This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/2512D04C22BE11EC9240097DC4F9AE02.roa File: 2512D04C22BE11EC9240097DC4F9AE02.roa (raw, json) Hash identifier: CrylrybJXUyUqaeayMNhPjaFY6Npk3CjmQ0j2NnHemA= Subject key identifier: 1D:AF:2F:B2:9E:58:0D:D9:32:AD:E8:9A:2F:AE:9D:FF:28:F4:42:8D Certificate issuer: /CN=A917E4BA/serialNumber=AA436AAFC688045BF5148861546FA3FDCA98408E Certificate serial: 0B36 Authority key identifier: AA:43:6A:AF:C6:88:04:5B:F5:14:88:61:54:6F:A3:FD:CA:98:40:8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkNqr8aIBFv1FIhhVG-j_cqYQI4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/2512D04C22BE11EC9240097DC4F9AE02.roa Signing time: Sat 06 Dec 2025 19:00:39 +0000 ROA not before: Sat 06 Dec 2025 19:00:39 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 9650 IP address blocks: 45.64.68.0/22 maxlen: 22 45.64.68.0/24 maxlen: 24 45.64.69.0/24 maxlen: 24 45.64.70.0/24 maxlen: 24 103.233.236.0/22 maxlen: 22 203.5.10.0/24 maxlen: 24 203.9.184.0/22 maxlen: 22 203.15.124.0/22 maxlen: 22 203.15.125.0/24 maxlen: 24 203.18.108.0/23 maxlen: 23 203.21.12.0/24 maxlen: 24 203.62.216.0/22 maxlen: 22 2406:3c00::/32 maxlen: 32 2406:3c00:6000::/43 maxlen: 43 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/qkNqr8aIBFv1FIhhVG-j_cqYQI4.crl rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/qkNqr8aIBFv1FIhhVG-j_cqYQI4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkNqr8aIBFv1FIhhVG-j_cqYQI4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 18:47:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2870 (0xb36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E4BA, serialNumber=AA436AAFC688045BF5148861546FA3FDCA98408E Validity Not Before: Dec 6 19:00:39 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69347d56-d2ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c8:cc:19:7e:4f:bb:ae:20:73:8a:f2:89:d2: 55:e7:29:b0:0a:ba:d4:a8:bf:4b:e4:57:e0:71:c0: bb:3a:d4:be:7a:66:04:18:6c:b4:26:59:f6:7a:b6: 49:2c:20:11:9a:74:97:b5:7e:7c:31:26:5a:87:fb: 0b:81:14:65:9e:35:f0:18:e4:f5:14:2c:b8:f8:0f: b5:b8:62:0e:51:87:8b:de:9c:e0:f7:fa:b9:5e:21: 8b:f2:94:fa:62:a0:46:51:73:00:27:e0:f3:09:c1: 1c:cf:bf:a4:38:ca:a0:5f:84:46:cf:11:5f:b0:00: 7e:cc:ad:b7:75:12:d6:f2:46:7f:12:e7:02:6c:29: 77:bb:02:1b:38:70:d1:55:48:71:07:ed:22:a6:12: eb:3d:c3:0d:61:78:82:38:7c:5f:85:a3:4a:c4:46: d4:0e:8d:bc:c3:ca:1f:23:db:d9:f4:5e:cc:85:25: 20:db:db:a9:8a:b5:07:b6:33:fe:8f:d0:fd:d1:e0: 60:4b:ca:77:30:90:40:87:c9:cf:98:09:5f:26:b5: 3b:6f:c6:2f:19:92:97:14:1c:6a:fd:37:f0:ff:f9: ca:05:b4:0b:01:96:9e:a1:aa:be:54:d9:7d:87:73: 9f:54:1e:c6:c8:82:a0:83:3f:5e:8f:5a:64:e6:b9: c2:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:AF:2F:B2:9E:58:0D:D9:32:AD:E8:9A:2F:AE:9D:FF:28:F4:42:8D X509v3 Authority Key Identifier: keyid:AA:43:6A:AF:C6:88:04:5B:F5:14:88:61:54:6F:A3:FD:CA:98:40:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/qkNqr8aIBFv1FIhhVG-j_cqYQI4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkNqr8aIBFv1FIhhVG-j_cqYQI4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E4BA/D06BF32852DC11EA82601B0FC4F9AE02/2512D04C22BE11EC9240097DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.68.0/22 103.233.236.0/22 203.5.10.0/24 203.9.184.0/22 203.15.124.0/22 203.18.108.0/23 203.21.12.0/24 203.62.216.0/22 IPv6: 2406:3c00::/32 Signature Algorithm: sha256WithRSAEncryption 27:61:da:0d:b4:a1:27:b9:1b:08:29:ae:f9:ea:69:c2:e5:e3: f6:91:fb:27:0e:74:c1:45:21:88:94:ca:4e:68:8f:56:79:0f: 45:16:b7:ab:8e:d2:e5:c6:1d:b8:c3:ba:16:a7:42:7e:0b:b7: e1:05:7f:83:20:4e:36:cc:0d:fe:32:7f:bb:13:08:f7:8f:cb: b5:f7:e5:b6:f8:47:fd:c0:9d:2d:07:bd:b6:8b:0c:0a:d8:63: e6:b9:6d:77:74:b9:67:a3:d2:39:fd:49:4a:7f:70:8e:34:77: 16:dd:5c:71:af:97:8d:a7:66:a6:31:41:e7:aa:32:15:94:28: 19:eb:57:3f:48:93:17:51:49:9a:ed:2b:95:de:78:32:53:20: 41:d9:5b:8c:71:bf:b6:15:be:5d:b1:ee:f9:9b:f8:34:37:91: bd:cd:ae:39:3a:d8:70:8f:96:f4:2f:ba:4e:6c:0a:1e:6c:47: cf:f6:75:7d:e9:bd:26:2f:61:6c:ff:ce:79:e7:1b:77:b2:4b: c3:f4:f4:3c:80:b3:44:11:7f:38:6b:30:97:4e:72:cf:8a:14: d5:bc:6d:be:fa:df:da:fe:51:09:bb:d1:e2:94:ed:e4:87:eb: 7c:66:db:bc:d3:0f:d3:0c:3d:0c:42:4f:6f:fb:f5:6c:86:fe: 8f:a7:4e:7c -----BEGIN CERTIFICATE----- MIIFqjCCBJKgAwIBAgICCzYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0QkExMTAvBgNVBAUTKEFBNDM2QUFGQzY4ODA0NUJGNTE0ODg2MTU0NkZBM0ZE Q0E5ODQwOEUwHhcNMjUxMjA2MTkwMDM5WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTM0N2Q1Ni1kMmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAusjMGX5Pu64gc4ryidJV5ymwCrrUqL9L5FfgccC7OtS+emYEGGy0Jln2erZJ LCARmnSXtX58MSZah/sLgRRlnjXwGOT1FCy4+A+1uGIOUYeL3pzg9/q5XiGL8pT6 YqBGUXMAJ+DzCcEcz7+kOMqgX4RGzxFfsAB+zK23dRLW8kZ/EucCbCl3uwIbOHDR VUhxB+0iphLrPcMNYXiCOHxfhaNKxEbUDo28w8ofI9vZ9F7MhSUg29upirUHtjP+ j9D90eBgS8p3MJBAh8nPmAlfJrU7b8YvGZKXFBxq/Tfw//nKBbQLAZaeoaq+VNl9 h3OfVB7GyIKggz9ej1pk5rnClQIDAQABo4ICzjCCAsowHQYDVR0OBBYEFB2vL7Ke WA3ZMq3omi+unf8o9EKNMB8GA1UdIwQYMBaAFKpDaq/GiARb9RSIYVRvo/3KmECO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTRCQS9EMDZCRjMyODUy REMxMUVBODI2MDFCMEZDNEY5QUUwMi9xa05xcjhhSUJGdjFGSWhoVkctal9jcVlR STQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FrTnFyOGFJQkZ2MUZJaGhWRy1qX2NxWVFJNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx N0U0QkEvRDA2QkYzMjg1MkRDMTFFQTgyNjAxQjBGQzRGOUFFMDIvMjUxMkQwNEMy MkJFMTFFQzkyNDAwOTdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E STBHMDYEAgABMDADBAItQEQDBAJn6ewDBADLBQoDBALLCbgDBALLD3wDBAHLEmwD BADLFQwDBALLPtgwDQQCAAIwBwMFACQGPAAwDQYJKoZIhvcNAQELBQADggEBACdh 2g20oSe5GwgprvnqacLl4/aR+ycOdMFFIYiUyk5oj1Z5D0UWt6uO0uXGHbjDuhan Qn4Lt+EFf4MgTjbMDf4yf7sTCPePy7X35bb4R/3AnS0HvbaLDArYY+a5bXd0uWej 0jn9SUp/cI40dxbdXHGvl42nZqYxQeeqMhWUKBnrVz9IkxdRSZrtK5XeeDJTIEHZ W4xxv7YVvl2x7vmb+DQ3kb3Nrjk62HCPlvQvuk5sCh5sR8/2dX3pvSYvYWz/znnn G3eyS8P09DyAs0QRfzhrMJdOcs+KFNW8bb7639r+UQm70eKU7eSH63xm27zTD9MM PQxCT2/79WyG/o+nTnw= -----END CERTIFICATE-----Generated at Tue Dec 23 12:55:12 2025 by rpki-client