This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/FBDFC922CB6B11F0B7DCE06BC4F9AE02.roa File: FBDFC922CB6B11F0B7DCE06BC4F9AE02.roa (raw, json) Hash identifier: J6hrcFh7WhWZaOUjv//ch7y6xSAesYjPuueLW+CqB+U= Subject key identifier: 43:D8:33:AD:F8:F2:92:B8:54:53:5B:D6:ED:35:77:D9:6F:CC:A8:EC Certificate issuer: /CN=A9168494/serialNumber=B13EA4934F41FC4834CD2A6FF8218D40F7A97789 Certificate serial: 0302 Authority key identifier: B1:3E:A4:93:4F:41:FC:48:34:CD:2A:6F:F8:21:8D:40:F7:A9:77:89 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sT6kk09B_Eg0zSpv-CGNQPepd4k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/FBDFC922CB6B11F0B7DCE06BC4F9AE02.roa Signing time: Mon 22 Dec 2025 06:39:05 +0000 ROA not before: Mon 22 Dec 2025 06:39:05 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 3550 IP address blocks: 165.220.0.0/21 maxlen: 21 165.220.16.0/21 maxlen: 21 165.220.24.0/21 maxlen: 21 165.220.32.0/19 maxlen: 19 165.220.64.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/sT6kk09B_Eg0zSpv-CGNQPepd4k.crl rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/sT6kk09B_Eg0zSpv-CGNQPepd4k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sT6kk09B_Eg0zSpv-CGNQPepd4k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 00:19:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 770 (0x302) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9168494, serialNumber=B13EA4934F41FC4834CD2A6FF8218D40F7A97789 Validity Not Before: Dec 22 06:39:05 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6948e789-010b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:39:8b:a4:4e:5c:75:1a:1d:39:22:ab:8d:b4: 79:66:20:9d:2b:8a:e7:26:44:ad:c5:6b:7f:2a:16: 87:fc:d0:c6:24:83:b2:9b:7e:b8:ec:75:54:aa:28: c2:83:4a:b4:03:30:11:ce:83:e6:e8:a9:74:20:8c: 97:28:84:6f:66:30:21:4f:d0:8c:78:c7:7e:66:78: 95:11:77:fb:0e:61:3b:95:fd:08:0f:77:4f:10:85: 1c:55:e3:77:dc:6a:c0:91:71:fd:2f:f5:73:ee:ca: f2:c7:70:cf:fe:d6:31:c9:52:da:70:31:6f:3b:cd: f5:9d:e6:ec:6c:e6:f4:1c:8a:9d:c7:48:70:26:bf: bb:f0:20:f3:0f:65:5b:12:89:b8:84:ec:3f:ac:01: f5:08:50:3f:fe:29:11:26:7b:57:5a:7a:a8:56:0f: 74:80:7b:44:f7:c1:95:b3:02:5c:33:d2:4d:e1:df: 2a:89:7c:8b:96:73:28:83:9d:f7:53:7c:89:92:31: 37:e9:06:c2:8e:ec:bc:6b:d2:8e:68:0f:10:56:87: 8b:16:0f:d2:c5:78:5e:0f:c8:17:63:b7:bf:58:c7: 4c:70:b9:59:9b:55:d7:55:1c:a7:e1:fe:8c:8c:97: 44:b2:72:e2:27:0d:69:ec:8e:50:4b:8f:2c:aa:dc: af:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:D8:33:AD:F8:F2:92:B8:54:53:5B:D6:ED:35:77:D9:6F:CC:A8:EC X509v3 Authority Key Identifier: keyid:B1:3E:A4:93:4F:41:FC:48:34:CD:2A:6F:F8:21:8D:40:F7:A9:77:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/sT6kk09B_Eg0zSpv-CGNQPepd4k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sT6kk09B_Eg0zSpv-CGNQPepd4k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168494/31B8263C099311EDB21C9B4BC4F9AE02/FBDFC922CB6B11F0B7DCE06BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 165.220.0.0/21 165.220.16.0-165.220.127.255 Signature Algorithm: sha256WithRSAEncryption 5a:0b:86:27:c3:17:46:90:45:b6:fe:9f:ae:88:b1:42:b8:59: d4:6c:cd:44:56:12:e2:53:3b:bc:1e:22:6d:c7:be:62:ac:c4: c7:74:df:6f:ea:a2:b6:dc:86:e1:17:2e:5e:9d:7e:1c:f1:4f: a2:22:d0:00:00:7d:b0:66:36:95:21:eb:88:a3:56:56:cd:fc: 9f:0b:fc:40:a7:eb:e2:76:29:fd:7e:d6:12:92:ef:09:20:81: 09:2a:74:80:ae:42:f7:18:a2:b9:7e:24:44:a1:93:77:79:29: 4b:13:2e:b4:ca:6e:fb:8b:77:27:cd:54:cd:7a:b2:7e:69:aa: ac:bc:57:ea:10:47:ed:9f:96:5b:d3:42:10:db:19:fa:6f:b8: b4:2d:e9:24:3e:8a:c1:7d:08:ad:e1:b9:4a:19:7d:5f:13:d8: 54:b3:9e:a1:7f:5b:39:28:cf:32:66:f4:5d:59:df:a1:4f:a9: 98:d2:81:0c:36:8c:82:b0:de:de:64:e8:b6:df:78:93:20:8a: f3:21:95:21:90:e6:b1:48:f4:4f:13:8a:7e:2d:43:fb:36:34: cd:a9:18:ab:36:fa:cf:6a:27:b0:7c:9a:18:a2:4e:22:ee:fe: 9c:f8:bb:62:1d:09:b3:8c:14:17:17:e4:00:d7:b5:b7:66:e5: 4a:a1:1b:cc -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICAwIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njg0OTQxMTAvBgNVBAUTKEIxM0VBNDkzNEY0MUZDNDgzNENEMkE2RkY4MjE4RDQw RjdBOTc3ODkwHhcNMjUxMjIyMDYzOTA1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDDA02OTQ4ZTc4OS0wMTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyzmLpE5cdRodOSKrjbR5ZiCdK4rnJkStxWt/KhaH/NDGJIOym3647HVUqijC g0q0AzARzoPm6Kl0IIyXKIRvZjAhT9CMeMd+ZniVEXf7DmE7lf0ID3dPEIUcVeN3 3GrAkXH9L/Vz7sryx3DP/tYxyVLacDFvO831nebsbOb0HIqdx0hwJr+78CDzD2Vb Eom4hOw/rAH1CFA//ikRJntXWnqoVg90gHtE98GVswJcM9JN4d8qiXyLlnMog533 U3yJkjE36QbCjuy8a9KOaA8QVoeLFg/SxXheD8gXY7e/WMdMcLlZm1XXVRyn4f6M jJdEsnLiJw1p7I5QS48sqtyvBwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFEPYM634 8pK4VFNb1u01d9lvzKjsMB8GA1UdIwQYMBaAFLE+pJNPQfxINM0qb/ghjUD3qXeJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODQ5NC8zMUI4MjYzQzA5 OTMxMUVEQjIxQzlCNEJDNEY5QUUwMi9zVDZrazA5Ql9FZzB6U3B2LUNHTlFQZXBk NGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3NUNmtrMDlCX0VnMHpTcHYtQ0dOUVBlcGQ0ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Njg0OTQvMzFCODI2M0MwOTkzMTFFREIyMUM5QjRCQzRGOUFFMDIvRkJERkM5MjJD QjZCMTFGMEI3RENFMDZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQDBAOl3AAwDAMEBKXcEAMEB6XcADANBgkqhkiG9w0BAQsFAAOC AQEAWguGJ8MXRpBFtv6froixQrhZ1GzNRFYS4lM7vB4ibce+YqzEx3Tfb+qittyG 4RcuXp1+HPFPoiLQAAB9sGY2lSHriKNWVs38nwv8QKfr4nYp/X7WEpLvCSCBCSp0 gK5C9xiiuX4kRKGTd3kpSxMutMpu+4t3J81UzXqyfmmqrLxX6hBH7Z+WW9NCENsZ +m+4tC3pJD6KwX0IreG5Shl9XxPYVLOeoX9bOSjPMmb0XVnfoU+pmNKBDDaMgrDe 3mTott94kyCK8yGVIZDmsUj0TxOKfi1D+zY0zakYqzb6z2onsHyaGKJOIu7+nPi7 Yh0Js4wUFxfkANe1t2blSqEbzA== -----END CERTIFICATE-----Generated at Sun Jan 18 04:33:55 2026 by rpki-client