
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/44A51948960811ECA04A0086C4F9AE02/29D2F7BE0CA711ED98CF681AC4F9AE02.roa
File: 29D2F7BE0CA711ED98CF681AC4F9AE02.roa (raw, json)
Hash identifier: eYryKgNZm2qZqdFNNTLzTj59Jc409yodEwjuUOxXoJY=
Subject key identifier: 16:7C:C5:07:E5:30:EF:23:AD:2D:0A:77:10:A9:E0:8B:00:B0:B9:F3
Certificate issuer: /CN=A91E504E/serialNumber=04EE076A5DFA948C38F83C8CAC20FE0E8E86D80B
Certificate serial: 04CA
Authority key identifier: 04:EE:07:6A:5D:FA:94:8C:38:F8:3C:8C:AC:20:FE:0E:8E:86:D8:0B
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/BO4Hal36lIw4-DyMrCD-Do6G2As.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/44A51948960811ECA04A0086C4F9AE02/29D2F7BE0CA711ED98CF681AC4F9AE02.roa
Signing time: Mon 02 Mar 2026 12:31:30 +0000
ROA not before: Fri 01 Aug 2025 02:07:36 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 133861
IP address blocks: 217.194.132.0/24 maxlen: 24
217.194.133.0/24 maxlen: 24
217.194.134.0/24 maxlen: 24
217.194.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/44A51948960811ECA04A0086C4F9AE02/BO4Hal36lIw4-DyMrCD-Do6G2As.crl
rsync://rpki.apnic.net/member_repository/A91E504E/44A51948960811ECA04A0086C4F9AE02/BO4Hal36lIw4-DyMrCD-Do6G2As.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/BO4Hal36lIw4-DyMrCD-Do6G2As.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 12:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1226 (0x4ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E504E, serialNumber=04EE076A5DFA948C38F83C8CAC20FE0E8E86D80B
Validity
Not Before: Aug 1 02:07:36 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a58322-63db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c0:e7:49:9f:8c:84:1b:fd:ef:8d:6c:da:f4:
1e:47:c5:b5:d1:fc:4e:67:a7:09:dd:7d:10:fc:a4:
1c:53:e2:66:74:3b:27:fe:93:cb:95:8b:98:68:bc:
97:78:a8:ff:87:5c:c3:a5:47:1f:52:81:2a:60:86:
38:65:ef:c3:ff:9f:a4:8f:50:8f:eb:5f:3d:28:ba:
c7:15:f9:49:0e:98:2b:20:f9:71:1d:56:1a:1e:95:
d7:9d:b6:4d:e7:95:89:c2:e4:5e:9f:30:0c:4d:b5:
c7:3e:5f:1e:76:83:c4:9b:bd:4a:d1:ea:28:0c:a5:
18:8c:64:0a:09:97:6a:31:1d:7e:7c:ba:a3:e6:de:
cd:b9:4d:97:c6:80:99:fb:37:0e:2f:fc:92:19:bf:
e2:a8:28:56:02:20:e0:2f:e0:0b:92:73:3c:7c:d2:
aa:eb:cc:b4:87:25:b6:a3:67:4d:d2:0e:47:83:3d:
31:d9:94:d8:87:c2:74:e3:c7:17:14:ae:2b:64:4c:
e0:95:15:fa:a6:52:ba:25:d7:49:b2:82:dc:2d:1e:
0f:ba:8c:f0:3d:11:5b:98:fe:bd:0d:e3:a9:fa:03:
c7:04:62:4c:e8:73:63:e8:3b:31:a1:32:7a:05:bd:
01:a0:b8:6a:05:88:33:40:26:f4:d8:28:13:20:d3:
8e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7C:C5:07:E5:30:EF:23:AD:2D:0A:77:10:A9:E0:8B:00:B0:B9:F3
X509v3 Authority Key Identifier:
keyid:04:EE:07:6A:5D:FA:94:8C:38:F8:3C:8C:AC:20:FE:0E:8E:86:D8:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E504E/44A51948960811ECA04A0086C4F9AE02/BO4Hal36lIw4-DyMrCD-Do6G2As.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/BO4Hal36lIw4-DyMrCD-Do6G2As.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/44A51948960811ECA04A0086C4F9AE02/29D2F7BE0CA711ED98CF681AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
217.194.132.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:02:17:e4:f0:d4:f4:92:fb:8b:da:18:25:3f:c9:a5:6d:02:
cc:5e:82:65:b0:28:be:f2:eb:1d:2e:d2:b6:b9:79:61:22:e4:
37:22:34:dc:ca:ef:36:90:ce:31:87:02:e3:01:b4:bd:29:88:
b3:a9:39:46:7d:fb:39:bf:87:89:db:de:59:13:0c:ac:8b:52:
ec:07:77:5e:30:9a:ec:b3:32:86:72:da:b8:97:0c:b9:a3:dc:
73:84:2a:22:cc:04:93:99:5f:b9:90:86:5a:e7:4c:01:ab:b0:
81:6f:f7:33:09:6c:56:2a:7b:54:7a:03:a1:ce:e5:21:e4:46:
42:01:bf:a4:71:b6:87:c5:45:8f:bb:26:53:16:23:0a:86:50:
bb:2d:33:5d:17:16:3d:9a:ab:ae:8f:16:b6:3c:0e:e2:dd:5e:
4a:91:f4:b9:98:1f:6f:f7:64:83:8a:3b:ae:bc:c2:55:40:a0:
30:30:eb:95:63:3a:21:d7:13:8c:92:db:69:8b:73:f9:51:e7:
32:73:cd:13:29:4a:bd:4b:a2:fa:f6:22:53:09:ce:cb:50:93:
fb:91:c7:1f:88:49:d0:e8:d3:e7:7f:e0:0b:32:01:14:e8:6c:
68:93:64:db:ce:81:aa:44:98:17:40:df:4a:39:68:0b:32:34:
ba:d1:dc:a1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICBMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTUwNEUxMTAvBgNVBAUTKDA0RUUwNzZBNURGQTk0OEMzOEY4M0M4Q0FDMjBGRTBF
OEU4NkQ4MEIwHhcNMjUwODAxMDIwNzM2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1ODMyMi02M2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxcDnSZ+MhBv9741s2vQeR8W10fxOZ6cJ3X0Q/KQcU+JmdDsn/pPLlYuYaLyX
eKj/h1zDpUcfUoEqYIY4Ze/D/5+kj1CP6189KLrHFflJDpgrIPlxHVYaHpXXnbZN
55WJwuRenzAMTbXHPl8edoPEm71K0eooDKUYjGQKCZdqMR1+fLqj5t7NuU2XxoCZ
+zcOL/ySGb/iqChWAiDgL+ALknM8fNKq68y0hyW2o2dN0g5Hgz0x2ZTYh8J048cX
FK4rZEzglRX6plK6JddJsoLcLR4PuozwPRFbmP69DeOp+gPHBGJM6HNj6DsxoTJ6
Bb0BoLhqBYgzQCb02CgTINOOgQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFBZ8xQfl
MO8jrS0KdxCp4IsAsLnzMB8GA1UdIwQYMBaAFATuB2pd+pSMOPg8jKwg/g6OhtgL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS80NEE1MTk0ODk2
MDgxMUVDQTA0QTAwODZDNEY5QUUwMi9CTzRIYWwzNmxJdzQtRHlNckNELURvNkcy
QXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL0JPNEhhbDM2bEl3NC1EeU1yQ0QtRG82RzJBcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTUwNEUvNDRBNTE5NDg5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvMjlEMkY3QkUw
Q0E3MTFFRDk4Q0Y2ODFBQzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQC2cKEMA0GCSqGSIb3DQEBCwUAA4IBAQC1Ahfk8NT0kvuL2hglP8ml
bQLMXoJlsCi+8usdLtK2uXlhIuQ3IjTcyu82kM4xhwLjAbS9KYizqTlGffs5v4eJ
295ZEwysi1LsB3deMJrsszKGctq4lwy5o9xzhCoizASTmV+5kIZa50wBq7CBb/cz
CWxWKntUegOhzuUh5EZCAb+kcbaHxUWPuyZTFiMKhlC7LTNdFxY9mquujxa2PA7i
3V5KkfS5mB9v92SDijuuvMJVQKAwMOuVYzoh1xOMkttpi3P5Uecyc80TKUq9S6L6
9iJTCc7LUJP7kccfiEnQ6NPnf+ALMgEU6Gxok2TbzoGqRJgXQN9KOWgLMjS60dyh
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:47:56 2026 by rpki-client