This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa File: 4335BE9C0D0611EFA3ECB057C4F9AE02.roa (raw, json) Hash identifier: Qm9GDIA0MPfeF1zwxNI3C0uw4KiP3Msw73zwSjWGIiA= Subject key identifier: 1F:A1:F0:99:57:5C:1C:DC:A2:56:DC:F9:11:7E:E7:BC:3D:DD:6D:E1 Certificate issuer: /CN=A9161099/serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045 Certificate serial: 0146 Authority key identifier: 03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa Signing time: Mon 10 Nov 2025 02:50:17 +0000 ROA not before: Mon 10 Nov 2025 02:50:17 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 16509 IP address blocks: 121.127.32.0/24 maxlen: 24 202.157.180.0/23 maxlen: 24 2401:cb60::/48 maxlen: 48 2401:cb60:1::/48 maxlen: 48 2401:cb60:2::/48 maxlen: 48 2401:cb60:3::/48 maxlen: 48 2401:cb60:4::/48 maxlen: 48 2401:cb60:5::/48 maxlen: 48 2401:cb60:6::/48 maxlen: 48 2401:cb60:7::/48 maxlen: 48 2401:cb60:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.crl rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 02:44:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 326 (0x146) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9161099, serialNumber=03A02E2F5DABF0FF3938628BC4FF5FB61653F045 Validity Not Before: Nov 10 02:50:17 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=691152e9-c8c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:51:1f:e3:9c:2f:5a:17:30:0a:19:98:c7:e0: 64:b5:a6:d6:26:2b:ef:c9:76:3d:bf:25:67:10:60: c1:d2:a0:ed:61:29:08:d7:06:26:b2:d5:1e:87:d0: f4:8e:83:24:df:63:14:b6:90:0b:c7:27:4f:e6:39: 17:79:55:d5:1d:42:50:87:67:84:4a:36:28:1a:6b: 60:58:25:b0:f5:37:f5:a3:15:5a:66:fb:8c:e1:eb: 84:1c:da:b8:06:81:d2:72:f8:4d:b5:24:3e:44:52: c6:eb:0a:36:be:68:01:7e:39:6a:f6:70:3c:32:cf: 5c:a6:21:44:7c:9a:68:e4:ab:c5:d1:2d:ed:25:52: c0:cd:22:7b:9d:6c:fa:04:12:d3:1d:6c:a1:f3:6f: 70:13:b0:ac:08:4a:ee:08:e5:03:ca:5e:e2:2f:e3: 6f:b8:81:7c:54:32:e3:35:2a:9b:7c:8b:a8:46:81: 9a:c0:eb:05:47:fa:5f:a0:29:34:aa:f1:a6:d1:c1: 07:b0:9d:2a:8a:c9:4c:6c:b9:92:9b:00:62:09:9f: f1:c2:37:92:b4:59:20:fc:e7:15:46:68:c6:71:41: e5:3b:12:56:47:be:a9:a5:be:68:b3:05:25:26:f6: 01:b8:cc:5b:89:20:53:6c:3f:9a:a8:93:7d:bf:00: 4d:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:A1:F0:99:57:5C:1C:DC:A2:56:DC:F9:11:7E:E7:BC:3D:DD:6D:E1 X509v3 Authority Key Identifier: keyid:03:A0:2E:2F:5D:AB:F0:FF:39:38:62:8B:C4:FF:5F:B6:16:53:F0:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/A6AuL12r8P85OGKLxP9fthZT8EU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6AuL12r8P85OGKLxP9fthZT8EU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161099/FD367C700D0411EF85E46F55C4F9AE02/4335BE9C0D0611EFA3ECB057C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 121.127.32.0/24 202.157.180.0/23 IPv6: 2401:cb60::-2401:cb60:8:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 68:c0:28:92:af:de:0a:f4:d9:68:00:1c:68:06:b4:3f:8d:9f: 64:40:55:02:08:e5:73:a4:2e:b2:14:24:7c:f4:03:8b:de:74: 84:50:55:a2:2d:21:c2:e8:c6:06:d7:c2:77:ae:e5:91:13:f2: 61:07:06:a1:c3:99:cb:d6:f9:d2:72:a0:37:22:9f:b6:42:66: 9f:ef:99:c3:96:16:32:24:31:db:2a:fe:e2:b7:19:ee:2e:95: 29:fe:c4:74:a8:87:4b:6d:e7:65:5e:62:91:db:56:31:7d:b7: 09:5f:b6:63:6f:60:74:3d:ad:f7:2a:b5:7d:65:4f:a8:b7:3c: 8b:86:88:cf:93:d1:80:81:14:0e:01:71:47:96:12:b4:6e:5d: 81:68:bf:f5:a6:87:c7:cc:a9:7d:7b:fb:2c:90:6c:e4:28:d1: 17:36:d6:3d:52:f8:ce:a0:84:b9:00:1a:a8:6f:17:28:29:81: cd:d0:f1:ee:aa:66:5a:df:ea:70:45:82:00:56:7e:15:4a:b3: eb:a5:88:c7:c2:05:45:fa:6c:04:ed:af:54:6f:22:a1:85:7c: 2e:66:20:6c:88:44:fe:a5:68:51:27:c6:89:f8:d9:97:5c:e0: 24:1e:8f:e8:35:fb:b5:7d:7d:e8:83:cc:97:75:4c:2d:34:6e: 4e:7c:02:c1 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICAUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjEwOTkxMTAvBgNVBAUTKDAzQTAyRTJGNURBQkYwRkYzOTM4NjI4QkM0RkY1RkI2 MTY1M0YwNDUwHhcNMjUxMTEwMDI1MDE3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTExNTJlOS1jOGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvFEf45wvWhcwChmYx+BktabWJivvyXY9vyVnEGDB0qDtYSkI1wYmstUeh9D0 joMk32MUtpALxydP5jkXeVXVHUJQh2eESjYoGmtgWCWw9Tf1oxVaZvuM4euEHNq4 BoHScvhNtSQ+RFLG6wo2vmgBfjlq9nA8Ms9cpiFEfJpo5KvF0S3tJVLAzSJ7nWz6 BBLTHWyh829wE7CsCEruCOUDyl7iL+NvuIF8VDLjNSqbfIuoRoGawOsFR/pfoCk0 qvGm0cEHsJ0qislMbLmSmwBiCZ/xwjeStFkg/OcVRmjGcUHlOxJWR76ppb5oswUl JvYBuMxbiSBTbD+aqJN9vwBNcwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFB+h8JlX XBzcolbc+RF+57w93W3hMB8GA1UdIwQYMBaAFAOgLi9dq/D/OThii8T/X7YWU/BF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTA5OS9GRDM2N0M3MDBE MDQxMUVGODVFNDZGNTVDNEY5QUUwMi9BNkF1TDEycjhQODVPR0tMeFA5ZnRoWlQ4 RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0E2QXVMMTJyOFA4NU9HS0x4UDlmdGhaVDhFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjEwOTkvRkQzNjdDNzAwRDA0MTFFRjg1RTQ2RjU1QzRGOUFFMDIvNDMzNUJFOUMw RDA2MTFFRkEzRUNCMDU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMBIEAgABMAwDBAB5fyADBAHKnbQwGAQCAAIwEjAQAwUFJAHLYAMHACQBy2AA CDANBgkqhkiG9w0BAQsFAAOCAQEAaMAokq/eCvTZaAAcaAa0P42fZEBVAgjlc6Qu shQkfPQDi950hFBVoi0hwujGBtfCd67lkRPyYQcGocOZy9b50nKgNyKftkJmn++Z w5YWMiQx2yr+4rcZ7i6VKf7EdKiHS23nZV5ikdtWMX23CV+2Y29gdD2t9yq1fWVP qLc8i4aIz5PRgIEUDgFxR5YStG5dgWi/9aaHx8ypfXv7LJBs5CjRFzbWPVL4zqCE uQAaqG8XKCmBzdDx7qpmWt/qcEWCAFZ+FUqz66WIx8IFRfpsBO2vVG8ioYV8LmYg bIhE/qVoUSfGifjZl1zgJB6P6DX7tX196IPMl3VMLTRuTnwCwQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:40:01 2025 by rpki-client