This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/A3E98D0E22A911EB96014E82C4F9AE02.roa File: A3E98D0E22A911EB96014E82C4F9AE02.roa (raw, json) Hash identifier: U4wBCZUawWY0aygfRe0tLOK9t09mOsA+sFaJMAhACbA= Subject key identifier: 84:1C:E2:C5:DF:61:48:2E:07:C0:C4:5B:25:6D:07:FA:81:00:E0:57 Certificate issuer: /CN=A9195FCB/serialNumber=E951371DE4DCB10025484D2F14FDCDA2C6455B91 Certificate serial: 07C2 Authority key identifier: E9:51:37:1D:E4:DC:B1:00:25:48:4D:2F:14:FD:CD:A2:C6:45:5B:91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6VE3HeTcsQAlSE0vFP3NosZFW5E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/A3E98D0E22A911EB96014E82C4F9AE02.roa Signing time: Thu 04 Dec 2025 20:34:14 +0000 ROA not before: Thu 04 Dec 2025 20:34:14 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 141398 IP address blocks: 103.158.62.0/23 maxlen: 23 103.158.62.0/24 maxlen: 24 103.158.63.0/24 maxlen: 24 2406:b240::/32 maxlen: 32 2406:b240:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/6VE3HeTcsQAlSE0vFP3NosZFW5E.crl rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/6VE3HeTcsQAlSE0vFP3NosZFW5E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6VE3HeTcsQAlSE0vFP3NosZFW5E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 20:23:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1986 (0x7c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9195FCB, serialNumber=E951371DE4DCB10025484D2F14FDCDA2C6455B91 Validity Not Before: Dec 4 20:34:14 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=6931f046-0fc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:84:50:7a:c8:7d:e2:87:9d:80:b0:70:33:d0: 8f:01:be:d0:2a:01:4e:62:60:32:8a:8b:a6:b8:c3: 5d:2d:b5:94:c2:43:02:8d:61:72:1b:1b:24:a3:66: e1:f3:18:73:84:bd:3f:6c:2a:a9:06:1e:df:9a:88: b6:dd:fe:b8:95:74:7a:40:c1:ab:f0:cb:84:66:28: 0b:1f:4c:bd:d7:a8:3e:f4:ac:8e:59:ef:e2:aa:cf: dc:fa:29:fa:2b:a2:43:fc:f8:3d:39:a9:52:5b:32: 53:02:ae:6a:39:ee:70:70:26:1e:4c:e0:fb:2e:1f: 57:38:c9:d4:4e:2e:d0:5a:bf:1e:a2:43:1e:39:f2: b7:a1:eb:b0:95:8b:09:b0:71:26:f8:60:c4:d7:1d: 66:24:b1:46:b4:72:f7:fe:ce:9e:b7:b1:b2:96:ca: d1:ad:3a:50:24:d7:a0:fa:8a:c1:ca:2c:94:d9:1e: 6c:6f:94:e4:83:dc:0d:39:0a:7e:7b:37:df:66:55: 42:36:55:74:64:36:45:fc:16:70:46:fe:26:73:2e: b2:2d:88:5d:b4:c8:c6:f5:cc:7b:79:1d:13:77:f4: f7:f0:24:cb:f2:33:cb:4d:82:0a:96:1e:9a:e8:4e: 06:4a:0e:e5:7e:e5:08:62:19:78:c4:51:1f:af:39: eb:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:1C:E2:C5:DF:61:48:2E:07:C0:C4:5B:25:6D:07:FA:81:00:E0:57 X509v3 Authority Key Identifier: keyid:E9:51:37:1D:E4:DC:B1:00:25:48:4D:2F:14:FD:CD:A2:C6:45:5B:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/6VE3HeTcsQAlSE0vFP3NosZFW5E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6VE3HeTcsQAlSE0vFP3NosZFW5E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195FCB/880E634022A711EBB406CE7CC4F9AE02/A3E98D0E22A911EB96014E82C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.158.62.0/23 IPv6: 2406:b240::/32 Signature Algorithm: sha256WithRSAEncryption 5b:1b:eb:fa:89:ec:6f:31:a4:e9:14:f2:1b:53:c1:15:be:f5: b2:98:6a:5b:9f:a9:40:dc:26:c4:90:c5:00:3c:bb:62:81:cf: 38:3a:48:05:12:c3:90:b1:86:4a:e4:62:52:e3:81:29:e5:66: 4c:e0:39:d0:34:5f:67:79:a4:8d:64:46:d1:81:55:79:fe:90: 25:59:ab:8a:63:b6:94:45:62:c9:8b:29:2c:b7:cf:97:62:3b: 34:15:17:89:20:bc:0c:29:b9:eb:e1:96:e8:33:01:8a:b8:de: 17:34:5f:bc:c3:7d:14:02:d7:32:d4:df:64:cd:d6:09:2d:2b: ae:5a:94:7c:0d:4c:4d:49:5a:53:1a:3a:d5:c2:24:a6:58:c1: 5a:5e:9e:f3:99:94:e4:5b:e4:89:eb:5d:56:d8:e3:43:aa:14: e4:45:76:00:65:71:d5:f1:de:de:67:3c:9b:83:fb:a1:15:11: 0d:6b:13:1b:5d:3f:5a:c2:77:67:83:a2:0e:05:82:cb:ba:1b: 92:6c:09:64:be:69:0b:ae:f5:d8:62:4e:05:a8:24:c9:6c:17: eb:35:0f:0d:90:27:3f:47:4a:ef:16:c1:ad:ba:23:60:aa:3a: 62:85:b6:c7:8e:a6:2b:c4:f8:7d:a2:0f:a3:cf:77:0e:21:91: be:94:55:01 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICB8IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTVGQ0IxMTAvBgNVBAUTKEU5NTEzNzFERTREQ0IxMDAyNTQ4NEQyRjE0RkRDREEy QzY0NTVCOTEwHhcNMjUxMjA0MjAzNDE0WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTMxZjA0Ni0wZmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7YRQesh94oedgLBwM9CPAb7QKgFOYmAyioumuMNdLbWUwkMCjWFyGxsko2bh 8xhzhL0/bCqpBh7fmoi23f64lXR6QMGr8MuEZigLH0y916g+9KyOWe/iqs/c+in6 K6JD/Pg9OalSWzJTAq5qOe5wcCYeTOD7Lh9XOMnUTi7QWr8eokMeOfK3oeuwlYsJ sHEm+GDE1x1mJLFGtHL3/s6et7GylsrRrTpQJNeg+orByiyU2R5sb5Tkg9wNOQp+ ezffZlVCNlV0ZDZF/BZwRv4mcy6yLYhdtMjG9cx7eR0Td/T38CTL8jPLTYIKlh6a 6E4GSg7lfuUIYhl4xFEfrznrxQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIQc4sXf YUguB8DEWyVtB/qBAOBXMB8GA1UdIwQYMBaAFOlRNx3k3LEAJUhNLxT9zaLGRVuR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUZDQi84ODBFNjM0MDIy QTcxMUVCQjQwNkNFN0NDNEY5QUUwMi82VkUzSGVUY3NRQWxTRTB2RlAzTm9zWkZX NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzZWRTNIZVRjc1FBbFNFMHZGUDNOb3NaRlc1RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTVGQ0IvODgwRTYzNDAyMkE3MTFFQkI0MDZDRTdDQzRGOUFFMDIvQTNFOThEMEUy MkE5MTFFQjk2MDE0RTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFnnj4wDQQCAAIwBwMFACQGskAwDQYJKoZIhvcNAQELBQAD ggEBAFsb6/qJ7G8xpOkU8htTwRW+9bKYalufqUDcJsSQxQA8u2KBzzg6SAUSw5Cx hkrkYlLjgSnlZkzgOdA0X2d5pI1kRtGBVXn+kCVZq4pjtpRFYsmLKSy3z5diOzQV F4kgvAwpuevhlugzAYq43hc0X7zDfRQC1zLU32TN1gktK65alHwNTE1JWlMaOtXC JKZYwVpenvOZlORb5InrXVbY40OqFORFdgBlcdXx3t5nPJuD+6EVEQ1rExtdP1rC d2eDog4Fgsu6G5JsCWS+aQuu9dhiTgWoJMlsF+s1Dw2QJz9HSu8Wwa26I2CqOmKF tseOpivE+H2iD6PPdw4hkb6UVQE= -----END CERTIFICATE-----Generated at Sun Dec 7 02:58:54 2025 by rpki-client