
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/32E40EFC6D6D11ED879E8878C4F9AE02.roa
File: 32E40EFC6D6D11ED879E8878C4F9AE02.roa (raw, json)
Hash identifier: vfNvK/hPk/GOUEb5yUwDEnvdeCUyK682EgtaqQm5LoM=
Subject key identifier: 58:5D:8E:6B:FE:55:2F:9B:E2:7C:53:BB:E5:25:C5:4A:28:3D:D8:FA
Certificate issuer: /CN=A91E78E8/serialNumber=F192D4AD86CE10FC96827FC93480F3FBDEF5EA61
Certificate serial: 0563
Authority key identifier: F1:92:D4:AD:86:CE:10:FC:96:82:7F:C9:34:80:F3:FB:DE:F5:EA:61
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ZLUrYbOEPyWgn_JNIDz-9716mE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/32E40EFC6D6D11ED879E8878C4F9AE02.roa
Signing time: Fri 19 Jun 2026 00:27:55 +0000
ROA not before: Fri 19 Jun 2026 00:27:55 +0000
ROA not after: Tue 31 Aug 2027 00:00:00 +0000
asID: 38623
IP address blocks: 36.37.128.0/17 maxlen: 24
45.64.124.0/22 maxlen: 23
45.64.125.0/24 maxlen: 24
45.64.126.0/23 maxlen: 24
45.115.180.0/22 maxlen: 24
45.119.132.0/22 maxlen: 24
103.68.44.0/22 maxlen: 24
103.253.180.0/22 maxlen: 24
111.118.128.0/19 maxlen: 24
117.120.24.0/21 maxlen: 24
119.13.56.0/21 maxlen: 24
119.13.152.0/21 maxlen: 24
175.100.0.0/17 maxlen: 24
202.150.0.0/22 maxlen: 24
220.158.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/8ZLUrYbOEPyWgn_JNIDz-9716mE.crl
rsync://rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/8ZLUrYbOEPyWgn_JNIDz-9716mE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ZLUrYbOEPyWgn_JNIDz-9716mE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 16 Jul 2026 00:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1379 (0x563)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E78E8, serialNumber=F192D4AD86CE10FC96827FC93480F3FBDEF5EA61
Validity
Not Before: Jun 19 00:27:55 2026 GMT
Not After : Aug 31 00:00:00 2027 GMT
Subject: CN=6a348d0b-0fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ed:b8:49:c9:12:d1:41:21:35:ea:17:b3:4f:
10:4f:84:58:ce:ca:a7:9c:a3:1a:c8:0d:c2:6e:11:
3c:fc:9f:ea:d4:4d:4e:d4:80:9a:45:88:06:ef:ac:
e9:1a:b1:fb:d9:98:aa:ff:b0:5a:52:e9:db:9d:95:
a3:2a:d3:5a:15:bb:40:13:f5:9a:91:05:8e:04:fa:
8d:fc:51:15:ff:d1:b7:83:65:94:b0:57:48:73:bf:
5b:57:c7:ea:05:b6:0e:05:fc:b0:0b:c3:4e:29:90:
d7:4f:09:5f:d6:30:4f:d0:73:94:f2:40:96:77:ad:
95:2d:10:90:bf:be:fe:db:2d:c4:3d:2f:f2:6b:1e:
71:ec:d1:de:b3:8c:72:95:ec:44:11:e7:16:30:40:
aa:15:09:39:2d:b0:19:0c:55:98:e3:d3:bc:10:67:
fb:b2:fe:66:a0:a6:2b:e3:89:eb:d8:4c:09:45:bc:
13:02:4a:e8:41:74:8c:64:dd:45:77:78:16:cf:01:
1f:c2:90:52:8f:df:36:2d:f3:1e:03:17:b7:db:31:
2c:1a:b6:d8:f9:d8:43:14:6c:e7:27:ea:fe:cc:e0:
2d:7c:40:f9:86:32:58:3c:64:bb:cd:29:d9:1e:44:
f4:3c:de:87:9e:93:ab:9d:61:9a:5d:b3:f5:32:75:
f0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:5D:8E:6B:FE:55:2F:9B:E2:7C:53:BB:E5:25:C5:4A:28:3D:D8:FA
X509v3 Authority Key Identifier:
keyid:F1:92:D4:AD:86:CE:10:FC:96:82:7F:C9:34:80:F3:FB:DE:F5:EA:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/8ZLUrYbOEPyWgn_JNIDz-9716mE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ZLUrYbOEPyWgn_JNIDz-9716mE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/32E40EFC6D6D11ED879E8878C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
36.37.128.0/17
45.64.124.0/22
45.115.180.0/22
45.119.132.0/22
103.68.44.0/22
103.253.180.0/22
111.118.128.0/19
117.120.24.0/21
119.13.56.0/21
119.13.152.0/21
175.100.0.0/17
202.150.0.0/22
220.158.232.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:7f:84:76:9f:e0:7c:36:1e:4c:d8:5c:23:ca:c8:08:e8:da:
9e:4b:f0:d1:14:20:35:de:49:93:2b:68:78:9c:ec:76:1c:55:
df:1e:59:0e:b0:91:e1:ac:96:16:a1:7d:fa:a4:20:84:76:d0:
33:c3:d1:6b:cd:0a:03:1a:0a:a6:f3:b5:01:e4:5a:cc:b0:cb:
de:8f:82:73:c2:c2:61:dd:19:41:46:08:0c:45:d6:24:5e:93:
c6:47:cd:a8:5d:3b:31:00:d8:e2:ab:a3:2d:fc:b3:d6:7f:6b:
38:27:36:58:5e:70:50:64:ee:d9:da:73:cc:95:10:f0:c4:a0:
f1:e6:55:47:b3:28:f5:b8:f8:1a:bf:b6:e1:b8:dd:7e:ec:da:
f3:f7:2f:99:5f:c8:bc:49:6f:6d:de:5b:28:65:09:96:bf:0d:
09:90:66:38:43:63:c4:ae:4e:75:c9:a6:5f:f7:ef:fc:09:27:
a6:34:46:8a:ae:a0:66:af:26:29:d9:c6:56:c2:9e:0c:8f:79:
39:e6:0f:88:ab:7b:27:7e:70:42:f1:e4:17:0a:51:7f:48:bc:
ee:88:68:c9:e7:85:a1:44:b7:e7:34:66:2b:4a:fa:02:97:0e:
fe:b3:26:ad:4b:c4:c3:2c:bc:8e:25:98:bf:2f:29:7d:f5:60:
c3:f8:d4:a1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc4RTgxMTAvBgNVBAUTKEYxOTJENEFEODZDRTEwRkM5NjgyN0ZDOTM0ODBGM0ZC
REVGNUVBNjEwHhcNMjYwNjE5MDAyNzU1WhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTM0OGQwYi0wZmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxu24SckS0UEhNeoXs08QT4RYzsqnnKMayA3CbhE8/J/q1E1O1ICaRYgG76zp
GrH72Ziq/7BaUunbnZWjKtNaFbtAE/WakQWOBPqN/FEV/9G3g2WUsFdIc79bV8fq
BbYOBfywC8NOKZDXTwlf1jBP0HOU8kCWd62VLRCQv77+2y3EPS/yax5x7NHes4xy
lexEEecWMECqFQk5LbAZDFWY49O8EGf7sv5moKYr44nr2EwJRbwTAkroQXSMZN1F
d3gWzwEfwpBSj982LfMeAxe32zEsGrbY+dhDFGznJ+r+zOAtfED5hjJYPGS7zSnZ
HkT0PN6HnpOrnWGaXbP1MnXwlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFhdjmv+
VS+b4nxTu+UlxUooPdj6MB8GA1UdIwQYMBaAFPGS1K2GzhD8loJ/yTSA8/ve9eph
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzhFOC9CODlFQjY5MDNF
MUMxMUVDQjhCMEEyNEFDNEY5QUUwMi84WkxVclliT0VQeVdnbl9KTklEei05NzE2
bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhaTFVyWWJPRVB5V2duX0pOSUR6LTk3MTZtRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc4RTgvQjg5RUI2OTAzRTFDMTFFQ0I4QjBBMjRBQzRGOUFFMDIvMzJFNDBFRkM2
RDZEMTFFRDg3OUU4ODc4QzRGOUFFMDIucm9hMGcGCCsGAQUFBwEHAQH/BFgwVjBU
BAIAATBOAwQHJCWAAwQCLUB8AwQCLXO0AwQCLXeEAwQCZ0QsAwQCZ/20AwQFb3aA
AwQDdXgYAwQDdw04AwQDdw2YAwQHr2QAAwQCypYAAwQC3J7oMA0GCSqGSIb3DQEB
CwUAA4IBAQArf4R2n+B8Nh5M2FwjysgI6NqeS/DRFCA13kmTK2h4nOx2HFXfHlkO
sJHhrJYWoX36pCCEdtAzw9FrzQoDGgqm87UB5FrMsMvej4JzwsJh3RlBRggMRdYk
XpPGR82oXTsxANjiq6Mt/LPWf2s4JzZYXnBQZO7Z2nPMlRDwxKDx5lVHsyj1uPga
v7bhuN1+7Nrz9y+ZX8i8SW9t3lsoZQmWvw0JkGY4Q2PErk51yaZf9+/8CSemNEaK
rqBmryYp2cZWwp4Mj3k55g+Iq3snfnBC8eQXClF/SLzuiGjJ54WhRLfnNGYrSvoC
lw7+syatS8TDLLyOJZi/Lyl99WDD+NSh
-----END CERTIFICATE-----
Generated at Thu Jul 9 04:38:18 2026 by rpki-client