
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/81E6A038BEBD11EBA1BC8A0FC4F9AE02.roa
File: 81E6A038BEBD11EBA1BC8A0FC4F9AE02.roa (raw, json)
Hash identifier: wltUxvT2gIrkk4cq9N351wOYzI5GH6/ywEsI+BXEuw0=
Subject key identifier: FA:EA:A7:A6:9B:B4:F3:E7:83:4D:16:0C:9E:EC:E7:85:A0:EB:4F:8C
Certificate issuer: /CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Certificate serial: 2596
Authority key identifier: 11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/81E6A038BEBD11EBA1BC8A0FC4F9AE02.roa
Signing time: Thu 16 Jul 2026 15:13:13 +0000
ROA not before: Thu 16 Jul 2026 15:13:13 +0000
ROA not after: Thu 30 Sep 2027 00:00:00 +0000
asID: 135295
IP address blocks: 136.228.152.0/24 maxlen: 24
136.228.153.0/24 maxlen: 24
136.228.154.0/24 maxlen: 24
136.228.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Jul 2026 15:13:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9622 (0x2596)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA958, serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Validity
Not Before: Jul 16 15:13:13 2026 GMT
Not After : Sep 30 00:00:00 2027 GMT
Subject: CN=6a58f509-5ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dd:fc:34:26:30:04:8a:8e:bd:c4:06:c6:21:
68:6f:78:b4:d7:0f:fc:3d:86:91:90:3b:06:7e:78:
c7:33:b6:cd:81:b3:ea:c4:d3:46:64:d7:b2:85:97:
e1:bc:4d:7a:44:25:94:5d:6c:08:63:19:4c:ff:fd:
92:97:08:36:0b:1e:86:a5:12:52:b8:57:60:1c:a2:
27:f9:79:18:84:81:c5:5f:ee:6f:fd:b3:3d:8f:19:
33:3b:e7:a0:c0:2c:9f:70:20:02:47:4e:02:5d:c5:
57:5b:c2:98:dd:43:db:6b:c4:e7:ec:5f:30:e4:03:
72:20:d5:20:ea:6f:47:0b:d2:79:33:f7:08:18:bb:
09:44:3c:02:3b:e3:4e:24:96:94:51:f7:78:b5:b5:
fb:09:78:ac:b0:a6:8a:6c:2f:00:61:f5:33:95:ce:
a6:89:ac:bd:2a:1e:4a:9d:c9:ba:ce:81:72:91:ac:
79:7d:28:b7:eb:bc:09:65:28:a6:9d:4c:38:e4:22:
de:3d:e6:c5:0f:bd:79:52:a2:e7:07:46:43:03:08:
13:1a:07:e0:cf:e0:c4:d3:11:92:44:81:90:20:c0:
ad:54:d7:d6:73:38:3d:90:1d:81:c0:fe:af:fa:3a:
64:c4:bf:eb:99:a5:ed:08:a8:c8:6e:39:e9:3f:73:
f2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EA:A7:A6:9B:B4:F3:E7:83:4D:16:0C:9E:EC:E7:85:A0:EB:4F:8C
X509v3 Authority Key Identifier:
keyid:11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/81E6A038BEBD11EBA1BC8A0FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
136.228.152.0/22
Signature Algorithm: sha256WithRSAEncryption
62:15:d7:26:ff:4f:3f:1b:51:c3:92:96:7e:94:29:b3:5a:93:
a2:c5:61:43:57:dc:af:9c:cd:65:87:12:fd:c4:56:8b:49:4d:
de:52:9a:ea:3a:1c:3a:17:1c:a4:85:3d:93:37:45:2a:f5:95:
b7:f9:8b:f6:75:48:f0:94:4b:2f:05:3c:b0:27:b0:e0:95:db:
01:9c:e1:1c:dd:a2:ba:eb:93:4c:1b:10:16:fa:1a:4e:cd:ef:
c1:f1:4b:64:b1:ff:63:27:6d:e8:f1:bf:ae:dd:c3:12:01:72:
45:8c:3d:49:85:ec:1f:de:77:ab:af:b2:53:fb:e1:46:29:46:
54:db:ee:d3:ab:44:f0:a7:68:15:7d:a4:f9:c9:f3:87:3c:99:
7c:ec:e2:8e:fb:73:1e:e4:ed:b8:4d:84:26:f6:4f:7b:9f:a1:
d3:23:5f:2a:04:50:46:d0:17:85:5b:a1:4c:9f:e4:47:f0:1b:
b9:b1:dd:51:0d:55:b9:1b:5a:75:0a:95:87:e5:d6:93:3a:ad:
5e:b6:51:b7:e6:bf:3a:34:5e:a2:07:c3:25:cf:f1:56:64:10:
a1:8f:35:a6:05:7f:4d:59:3b:13:0a:76:ad:33:aa:72:da:ef:
12:84:5e:bc:9b:23:4e:cb:5a:0f:83:0f:44:d6:fe:17:61:d8:
a6:75:99:c8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICJZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKDExMTAzMTBFMEY4MDQ2NzcwM0Q4NDc3RkIzRUUyNUYx
RDg4ODhFOUUwHhcNMjYwNzE2MTUxMzEzWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU4ZjUwOS01Y2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm938NCYwBIqOvcQGxiFob3i01w/8PYaRkDsGfnjHM7bNgbPqxNNGZNeyhZfh
vE16RCWUXWwIYxlM//2Slwg2Cx6GpRJSuFdgHKIn+XkYhIHFX+5v/bM9jxkzO+eg
wCyfcCACR04CXcVXW8KY3UPba8Tn7F8w5ANyINUg6m9HC9J5M/cIGLsJRDwCO+NO
JJaUUfd4tbX7CXissKaKbC8AYfUzlc6miay9Kh5Kncm6zoFykax5fSi367wJZSim
nUw45CLePebFD715UqLnB0ZDAwgTGgfgz+DE0xGSRIGQIMCtVNfWczg9kB2BwP6v
+jpkxL/rmaXtCKjIbjnpP3PyMwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPrqp6ab
tPPng00WDJ7s54Wg60+MMB8GA1UdIwQYMBaAFBEQMQ4PgEZ3A9hHf7PuJfHYiI6e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC9GREVGRDczNjRC
RDYxMUU1QTdDQTMwMzNDNEY5QUUwMi9FUkF4RGctQVJuY0QyRWRfcy00bDhkaUlq
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VSQXhEZy1BUm5jRDJFZF9zLTRsOGRpSWpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvRkRFRkQ3MzY0QkQ2MTFFNUE3Q0EzMDMzQzRGOUFFMDIvODFFNkEwMzhC
RUJEMTFFQkExQkM4QTBGQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCiOSYMA0GCSqGSIb3DQEBCwUAA4IBAQBiFdcm/08/G1HDkpZ+lCmz
WpOixWFDV9yvnM1lhxL9xFaLSU3eUprqOhw6FxykhT2TN0Uq9ZW3+Yv2dUjwlEsv
BTywJ7DgldsBnOEc3aK665NMGxAW+hpOze/B8Utksf9jJ23o8b+u3cMSAXJFjD1J
hewf3nerr7JT++FGKUZU2+7Tq0Twp2gVfaT5yfOHPJl87OKO+3Me5O24TYQm9k97
n6HTI18qBFBG0BeFW6FMn+RH8Bu5sd1RDVW5G1p1CpWH5daTOq1etlG35r86NF6i
B8Mlz/FWZBChjzWmBX9NWTsTCnatM6py2u8ShF68myNOy1oPgw9E1v4XYdimdZnI
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:34:39 2026 by rpki-client