This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa File: CBAFF664136B11EFB53F2683C4F9AE02.roa (raw, json) Hash identifier: rWSoHDILH1hbPQsX2VUff3HmgfAsnLbwC5A62TSbGD4= Subject key identifier: 14:1A:8A:C7:33:B6:1A:58:77:F1:64:65:F0:B1:9A:28:31:76:C4:01 Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Certificate serial: 1FD6 Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa Signing time: Fri 26 Dec 2025 09:46:21 +0000 ROA not before: Fri 26 Dec 2025 09:46:21 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 58777 IP address blocks: 59.52.138.0/24 maxlen: 24 113.240.205.0/24 maxlen: 24 117.25.105.0/24 maxlen: 24 125.93.28.0/24 maxlen: 24 125.93.29.0/24 maxlen: 24 202.67.0.0/22 maxlen: 24 202.73.128.0/22 maxlen: 24 202.191.72.0/21 maxlen: 24 203.33.67.0/24 maxlen: 24 203.33.68.0/24 maxlen: 24 203.33.73.0/24 maxlen: 24 203.33.79.0/24 maxlen: 24 203.33.100.0/24 maxlen: 24 203.33.122.0/24 maxlen: 24 203.33.129.0/24 maxlen: 24 203.33.131.0/24 maxlen: 24 220.171.147.0/24 maxlen: 24 221.235.40.0/24 maxlen: 24 221.237.65.0/24 maxlen: 24 240e:108:4040::/48 maxlen: 48 240e:108:4047::/48 maxlen: 48 240e:108:4060::/48 maxlen: 48 240e:108:4360::/48 maxlen: 48 240e:108:4820::/48 maxlen: 48 240e:108:4840::/48 maxlen: 48 240e:108:4847::/48 maxlen: 48 240e:108:4860::/48 maxlen: 48 240e:108:4b60::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Feb 2026 14:50:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8150 (0x1fd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE4, serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA Validity Not Before: Dec 26 09:46:21 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=694e596d-9971 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:2d:18:a0:54:33:ce:5a:e5:06:6e:76:06:88: 72:20:8b:5a:89:51:87:79:4a:25:4c:a5:0a:b9:f2: cf:0b:18:25:96:23:e6:4d:dc:7b:0d:d4:49:15:92: d7:57:01:eb:5f:4b:ea:b5:f2:0f:54:c3:77:07:17: a3:4b:54:17:4d:04:55:a1:a2:fb:9e:f9:76:bf:17: 41:11:f7:6a:8f:37:11:ba:f6:9a:6b:a7:67:81:ee: 1b:c3:80:91:b0:fe:31:32:18:7c:7d:77:b7:1e:7e: b9:09:30:7e:4d:43:13:c4:21:74:25:44:45:35:40: 16:cc:e5:9b:13:f4:1f:6c:b6:04:99:10:1d:ba:29: 1c:53:a2:5c:4e:2e:2d:7a:ab:2a:ba:8e:27:71:3f: e9:eb:6e:ec:93:61:8b:66:7c:75:c3:ce:c0:9b:d4: 15:b6:7b:1c:52:27:da:ce:c7:a1:9f:b7:be:47:7f: d9:0c:7d:84:86:de:d0:7d:b2:4a:ee:c9:ff:34:f2: 62:d2:8e:db:1a:c8:29:58:6c:1e:4d:2f:6b:a6:cc: c5:71:ff:37:04:06:28:8d:41:dd:91:62:bf:73:f0: 32:8b:74:7a:9c:ef:35:53:00:88:87:67:cd:b4:58: d3:74:e3:cf:93:35:eb:eb:f7:15:2a:3c:a5:92:da: ba:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:1A:8A:C7:33:B6:1A:58:77:F1:64:65:F0:B1:9A:28:31:76:C4:01 X509v3 Authority Key Identifier: keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.52.138.0/24 113.240.205.0/24 117.25.105.0/24 125.93.28.0/23 202.67.0.0/22 202.73.128.0/22 202.191.72.0/21 203.33.67.0-203.33.68.255 203.33.73.0/24 203.33.79.0/24 203.33.100.0/24 203.33.122.0/24 203.33.129.0/24 203.33.131.0/24 220.171.147.0/24 221.235.40.0/24 221.237.65.0/24 IPv6: 240e:108:4040::/48 240e:108:4047::/48 240e:108:4060::/48 240e:108:4360::/48 240e:108:4820::/48 240e:108:4840::/48 240e:108:4847::/48 240e:108:4860::/48 240e:108:4b60::/48 Signature Algorithm: sha256WithRSAEncryption 95:fa:37:44:d1:e6:ab:32:b2:58:1f:c4:06:ee:2d:a7:05:b7: 82:71:67:e8:f1:d6:84:49:dc:ed:e4:8f:2a:26:99:44:c9:37: 3b:f5:41:82:3d:d8:8c:7d:9d:6c:30:56:32:31:d1:1b:4e:71: 67:6d:5c:41:71:65:54:0c:36:81:54:83:1c:7f:03:6d:83:84: 91:6e:a5:29:c8:a5:e6:5b:7c:7c:6b:f5:05:7b:a7:75:91:c5: d1:f9:96:ea:a9:f4:ca:f5:c6:14:77:28:68:10:d6:86:85:2c: 43:b6:82:89:15:a6:7e:01:a9:3d:13:6b:82:a0:b2:ea:c9:98: 00:4d:75:3d:5b:cb:11:82:94:c0:00:95:ed:4d:51:e7:88:c0: 26:5b:aa:a5:cd:b1:bc:53:d2:0c:c2:ce:75:65:4f:9e:72:99: ab:e8:b2:7c:4c:1a:82:ce:a3:d2:d7:20:09:68:09:9f:20:a3: 1d:1e:0b:9f:da:b2:f9:85:e8:66:ee:51:16:3f:d4:c7:3e:fd: 4c:15:0a:d8:53:9f:f3:e9:e9:24:a4:38:9d:4d:5f:34:68:5a: 06:d5:7d:2d:bb:82:68:3c:09:90:f7:ba:93:3f:0d:eb:f0:11: e1:3e:d1:7d:77:0e:47:be:88:07:3b:b2:83:8f:50:d1:6c:44: d4:15:1a:ab -----BEGIN CERTIFICATE----- MIIGNTCCBR2gAwIBAgICH9YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1 NkU4QUM4QkEwHhcNMjUxMjI2MDk0NjIxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTRlNTk2ZC05OTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxS0YoFQzzlrlBm52BohyIItaiVGHeUolTKUKufLPCxglliPmTdx7DdRJFZLX VwHrX0vqtfIPVMN3BxejS1QXTQRVoaL7nvl2vxdBEfdqjzcRuvaaa6dnge4bw4CR sP4xMhh8fXe3Hn65CTB+TUMTxCF0JURFNUAWzOWbE/QfbLYEmRAduikcU6JcTi4t eqsquo4ncT/p627sk2GLZnx1w87Am9QVtnscUifazsehn7e+R3/ZDH2Eht7QfbJK 7sn/NPJi0o7bGsgpWGweTS9rpszFcf83BAYojUHdkWK/c/Ayi3R6nO81UwCIh2fN tFjTdOPPkzXr6/cVKjylktq6mwIDAQABo4IDWTCCA1UwHQYDVR0OBBYEFBQaiscz thpYd/FkZfCxmigxdsQBMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1 NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5 TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvQ0JBRkY2NjQx MzZCMTFFRkI1M0YyNjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeIGCCsGAQUFBwEHAQH/ BIHSMIHPMHQEAgABMG4DBAA7NIoDBABx8M0DBAB1GWkDBAF9XRwDBALKQwADBALK SYADBAPKv0gwDAMEAMshQwMEAMshRAMEAMshSQMEAMshTwMEAMshZAMEAMshegME AMshgQMEAMshgwMEANyrkwMEAN3rKAMEAN3tQTBXBAIAAjBRAwcAJA4BCEBAAwcA JA4BCEBHAwcAJA4BCEBgAwcAJA4BCENgAwcAJA4BCEggAwcAJA4BCEhAAwcAJA4B CEhHAwcAJA4BCEhgAwcAJA4BCEtgMA0GCSqGSIb3DQEBCwUAA4IBAQCV+jdE0ear MrJYH8QG7i2nBbeCcWfo8daESdzt5I8qJplEyTc79UGCPdiMfZ1sMFYyMdEbTnFn bVxBcWVUDDaBVIMcfwNtg4SRbqUpyKXmW3x8a/UFe6d1kcXR+ZbqqfTK9cYUdyho ENaGhSxDtoKJFaZ+Aak9E2uCoLLqyZgATXU9W8sRgpTAAJXtTVHniMAmW6qlzbG8 U9IMws51ZU+ecpmr6LJ8TBqCzqPS1yAJaAmfIKMdHguf2rL5hehm7lEWP9THPv1M FQrYU5/z6ekkpDidTV80aFoG1X0tu4JoPAmQ97qTPw3r8BHhPtF9dw5HvogHO7KD j1DRbETUFRqr -----END CERTIFICATE-----Generated at Mon Jan 26 18:23:23 2026 by rpki-client