5+YJ7t2cOP8aNqIFPVoKyp6V+lBVgYiVWmPhndkOguV+nCuJe3H
AEH/jObgdBOyzYBQrDDBqAKcU0aq1zEAnKQ2dbgcCf5xST8MsHUF8I+RKEwQ1+i4
rg6YwhfQ2sO1Sqv6D4HSpkTZg90a2aVMxGW3cZJYxG+44LyYM8fwYB2MthZ7OnNT
kOwgFlXdfZsEOnDBHqCLfHPmMB2VyENTmvfBcC6JihEPpBofMpnUAJ/1pKZOepJG
iRa0/JCa3HoWy1ErzX6m8JBC4XVr
-----END CERTIFICATE-----
Generated at Fri Jul 3 22:33:22 2026 by rpki-client