This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/0CF90768BDE011EAAEA46554C4F9AE02.roa File: 0CF90768BDE011EAAEA46554C4F9AE02.roa (raw, json) Hash identifier: 9SFPmNwt/TufufcSISJPRiMY2SUXxDnWpUNi1Zch4i8= Subject key identifier: 89:14:CF:2E:7C:88:43:1A:A2:3C:AF:D8:71:FF:B6:97:49:FB:B9:DA Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 2043 Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/0CF90768BDE011EAAEA46554C4F9AE02.roa Signing time: Mon 01 Dec 2025 09:40:58 +0000 ROA not before: Mon 01 Dec 2025 09:40:58 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9430 IP address blocks: 157.15.159.0/24 maxlen: 24 161.248.26.0/24 maxlen: 24 164.164.32.0/24 maxlen: 24 164.164.123.0/24 maxlen: 24 164.164.124.0/24 maxlen: 24 164.164.126.0/24 maxlen: 24 164.164.127.0/24 maxlen: 24 164.164.184.0/24 maxlen: 24 164.164.187.0/24 maxlen: 24 164.164.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 12:10:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8259 (0x2043) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: Dec 1 09:40:58 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=692d62aa-bbd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:e5:96:68:3d:7a:5f:2b:ce:1b:af:b9:16:9d: 44:04:7f:2f:95:5c:44:ef:b2:90:b2:b9:75:41:6d: 94:50:a7:5e:ce:85:ca:42:86:df:8b:e2:e7:43:47: 09:d3:c9:80:f4:66:66:85:a5:50:8c:92:3a:73:61: a0:f3:33:2e:c9:15:0a:27:8f:8c:0a:48:4b:87:8d: 48:54:b8:ea:25:ef:75:ad:8d:03:e6:49:a3:3f:23: 7c:44:de:8d:43:67:49:ed:fb:b9:8b:89:87:4d:89: ff:a4:0f:08:f0:f6:22:08:01:f2:3a:7c:52:18:dd: 1c:bd:fd:ba:8b:d6:e3:a1:9c:2a:60:1d:7f:89:1d: 70:c4:98:c4:a0:23:59:40:ce:88:01:0a:8a:fd:1f: cb:34:ae:78:0a:31:81:96:d4:d7:77:02:c1:53:3a: 13:11:6d:8e:6c:30:e2:09:4f:9f:30:18:4e:41:f6: 21:5f:3a:fa:35:95:96:5f:30:05:bb:ef:af:19:60: f7:bb:97:79:57:9d:d2:12:2b:19:70:c9:0b:8a:6f: c3:88:6d:d3:54:6f:1f:e0:99:63:96:38:ed:d4:bd: 8e:7a:e5:7f:67:ce:87:70:09:f2:89:67:fd:26:bb: 99:05:5e:e1:06:b3:22:2d:de:65:b2:60:d6:de:2a: 0f:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:14:CF:2E:7C:88:43:1A:A2:3C:AF:D8:71:FF:B6:97:49:FB:B9:DA X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/0CF90768BDE011EAAEA46554C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 157.15.159.0/24 161.248.26.0/24 164.164.32.0/24 164.164.123.0-164.164.124.255 164.164.126.0/23 164.164.184.0/24 164.164.187.0/24 164.164.192.0/24 Signature Algorithm: sha256WithRSAEncryption 14:28:82:25:8d:83:8d:7a:ee:a6:e0:7f:a3:bb:99:08:55:af: 88:02:87:d4:1d:14:c9:45:ae:92:bc:b9:f4:0a:11:f0:9d:99: a7:7e:b0:9e:ea:47:27:f5:fa:5e:5e:7c:45:ba:13:70:45:ec: 37:79:c1:2f:4f:52:d2:e7:88:10:86:54:a8:d0:85:01:45:e7: d4:48:33:1d:bf:94:ea:fc:f8:c6:d7:f0:be:86:45:b1:5e:23: 37:bf:9a:bd:f5:67:a9:15:cf:12:fa:ff:bd:9b:cd:86:9a:18: cc:b1:ae:12:9e:13:3d:d9:56:82:d4:1f:6c:b1:8a:24:3d:25: 07:37:ef:9e:1c:16:3c:d2:6f:f6:a6:20:db:1a:de:1b:24:d6: 90:49:4c:da:1c:d1:39:83:76:42:1c:58:c4:22:f7:85:66:87: f3:21:de:e8:14:a3:a0:e7:d1:e5:46:a5:47:19:32:14:15:a7: 73:5e:74:81:3c:27:68:33:f5:54:9e:fb:45:fe:98:6e:b1:50: 04:3b:ad:79:f8:31:5c:d8:53:71:f6:96:e1:69:f5:9a:15:04: 9a:72:7f:f1:1b:e8:35:7b:37:9f:42:99:54:e9:21:20:20:49: 61:4a:0e:8f:cf:46:b0:ba:71:5d:b3:b0:52:d3:12:50:40:71: 20:9f:57:56 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgICIEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjUxMjAxMDk0MDU4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTJkNjJhYS1iYmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzuWWaD16XyvOG6+5Fp1EBH8vlVxE77KQsrl1QW2UUKdezoXKQobfi+LnQ0cJ 08mA9GZmhaVQjJI6c2Gg8zMuyRUKJ4+MCkhLh41IVLjqJe91rY0D5kmjPyN8RN6N Q2dJ7fu5i4mHTYn/pA8I8PYiCAHyOnxSGN0cvf26i9bjoZwqYB1/iR1wxJjEoCNZ QM6IAQqK/R/LNK54CjGBltTXdwLBUzoTEW2ObDDiCU+fMBhOQfYhXzr6NZWWXzAF u++vGWD3u5d5V53SEisZcMkLim/DiG3TVG8f4Jljljjt1L2OeuV/Z86HcAnyiWf9 JruZBV7hBrMiLd5lsmDW3ioPpQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFIkUzy58 iEMaojyv2HH/tpdJ+7naMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMENGOTA3NjhC REUwMTFFQUFFQTQ2NTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E QjBAMD4EAgABMDgDBACdD58DBACh+BoDBACkpCAwDAMEAKSkewMEAKSkfAMEAaSk fgMEAKSkuAMEAKSkuwMEAKSkwDANBgkqhkiG9w0BAQsFAAOCAQEAFCiCJY2DjXru puB/o7uZCFWviAKH1B0UyUWukry59AoR8J2Zp36wnupHJ/X6Xl58RboTcEXsN3nB L09S0ueIEIZUqNCFAUXn1EgzHb+U6vz4xtfwvoZFsV4jN7+avfVnqRXPEvr/vZvN hpoYzLGuEp4TPdlWgtQfbLGKJD0lBzfvnhwWPNJv9qYg2xreGyTWkElM2hzROYN2 QhxYxCL3hWaH8yHe6BSjoOfR5UalRxkyFBWnc150gTwnaDP1VJ77Rf6YbrFQBDut efgxXNhTcfaW4Wn1mhUEmnJ/8RvoNXs3n0KZVOkhICBJYUoOj89GsLpxXbOwUtMS UEBxIJ9XVg== -----END CERTIFICATE-----Generated at Fri Dec 5 19:04:15 2025 by rpki-client