This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/CF6B95A22B0611F095AFC61DC4F9AE02.roa File: CF6B95A22B0611F095AFC61DC4F9AE02.roa (raw, json) Hash identifier: vFUeImcXurXSATsZSELTux2HOcWoibOEWelI5iKhexI= Subject key identifier: A1:BF:C3:E9:CF:FB:3E:27:F5:C9:E2:69:C1:35:1D:84:A4:A1:FA:24 Certificate issuer: /CN=A917BB9A/serialNumber=A6172EEBE1FCD1A978CCA467E1B58A30B37951EB Certificate serial: 014A Authority key identifier: A6:17:2E:EB:E1:FC:D1:A9:78:CC:A4:67:E1:B5:8A:30:B3:79:51:EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/phcu6-H80al4zKRn4bWKMLN5Ues.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/CF6B95A22B0611F095AFC61DC4F9AE02.roa Signing time: Sat 24 Jan 2026 04:56:43 +0000 ROA not before: Sat 24 Jan 2026 04:56:43 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 56209 IP address blocks: 150.129.172.0/23 maxlen: 23 150.129.172.0/24 maxlen: 24 150.129.173.0/24 maxlen: 24 150.129.174.0/23 maxlen: 23 150.129.174.0/24 maxlen: 24 150.129.175.0/24 maxlen: 24 202.47.112.0/24 maxlen: 24 202.47.113.0/24 maxlen: 24 202.47.114.0/24 maxlen: 24 202.47.115.0/24 maxlen: 24 202.47.116.0/24 maxlen: 24 202.47.117.0/24 maxlen: 24 202.47.118.0/24 maxlen: 24 202.47.119.0/24 maxlen: 24 202.71.0.0/23 maxlen: 23 202.71.0.0/24 maxlen: 24 202.71.1.0/24 maxlen: 24 202.71.2.0/23 maxlen: 23 202.71.2.0/24 maxlen: 24 202.71.3.0/24 maxlen: 24 202.71.24.0/23 maxlen: 23 202.71.24.0/24 maxlen: 24 202.71.25.0/24 maxlen: 24 202.71.26.0/24 maxlen: 24 202.71.27.0/24 maxlen: 24 202.71.28.0/24 maxlen: 24 202.71.29.0/24 maxlen: 24 202.71.30.0/24 maxlen: 24 202.71.31.0/24 maxlen: 24 2401:a3e0::/48 maxlen: 48 2401:a3e0:1::/48 maxlen: 48 2401:a3e0:2::/48 maxlen: 48 2401:a3e0:3::/48 maxlen: 48 2401:a3e0:4::/48 maxlen: 48 2401:a3e0:5::/48 maxlen: 48 2401:a3e0:6::/48 maxlen: 48 2401:a3e0:7::/48 maxlen: 48 2401:a3e0:8::/48 maxlen: 48 2401:a3e0:9::/48 maxlen: 48 2401:a3e0:a::/48 maxlen: 48 2401:a3e0:b::/48 maxlen: 48 2401:a3e0:c::/48 maxlen: 48 2401:a3e0:d::/48 maxlen: 48 2401:a3e0:e::/48 maxlen: 48 2401:a3e0:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/phcu6-H80al4zKRn4bWKMLN5Ues.crl rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/phcu6-H80al4zKRn4bWKMLN5Ues.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/phcu6-H80al4zKRn4bWKMLN5Ues.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Feb 2026 05:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 330 (0x14a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917BB9A, serialNumber=A6172EEBE1FCD1A978CCA467E1B58A30B37951EB Validity Not Before: Jan 24 04:56:43 2026 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6974510b-2dbb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ff:6a:84:a0:c9:27:69:10:03:e5:3d:0f:62: ea:a6:45:fb:8b:c2:17:3d:d6:10:24:ff:62:a8:e0: 22:cb:c8:24:ba:09:d8:36:05:d6:30:8f:dc:37:cc: 6f:88:53:0b:f0:9d:c9:97:bc:3f:1a:a3:7f:82:de: c0:cb:44:30:8f:17:eb:ff:77:06:c4:ec:4f:b7:a7: f2:1b:6b:14:d8:ba:81:90:e0:fb:92:f3:6c:10:4d: cb:37:6a:e0:7a:84:58:b2:cc:1f:fa:4d:5e:dc:40: 9c:1f:8a:cd:e8:79:94:82:f1:c3:2f:be:65:24:68: 47:8d:b6:46:43:95:1e:32:96:53:51:e7:24:4c:3d: 6f:a7:2a:17:0b:21:96:b7:1e:e0:86:2e:90:c6:b9: 11:a2:01:5a:e5:88:61:9a:19:72:c4:07:e3:45:a8: a1:fd:40:fb:ce:60:b9:a0:37:6b:39:b1:d4:85:26: 30:01:e0:1b:15:75:bf:f6:31:d7:d8:76:70:e6:6d: 06:74:41:1d:c7:3b:44:9d:04:2c:5a:f5:55:c3:5b: 2c:26:a1:4c:ad:32:7f:0c:17:e3:75:a3:44:24:78: d1:88:18:05:78:f7:30:c1:b8:92:85:0c:5d:b1:38: b7:a8:a3:dd:b8:58:a0:a8:04:90:e1:ee:83:4c:39: d3:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:BF:C3:E9:CF:FB:3E:27:F5:C9:E2:69:C1:35:1D:84:A4:A1:FA:24 X509v3 Authority Key Identifier: keyid:A6:17:2E:EB:E1:FC:D1:A9:78:CC:A4:67:E1:B5:8A:30:B3:79:51:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/phcu6-H80al4zKRn4bWKMLN5Ues.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/phcu6-H80al4zKRn4bWKMLN5Ues.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/CF6B95A22B0611F095AFC61DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 150.129.172.0/22 202.47.112.0/21 202.71.0.0/22 202.71.24.0/21 IPv6: 2401:a3e0::/44 Signature Algorithm: sha256WithRSAEncryption 94:b2:27:c2:e3:92:ca:8b:d9:ad:3e:28:a2:35:de:69:e2:74: cf:45:76:d3:2f:01:e4:07:3d:cd:b4:6c:70:fe:e0:b9:de:1a: 58:f7:c0:e1:7e:60:67:ee:94:f8:f0:58:41:72:aa:22:65:b2: 40:cb:12:43:d2:cc:66:2b:51:f1:6e:7a:30:a5:55:43:ce:f9: 88:31:13:c9:a1:40:57:cd:1d:9e:3b:0b:5f:39:c1:cd:f4:15: eb:66:f6:54:08:2e:e2:cc:c8:e0:7a:25:69:0a:d5:12:51:4d: 37:02:98:57:fb:98:6d:ab:36:f4:a7:6f:cd:4d:28:9b:78:5c: 37:ac:af:aa:bc:f1:6e:17:5c:6d:65:ff:7e:ba:78:ea:fa:bd: cf:46:72:51:66:c0:e9:99:4a:6e:41:ab:fb:2b:97:67:aa:5d: 42:2a:c5:22:20:bb:9a:b0:e0:75:c4:36:0f:6e:c9:c5:1e:3e: 7a:cc:47:d5:d3:8c:71:30:50:31:c9:ab:f7:80:c9:d0:c0:a9: 2b:f6:1b:47:ad:e7:bc:15:71:8d:c2:f2:e6:84:0a:b4:07:7f: d7:f1:72:8a:1d:d8:06:a8:e1:0f:a3:35:79:06:dd:0a:25:68: cc:68:27:93:eb:41:8d:a7:c1:c1:99:4a:4e:50:5b:df:97:c5: 1b:4c:b2:f6 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgICAUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0JCOUExMTAvBgNVBAUTKEE2MTcyRUVCRTFGQ0QxQTk3OENDQTQ2N0UxQjU4QTMw QjM3OTUxRUIwHhcNMjYwMTI0MDQ1NjQzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTc0NTEwYi0yZGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsf9qhKDJJ2kQA+U9D2LqpkX7i8IXPdYQJP9iqOAiy8gkugnYNgXWMI/cN8xv iFML8J3Jl7w/GqN/gt7Ay0Qwjxfr/3cGxOxPt6fyG2sU2LqBkOD7kvNsEE3LN2rg eoRYsswf+k1e3ECcH4rN6HmUgvHDL75lJGhHjbZGQ5UeMpZTUeckTD1vpyoXCyGW tx7ghi6QxrkRogFa5YhhmhlyxAfjRaih/UD7zmC5oDdrObHUhSYwAeAbFXW/9jHX 2HZw5m0GdEEdxztEnQQsWvVVw1ssJqFMrTJ/DBfjdaNEJHjRiBgFePcwwbiShQxd sTi3qKPduFigqASQ4e6DTDnT6QIDAQABo4ICuDCCArQwHQYDVR0OBBYEFKG/w+nP +z4n9cniacE1HYSkofokMB8GA1UdIwQYMBaAFKYXLuvh/NGpeMykZ+G1ijCzeVHr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkI5QS80OUNEMDMwNENG RjMxMUVGOTA2MkU1MjFDNEY5QUUwMi9waGN1Ni1IODBhbDR6S1JuNGJXS01MTjVV ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BoY3U2LUg4MGFsNHpLUm40YldLTUxONVVlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0JCOUEvNDlDRDAzMDRDRkYzMTFFRjkwNjJFNTIxQzRGOUFFMDIvQ0Y2Qjk1QTIy QjA2MTFGMDk1QUZDNjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E MzAxMB4EAgABMBgDBAKWgawDBAPKL3ADBALKRwADBAPKRxgwDwQCAAIwCQMHBCQB o+AAADANBgkqhkiG9w0BAQsFAAOCAQEAlLInwuOSyovZrT4oojXeaeJ0z0V20y8B 5Ac9zbRscP7gud4aWPfA4X5gZ+6U+PBYQXKqImWyQMsSQ9LMZitR8W56MKVVQ875 iDETyaFAV80dnjsLXznBzfQV62b2VAgu4szI4HolaQrVElFNNwKYV/uYbas29Kdv zU0om3hcN6yvqrzxbhdcbWX/frp46vq9z0ZyUWbA6ZlKbkGr+yuXZ6pdQirFIiC7 mrDgdcQ2D27JxR4+esxH1dOMcTBQMcmr94DJ0MCpK/YbR63nvBVxjcLy5oQKtAd/ 1/Fyih3YBqjhD6M1eQbdCiVozGgnk+tBjafBwZlKTlBb35fFG0yy9g== -----END CERTIFICATE-----Generated at Sun Jan 25 09:26:47 2026 by rpki-client