This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/B34FF580C40C11EB9C21CF7BC4F9AE02.roa File: B34FF580C40C11EB9C21CF7BC4F9AE02.roa (raw, json) Hash identifier: WsCaaQ8L1bxWhxg54hjuG1Go8zBEJwAX8ylibjmK7QQ= Subject key identifier: BD:AD:7D:49:EA:C5:70:FD:1C:89:F3:83:2C:CA:1E:3E:48:2D:6F:EF Certificate issuer: /CN=A913ED35/serialNumber=7EE945E9E5E51C4B41D99C4332952F9C95876608 Certificate serial: 3569 Authority key identifier: 7E:E9:45:E9:E5:E5:1C:4B:41:D9:9C:43:32:95:2F:9C:95:87:66:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fulF6eXlHEtB2ZxDMpUvnJWHZgg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/B34FF580C40C11EB9C21CF7BC4F9AE02.roa Signing time: Fri 02 Jan 2026 06:54:48 +0000 ROA not before: Fri 02 Jan 2026 06:54:48 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 24550 IP address blocks: 43.228.192.0/22 maxlen: 24 103.225.244.0/22 maxlen: 24 111.119.32.0/19 maxlen: 19 111.119.32.0/21 maxlen: 24 111.119.48.0/20 maxlen: 24 116.90.224.0/20 maxlen: 24 118.91.160.0/20 maxlen: 24 2400:9700::/32 maxlen: 32 2400:9700:5::/48 maxlen: 48 2400:9700:6::/48 maxlen: 48 2400:9700:7::/48 maxlen: 48 2400:9700:8::/48 maxlen: 48 2400:9700:20::/44 maxlen: 44 2400:9700:100::/44 maxlen: 44 2400:9700:100::/48 maxlen: 48 2400:9700:103::/48 maxlen: 48 2400:9700:110::/44 maxlen: 44 2400:9700:110::/48 maxlen: 48 2400:9700:120::/44 maxlen: 44 2400:9700:120::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/fulF6eXlHEtB2ZxDMpUvnJWHZgg.crl rsync://rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/fulF6eXlHEtB2ZxDMpUvnJWHZgg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fulF6eXlHEtB2ZxDMpUvnJWHZgg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 31 Jan 2026 14:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13673 (0x3569) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913ED35, serialNumber=7EE945E9E5E51C4B41D99C4332952F9C95876608 Validity Not Before: Jan 2 06:54:48 2026 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=69576bb8-3a8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:05:b2:c0:20:b4:bd:79:4f:22:db:e7:33:f3: b7:b4:34:ac:dc:8e:7c:b2:c5:59:ac:a3:c6:02:18: e6:1e:3d:7a:44:20:4b:3a:75:b6:63:1b:20:f4:7b: 79:6e:14:78:3c:aa:8f:30:ba:77:a0:0c:a8:06:11: 10:99:30:e3:c4:a7:ce:32:b7:47:16:81:18:4b:77: 37:d5:1f:e3:4f:d8:74:09:b5:f8:a4:c9:5a:26:25: 06:67:16:bc:05:07:8e:bf:62:59:16:14:ec:8f:54: 12:17:ab:ba:fb:b9:27:ba:ff:be:de:66:97:3d:73: ec:93:b5:1c:13:85:a1:21:01:c4:3b:5b:74:ad:7f: d5:51:e8:f0:44:c0:52:77:2d:30:02:17:55:2c:d4: 8c:0b:09:f3:1f:aa:6e:6a:21:2b:1f:42:8e:ce:ea: 35:bd:20:c9:d7:09:44:cb:21:b5:56:a2:7c:8f:a6: 02:52:5b:b6:b5:02:aa:87:02:51:71:2a:ab:5e:c1: b1:c1:1b:ba:25:a5:da:f1:b3:05:d6:9c:0a:b4:96: 85:9c:d7:bf:03:21:94:f9:18:d1:22:0b:1f:e9:bf: 2f:fa:02:df:78:21:be:d0:a3:48:8e:0c:01:59:d7: 4e:56:11:02:ed:98:89:bf:e5:1c:96:ab:03:45:68: fe:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:AD:7D:49:EA:C5:70:FD:1C:89:F3:83:2C:CA:1E:3E:48:2D:6F:EF X509v3 Authority Key Identifier: keyid:7E:E9:45:E9:E5:E5:1C:4B:41:D9:9C:43:32:95:2F:9C:95:87:66:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/fulF6eXlHEtB2ZxDMpUvnJWHZgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fulF6eXlHEtB2ZxDMpUvnJWHZgg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ED35/B63BA7EE1D9411E29D1A2EF908B02CD2/B34FF580C40C11EB9C21CF7BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.192.0/22 103.225.244.0/22 111.119.32.0/19 116.90.224.0/20 118.91.160.0/20 IPv6: 2400:9700::/32 Signature Algorithm: sha256WithRSAEncryption 33:0e:e9:48:7e:cd:4e:c0:a6:82:30:d5:74:9a:b1:c5:ae:8a: 09:28:d4:fa:88:c1:9e:bb:91:53:0d:fd:c8:43:d4:a3:72:c9: e6:c6:ea:34:13:ab:3b:ea:8f:b2:31:d0:50:08:b6:1e:ca:ff: 99:91:f7:bd:5a:36:1f:55:39:8d:6e:04:09:d3:96:33:d0:3c: 6d:76:56:35:25:a7:a0:fb:64:6c:22:1f:68:92:9c:32:20:c2: 91:4c:38:14:2c:6e:db:75:06:b0:86:6b:22:45:90:79:65:d9: 8c:3a:fc:1e:65:de:93:d1:7a:6a:3e:e2:73:96:5d:c4:3b:ea: d7:fb:02:0a:8b:f8:6b:c2:b7:c4:77:1b:dd:ce:38:27:3b:97: 3e:cd:f2:c7:ed:1f:35:73:e9:1a:51:c5:74:05:00:bf:32:a6: 82:7d:44:e5:ef:6f:09:5c:6c:b4:27:e4:e6:c7:95:d8:41:8e: 25:05:e3:04:e4:72:30:d9:5b:db:ff:b1:27:1c:96:d4:93:91: 54:4c:2c:d2:43:1b:7b:18:5b:45:d3:a7:d0:c5:43:cf:89:09: cc:de:5c:fc:5f:a3:9d:3f:45:87:ad:0a:b3:65:98:a4:1a:b8: 4e:30:b3:9a:81:63:ef:22:f8:c2:01:aa:40:e4:37:50:31:13: a3:3f:89:43 -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgICNWkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0VEMzUxMTAvBgNVBAUTKDdFRTk0NUU5RTVFNTFDNEI0MUQ5OUM0MzMyOTUyRjlD OTU4NzY2MDgwHhcNMjYwMTAyMDY1NDQ4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTU3NmJiOC0zYThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApwWywCC0vXlPItvnM/O3tDSs3I58ssVZrKPGAhjmHj16RCBLOnW2Yxsg9Ht5 bhR4PKqPMLp3oAyoBhEQmTDjxKfOMrdHFoEYS3c31R/jT9h0CbX4pMlaJiUGZxa8 BQeOv2JZFhTsj1QSF6u6+7knuv++3maXPXPsk7UcE4WhIQHEO1t0rX/VUejwRMBS dy0wAhdVLNSMCwnzH6puaiErH0KOzuo1vSDJ1wlEyyG1VqJ8j6YCUlu2tQKqhwJR cSqrXsGxwRu6JaXa8bMF1pwKtJaFnNe/AyGU+RjRIgsf6b8v+gLfeCG+0KNIjgwB WddOVhEC7ZiJv+UclqsDRWj+twIDAQABo4ICvDCCArgwHQYDVR0OBBYEFL2tfUnq xXD9HInzgyzKHj5ILW/vMB8GA1UdIwQYMBaAFH7pRenl5RxLQdmcQzKVL5yVh2YI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRUQzNS9CNjNCQTdFRTFE OTQxMUUyOUQxQTJFRjkwOEIwMkNEMi9mdWxGNmVYbEhFdEIyWnhETXBVdm5KV0ha Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2Z1bEY2ZVhsSEV0QjJaeERNcFV2bkpXSFpnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx M0VEMzUvQjYzQkE3RUUxRDk0MTFFMjlEMUEyRUY5MDhCMDJDRDIvQjM0RkY1ODBD NDBDMTFFQjlDMjFDRjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E NzA1MCQEAgABMB4DBAIr5MADBAJn4fQDBAVvdyADBAR0WuADBAR2W6AwDQQCAAIw BwMFACQAlwAwDQYJKoZIhvcNAQELBQADggEBADMO6Uh+zU7ApoIw1XSascWuigko 1PqIwZ67kVMN/chD1KNyyebG6jQTqzvqj7Ix0FAIth7K/5mR971aNh9VOY1uBAnT ljPQPG12VjUlp6D7ZGwiH2iSnDIgwpFMOBQsbtt1BrCGayJFkHll2Yw6/B5l3pPR emo+4nOWXcQ76tf7AgqL+GvCt8R3G93OOCc7lz7N8sftHzVz6RpRxXQFAL8ypoJ9 ROXvbwlcbLQn5ObHldhBjiUF4wTkcjDZW9v/sSccltSTkVRMLNJDG3sYW0XTp9DF Q8+JCczeXPxfo50/RYetCrNlmKQauE4ws5qBY+8i+MIBqkDkN1AxE6M/iUM= -----END CERTIFICATE-----Generated at Sun Jan 25 11:06:19 2026 by rpki-client