This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa File: 907FFB3C5C8511EDA172EE5CC4F9AE02.roa (raw, json) Hash identifier: AZKwm5oe/DltOrJCA0wsNTWeK57n+QgiIhxKKU4O/m8= Subject key identifier: 29:2B:AC:2C:14:3D:8D:6C:C0:53:5F:2F:A2:DE:88:FF:61:C9:B6:6C Certificate issuer: /CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Certificate serial: 039C Authority key identifier: 24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa Signing time: Tue 13 Jan 2026 00:20:21 +0000 ROA not before: Tue 13 Jan 2026 00:20:21 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 12888 IP address blocks: 168.153.3.0/24 maxlen: 24 168.153.4.0/24 maxlen: 24 168.153.5.0/24 maxlen: 24 168.153.6.0/24 maxlen: 24 168.153.7.0/24 maxlen: 24 168.153.8.0/24 maxlen: 24 168.153.9.0/24 maxlen: 24 168.153.32.0/22 maxlen: 22 168.153.40.0/22 maxlen: 22 168.153.64.0/22 maxlen: 22 168.153.96.0/24 maxlen: 24 168.153.106.0/24 maxlen: 24 168.153.107.0/24 maxlen: 24 168.153.108.0/24 maxlen: 24 168.153.109.0/24 maxlen: 24 168.153.110.0/24 maxlen: 24 168.153.111.0/24 maxlen: 24 168.153.144.0/22 maxlen: 22 168.153.160.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Feb 2026 00:05:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 924 (0x39c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A713, serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B Validity Not Before: Jan 13 00:20:21 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=69658fc5-c58e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:d0:83:3a:1f:f9:60:9e:41:8d:f3:36:d5:a1: 9d:2c:1e:24:3a:f9:c8:cd:8e:02:24:9c:7a:09:d1: 30:9a:a4:ea:9c:d0:ec:c8:8a:d9:50:fc:4b:38:e2: b3:2c:c5:ca:ea:7e:53:57:2b:b3:5c:f2:41:bc:46: f9:c6:5e:c4:da:2f:6d:61:68:7c:d0:e3:9e:65:3a: 40:79:0a:25:03:2b:0a:a7:85:28:1a:09:25:3e:b5: ed:24:dd:2a:5d:0a:77:96:d0:81:bc:7d:c1:07:cc: 8e:75:f1:88:39:0b:cc:02:0c:65:20:31:3f:30:02: 51:06:a4:58:e7:94:1e:92:44:63:b0:1b:e3:fc:96: 1a:85:45:8f:be:31:6f:3d:2c:e2:19:91:8b:9e:33: 85:3b:f6:1f:79:3f:7c:42:f2:3a:16:3b:c9:28:c7: ee:b7:8d:4a:6a:84:16:e8:29:5a:87:82:8c:de:63: 16:20:3b:dd:ce:bd:bc:2a:86:b1:02:ff:4f:6e:8c: be:3b:d8:e6:29:93:df:44:19:0c:24:4d:11:e1:ca: 35:05:46:5e:4e:a5:a7:65:3e:b0:5b:da:f7:ad:68: 38:ee:14:dc:db:da:26:d3:08:6b:71:4b:8b:26:f6: e9:a2:94:77:78:2d:cc:c8:c2:46:4a:da:2a:de:a2: dc:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:2B:AC:2C:14:3D:8D:6C:C0:53:5F:2F:A2:DE:88:FF:61:C9:B6:6C X509v3 Authority Key Identifier: keyid:24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/907FFB3C5C8511EDA172EE5CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 168.153.3.0-168.153.9.255 168.153.32.0/22 168.153.40.0/22 168.153.64.0/22 168.153.96.0/24 168.153.106.0-168.153.111.255 168.153.144.0/22 168.153.160.0/22 Signature Algorithm: sha256WithRSAEncryption df:4b:56:fe:f4:be:b4:1a:82:c9:92:c8:9b:79:f7:ea:60:87: af:22:dc:dd:6f:d9:6c:7c:f2:49:cf:4e:d7:3c:dc:64:d8:00: bb:06:2a:48:d2:6c:34:a8:89:83:bd:73:67:d9:95:ac:05:76: 15:8f:2d:4e:93:b7:70:2f:f3:2f:3d:ca:96:0f:99:7e:49:b1: 97:6b:67:5d:65:e8:66:c6:93:be:cb:16:d5:02:7a:46:aa:2a: 2c:c6:52:e1:ad:38:f8:01:e2:e2:b2:5f:09:46:a8:55:66:7e: 0e:e2:87:0d:85:c2:b2:3b:67:99:fe:0c:30:2b:9c:82:4d:4c: e0:ba:6b:54:df:87:e6:8b:70:e0:ae:93:2b:ca:64:d6:c2:e4: f7:3f:ae:55:ed:90:01:cd:ea:9c:47:a5:37:83:53:1d:64:0e: ba:29:6e:d7:04:89:a4:ed:21:4f:1f:bf:6a:fc:84:a3:af:b7: f1:79:ac:bc:5e:e8:43:c4:64:06:d5:bf:fb:b0:52:bb:98:0f: 29:ff:e9:52:97:bd:d5:c5:8d:67:fe:13:fd:d9:dc:b5:2d:5f: 12:59:36:68:56:d0:48:7b:e5:e1:3e:cf:da:35:2e:31:e0:65: d3:d9:b3:f5:76:d7:0e:3d:29:27:50:ff:52:62:cf:95:13:82: a5:98:0b:15 -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgICA5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx OUE3MTMxMTAvBgNVBAUTKDI0QzhCQkY5MzBDRDJEMTIzOTlBQkRGOUM5Q0FCMTRC MUNENzlGNkIwHhcNMjYwMTEzMDAyMDIxWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTY1OGZjNS1jNThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmtCDOh/5YJ5BjfM21aGdLB4kOvnIzY4CJJx6CdEwmqTqnNDsyIrZUPxLOOKz LMXK6n5TVyuzXPJBvEb5xl7E2i9tYWh80OOeZTpAeQolAysKp4UoGgklPrXtJN0q XQp3ltCBvH3BB8yOdfGIOQvMAgxlIDE/MAJRBqRY55QekkRjsBvj/JYahUWPvjFv PSziGZGLnjOFO/YfeT98QvI6FjvJKMfut41KaoQW6Clah4KM3mMWIDvdzr28Koax Av9Pboy+O9jmKZPfRBkMJE0R4co1BUZeTqWnZT6wW9r3rWg47hTc29om0whrcUuL JvbpopR3eC3MyMJGStoq3qLc2QIDAQABo4ICzzCCAsswHQYDVR0OBBYEFCkrrCwU PY1swFNfL6LeiP9hybZsMB8GA1UdIwQYMBaAFCTIu/kwzS0SOZq9+cnKsUsc159r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTcxMy8zNDk5NENCNEUw REExMUVDOTRDN0UwNjJDNEY5QUUwMi9KTWk3LVRETkxSSTVtcjM1eWNxeFN4elhu MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0pNaTctVEROTFJJNW1yMzV5Y3F4U3h6WG4ycy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OUE3MTMvMzQ5OTRDQjRFMERBMTFFQzk0QzdFMDYyQzRGOUFFMDIvOTA3RkZCM0M1 Qzg1MTFFREExNzJFRTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E SjBIMEYEAgABMEAwDAMEAKiZAwMEAaiZCAMEAqiZIAMEAqiZKAMEAqiZQAMEAKiZ YDAMAwQBqJlqAwQEqJlgAwQCqJmQAwQCqJmgMA0GCSqGSIb3DQEBCwUAA4IBAQDf S1b+9L60GoLJksibeffqYIevItzdb9lsfPJJz07XPNxk2AC7BipI0mw0qImDvXNn 2ZWsBXYVjy1Ok7dwL/MvPcqWD5l+SbGXa2ddZehmxpO+yxbVAnpGqiosxlLhrTj4 AeLisl8JRqhVZn4O4ocNhcKyO2eZ/gwwK5yCTUzgumtU34fmi3DgrpMrymTWwuT3 P65V7ZABzeqcR6U3g1MdZA66KW7XBImk7SFPH79q/ISjr7fxeay8XuhDxGQG1b/7 sFK7mA8p/+lSl73VxY1n/hP92dy1LV8SWTZoVtBIe+XhPs/aNS4x4GXT2bP1dtcO PSknUP9SYs+VE4KlmAsV -----END CERTIFICATE-----Generated at Sun Jan 25 12:13:18 2026 by rpki-client