This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa File: CBAFF664136B11EFB53F2683C4F9AE02.roa (raw, json) Hash identifier: E6jvgXL/Ix4dKJJZE/v870wInYVV+abXs6FhDuV8FYs= Subject key identifier: C5:E6:91:6F:99:96:D3:D5:AD:DD:5B:82:4A:0B:0E:71:38:3C:FE:FF Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Certificate serial: 1FBE Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa Signing time: Mon 24 Nov 2025 10:02:02 +0000 ROA not before: Mon 24 Nov 2025 10:02:02 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 58777 IP address blocks: 113.240.205.0/24 maxlen: 24 202.67.0.0/22 maxlen: 24 202.73.128.0/22 maxlen: 24 202.191.72.0/21 maxlen: 24 203.33.67.0/24 maxlen: 24 203.33.68.0/24 maxlen: 24 203.33.73.0/24 maxlen: 24 203.33.79.0/24 maxlen: 24 203.33.100.0/24 maxlen: 24 203.33.122.0/24 maxlen: 24 203.33.129.0/24 maxlen: 24 203.33.131.0/24 maxlen: 24 240e:108:4040::/48 maxlen: 48 240e:108:4047::/48 maxlen: 48 240e:108:4060::/48 maxlen: 48 240e:108:4360::/48 maxlen: 48 240e:108:4820::/48 maxlen: 48 240e:108:4840::/48 maxlen: 48 240e:108:4847::/48 maxlen: 48 240e:108:4860::/48 maxlen: 48 240e:108:4b60::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 15:10:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8126 (0x1fbe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE4, serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Validity Not Before: Nov 24 10:02:02 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69242d1a-77d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:4f:a2:a5:a8:c8:06:76:86:b1:63:34:e6:63: 09:27:e0:6a:7c:b8:da:53:f9:30:8f:94:6b:cc:eb: 2d:59:a5:20:9b:ad:d4:45:8a:20:ac:e1:08:69:c2: 40:f5:f6:de:30:4d:75:3b:43:a6:c5:3f:8e:98:25: cf:be:7d:d0:a8:4f:e6:eb:0e:da:3c:6b:32:c0:fd: 5a:04:1b:ea:b5:17:0d:b5:ea:90:e6:7e:08:e8:e1: 33:39:96:3e:45:d8:b1:0d:5d:0c:a0:89:c8:0c:4c: f2:27:09:16:84:68:5d:6e:32:8f:d7:2e:59:40:db: 30:46:0e:91:ee:0a:14:7f:24:e1:75:ff:3d:a4:d4: 9d:c2:32:c8:87:22:73:3a:da:98:7b:7f:b1:07:41: 0c:c5:18:b7:23:81:d1:25:6c:e3:c2:4b:00:3e:f2: 9c:eb:1e:df:7f:86:df:bc:f4:f0:6b:2d:bf:f5:74: 23:dc:be:7f:f2:9d:65:6b:ac:4a:60:80:3b:97:75: 0d:ba:12:1e:47:ac:b1:47:a9:27:30:e3:3a:f7:09: 71:a9:c6:21:48:06:af:37:1c:2f:9c:0e:90:c5:2d: c0:8a:ed:1c:61:76:b3:87:c1:76:55:cb:2d:0e:42: aa:59:14:14:32:a7:c7:3b:bb:21:2a:69:a9:d5:bc: 32:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:E6:91:6F:99:96:D3:D5:AD:DD:5B:82:4A:0B:0E:71:38:3C:FE:FF X509v3 Authority Key Identifier: keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 113.240.205.0/24 202.67.0.0/22 202.73.128.0/22 202.191.72.0/21 203.33.67.0-203.33.68.255 203.33.73.0/24 203.33.79.0/24 203.33.100.0/24 203.33.122.0/24 203.33.129.0/24 203.33.131.0/24 IPv6: 240e:108:4040::/48 240e:108:4047::/48 240e:108:4060::/48 240e:108:4360::/48 240e:108:4820::/48 240e:108:4840::/48 240e:108:4847::/48 240e:108:4860::/48 240e:108:4b60::/48 Signature Algorithm: sha256WithRSAEncryption 99:9d:c6:0d:f0:29:ce:9a:e2:fc:a1:1e:77:be:64:00:c9:78: a1:07:f7:a9:10:ae:1a:59:1f:02:f4:ef:8b:1a:60:ae:1c:d2: a7:3b:eb:68:52:74:93:df:51:74:e8:c9:f0:93:d3:56:5e:d4: 74:48:02:45:41:e4:e1:46:db:46:b4:a9:03:07:4c:b3:c1:c5: 44:ba:04:c0:af:cf:e5:5a:f0:00:92:b4:6e:95:b8:4b:19:14: bf:7e:e4:60:c2:e8:1a:f7:41:6f:83:1b:86:ae:14:1e:b3:e7: aa:af:75:3a:3b:c6:5a:e5:06:fa:54:2e:9b:d6:bf:18:82:18: 7a:4d:76:0c:04:78:b2:87:45:6c:85:dd:1e:4f:b7:d9:b5:2a: cc:d2:b5:d1:24:8d:e2:96:0c:8c:be:18:72:a0:03:da:60:1b: 49:08:72:58:18:4a:7d:74:a2:2f:1b:ff:9c:11:a3:c2:c3:66: 76:e1:db:15:bd:d9:0d:b2:08:2f:07:c2:2c:fa:47:30:31:8b: 0a:ac:83:f1:a1:8a:ea:4a:e9:fe:03:6c:22:e0:09:17:48:a8: 17:bf:38:59:bc:7e:ab:95:c8:2c:76:1a:98:3d:79:62:24:d9: 57:84:e5:fb:19:07:8e:53:1e:b7:eb:b2:62:53:96:00:8d:bd: 85:f7:1a:c2 -----BEGIN CERTIFICATE----- MIIGETCCBPmgAwIBAgICH74wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1 NkU4QUM4QkEwHhcNMjUxMTI0MTAwMjAyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTI0MmQxYS03N2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA60+ipajIBnaGsWM05mMJJ+BqfLjaU/kwj5RrzOstWaUgm63URYogrOEIacJA 9fbeME11O0OmxT+OmCXPvn3QqE/m6w7aPGsywP1aBBvqtRcNteqQ5n4I6OEzOZY+ RdixDV0MoInIDEzyJwkWhGhdbjKP1y5ZQNswRg6R7goUfyThdf89pNSdwjLIhyJz OtqYe3+xB0EMxRi3I4HRJWzjwksAPvKc6x7ff4bfvPTway2/9XQj3L5/8p1la6xK YIA7l3UNuhIeR6yxR6knMOM69wlxqcYhSAavNxwvnA6QxS3Aiu0cYXazh8F2Vcst DkKqWRQUMqfHO7shKmmp1bwyywIDAQABo4IDNTCCAzEwHQYDVR0OBBYEFMXmkW+Z ltPVrd1bgkoLDnE4PP7/MB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1 NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5 TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvQ0JBRkY2NjQx MzZCMTFFRkI1M0YyNjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgb4GCCsGAQUFBwEHAQH/ BIGuMIGrMFAEAgABMEoDBABx8M0DBALKQwADBALKSYADBAPKv0gwDAMEAMshQwME AMshRAMEAMshSQMEAMshTwMEAMshZAMEAMshegMEAMshgQMEAMshgzBXBAIAAjBR AwcAJA4BCEBAAwcAJA4BCEBHAwcAJA4BCEBgAwcAJA4BCENgAwcAJA4BCEggAwcA JA4BCEhAAwcAJA4BCEhHAwcAJA4BCEhgAwcAJA4BCEtgMA0GCSqGSIb3DQEBCwUA A4IBAQCZncYN8CnOmuL8oR53vmQAyXihB/epEK4aWR8C9O+LGmCuHNKnO+toUnST 31F06Mnwk9NWXtR0SAJFQeThRttGtKkDB0yzwcVEugTAr8/lWvAAkrRulbhLGRS/ fuRgwuga90FvgxuGrhQes+eqr3U6O8Za5Qb6VC6b1r8Yghh6TXYMBHiyh0Vshd0e T7fZtSrM0rXRJI3ilgyMvhhyoAPaYBtJCHJYGEp9dKIvG/+cEaPCw2Z24dsVvdkN sggvB8Is+kcwMYsKrIPxoYrqSun+A2wi4AkXSKgXvzhZvH6rlcgsdhqYPXliJNlX hOX7GQeOUx6367JiU5YAjb2F9xrC -----END CERTIFICATE-----Generated at Sat Dec 6 22:47:01 2025 by rpki-client