
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/F690CAECF87D11E9A746D05BC4F9AE02.roa
File: F690CAECF87D11E9A746D05BC4F9AE02.roa (raw, json)
Hash identifier: 9a0DmjZ9WtrPbMbEmNnoQ2iB4wOKOazyVMvcL5JNv20=
Subject key identifier: 76:96:DE:E1:61:18:EA:87:F1:E8:B4:0B:BC:7D:35:2B:D4:87:E7:DB
Certificate issuer: /CN=A91EBFB0/serialNumber=CC8509D31FB63A8DDD6BF2D3D84C7BC0B2BA3FC0
Certificate serial: 0D70
Authority key identifier: CC:85:09:D3:1F:B6:3A:8D:DD:6B:F2:D3:D8:4C:7B:C0:B2:BA:3F:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/F690CAECF87D11E9A746D05BC4F9AE02.roa
Signing time: Thu 16 Jul 2026 18:19:09 +0000
ROA not before: Thu 16 Jul 2026 18:19:09 +0000
ROA not after: Thu 30 Sep 2027 00:00:00 +0000
asID: 136759
IP address blocks: 103.95.96.0/22 maxlen: 24
103.197.204.0/22 maxlen: 24
2401:5a40::/32 maxlen: 32
2401:5a40::/48 maxlen: 48
2401:5a40:1::/48 maxlen: 48
2401:5a40:2::/48 maxlen: 48
2401:5a40:3::/48 maxlen: 48
2401:5a40:4::/48 maxlen: 48
2401:5a40:5::/48 maxlen: 48
2401:5a40:6::/48 maxlen: 48
2401:5a40:7::/48 maxlen: 48
2401:5a40:8::/48 maxlen: 48
2401:5a40:9::/48 maxlen: 48
2401:5a40:10::/48 maxlen: 48
2401:5a40:11::/48 maxlen: 48
2401:5a40:12::/48 maxlen: 48
2401:5a40:13::/48 maxlen: 48
2401:5a40:14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.crl
rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Jul 2026 18:19:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3440 (0xd70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBFB0, serialNumber=CC8509D31FB63A8DDD6BF2D3D84C7BC0B2BA3FC0
Validity
Not Before: Jul 16 18:19:09 2026 GMT
Not After : Sep 30 00:00:00 2027 GMT
Subject: CN=6a59209d-e7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:66:45:b9:35:2c:92:fd:a7:a1:87:e7:19:8a:
19:d3:74:78:db:d5:db:c9:81:7d:2a:1c:98:c0:21:
43:e3:87:39:1f:d3:81:d5:0c:28:20:8f:c3:fb:5e:
d3:1f:ec:da:b8:36:f6:ee:54:ca:50:d7:59:1a:74:
7b:ee:3d:31:54:33:57:98:35:70:3e:72:2a:38:74:
a0:8c:e6:2f:a5:5e:cc:4f:0e:37:8b:0c:bb:75:64:
88:89:14:8e:6b:07:7e:16:ed:9a:40:d2:83:d3:b6:
72:73:28:7a:76:4e:f1:22:bb:fa:b9:22:6f:6f:8b:
e6:62:11:99:0a:1f:f9:85:a9:94:9c:71:2e:0f:26:
ab:33:9f:9d:10:62:80:68:2c:56:89:f7:11:71:2d:
99:6b:6d:c6:0e:3f:62:51:85:7b:73:a4:0f:7c:3f:
f7:35:9e:06:1e:70:db:de:61:05:f9:fe:f7:5a:7e:
3c:bf:8c:1d:32:00:77:2f:f3:96:b4:73:d4:24:23:
c7:a4:21:66:37:35:44:01:e5:dc:d4:c6:9c:9d:d9:
2e:7e:46:cc:56:22:ef:85:80:35:90:d4:d6:1c:14:
d3:83:6e:ad:6e:98:37:e1:5f:61:c7:be:e1:fd:fe:
00:57:05:17:42:35:07:78:ad:86:d5:30:8e:a0:0d:
83:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:96:DE:E1:61:18:EA:87:F1:E8:B4:0B:BC:7D:35:2B:D4:87:E7:DB
X509v3 Authority Key Identifier:
keyid:CC:85:09:D3:1F:B6:3A:8D:DD:6B:F2:D3:D8:4C:7B:C0:B2:BA:3F:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/F690CAECF87D11E9A746D05BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.95.96.0/22
103.197.204.0/22
IPv6:
2401:5a40::/32
Signature Algorithm: sha256WithRSAEncryption
2a:6e:1a:7d:1a:72:ea:17:00:1e:d0:c9:cf:9f:8d:c5:6c:04:
f9:a1:91:92:9b:fc:7e:b6:12:fd:ef:e6:4e:2c:62:b5:a7:a3:
26:81:df:e9:b8:f3:00:0e:0a:7a:f0:df:92:2e:67:ed:43:4c:
c9:bc:0e:6f:52:07:90:4d:98:87:68:a9:ef:6f:66:0b:3b:df:
dc:d2:b5:40:c6:20:4f:12:f1:8a:d5:42:3c:4c:36:d1:c5:05:
ea:97:93:bf:25:0c:2a:2c:82:a7:04:40:be:68:d7:e2:bc:2b:
d2:28:44:12:42:d8:97:6f:d0:b7:63:65:00:f9:42:b6:df:ff:
4b:33:26:9c:a2:ff:65:76:6b:da:ab:6a:72:52:aa:4a:d1:98:
5a:37:9c:28:b8:0f:3c:f7:fb:3b:2c:d2:41:cc:a2:52:e3:1d:
40:3b:d9:65:dd:21:8c:4c:9e:00:72:72:9a:26:5d:2d:e2:57:
9e:28:96:e1:6e:58:f2:29:33:3f:e5:75:b2:d3:83:72:4f:47:
98:1c:44:66:64:c8:6d:6b:ca:ce:09:31:4f:ab:00:cd:57:53:
ec:4d:cf:64:4f:cf:a5:3a:6a:32:c3:7b:c2:55:49:dc:a9:dc:
a2:28:d4:90:e0:3c:11:4e:90:b0:79:0e:87:f0:8e:8d:f4:2b:
b9:7c:3c:64
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICDXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJGQjAxMTAvBgNVBAUTKENDODUwOUQzMUZCNjNBOERERDZCRjJEM0Q4NEM3QkMw
QjJCQTNGQzAwHhcNMjYwNzE2MTgxOTA5WhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTU5MjA5ZC1lN2U5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv2ZFuTUskv2noYfnGYoZ03R429XbyYF9KhyYwCFD44c5H9OB1QwoII/D+17T
H+zauDb27lTKUNdZGnR77j0xVDNXmDVwPnIqOHSgjOYvpV7MTw43iwy7dWSIiRSO
awd+Fu2aQNKD07Zycyh6dk7xIrv6uSJvb4vmYhGZCh/5hamUnHEuDyarM5+dEGKA
aCxWifcRcS2Za23GDj9iUYV7c6QPfD/3NZ4GHnDb3mEF+f73Wn48v4wdMgB3L/OW
tHPUJCPHpCFmNzVEAeXc1MacndkufkbMViLvhYA1kNTWHBTTg26tbpg34V9hx77h
/f4AVwUXQjUHeK2G1TCOoA2DNwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFHaW3uFh
GOqH8ei0C7x9NSvUh+fbMB8GA1UdIwQYMBaAFMyFCdMftjqN3Wvy09hMe8Cyuj/A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkZCMC9BM0FCNDNCMkY4
N0MxMUU5QUEyQ0YxNThDNEY5QUUwMi96SVVKMHgtMk9vM2RhX0xUMkV4N3dMSzZQ
OEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pJVUoweC0yT28zZGFfTFQyRXg3d0xLNlA4QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJGQjAvQTNBQjQzQjJGODdDMTFFOUFBMkNGMTU4QzRGOUFFMDIvRjY5MENBRUNG
ODdEMTFFOUE3NDZEMDVCQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCZ19gAwQCZ8XMMA0EAgACMAcDBQAkAVpAMA0GCSqGSIb3DQEBCwUA
A4IBAQAqbhp9GnLqFwAe0MnPn43FbAT5oZGSm/x+thL97+ZOLGK1p6Mmgd/puPMA
Dgp68N+SLmftQ0zJvA5vUgeQTZiHaKnvb2YLO9/c0rVAxiBPEvGK1UI8TDbRxQXq
l5O/JQwqLIKnBEC+aNfivCvSKEQSQtiXb9C3Y2UA+UK23/9LMyacov9ldmvaq2py
UqpK0ZhaN5wouA889/s7LNJBzKJS4x1AO9ll3SGMTJ4AcnKaJl0t4leeKJbhbljy
KTM/5XWy04NyT0eYHERmZMhta8rOCTFPqwDNV1PsTc9kT8+lOmoyw3vCVUncqdyi
KNSQ4DwRTpCweQ6H8I6N9Cu5fDxk
-----END CERTIFICATE-----
Generated at Sat Jul 18 06:29:22 2026 by rpki-client