This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/D43EBED0613C11F0B60AFC14C4F9AE02.roa File: D43EBED0613C11F0B60AFC14C4F9AE02.roa (raw, json) Hash identifier: gsaAKU5fnFf6phi5/dL8f9HqaF9gWhgzIgJP1TbR+M0= Subject key identifier: 0C:79:04:20:86:B9:85:74:77:2E:A6:EA:D8:AB:65:2B:55:9D:61:C2 Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 21DE Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/D43EBED0613C11F0B60AFC14C4F9AE02.roa Signing time: Sat 17 Jan 2026 10:00:29 +0000 ROA not before: Sat 17 Jan 2026 10:00:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 132770 IP address blocks: 160.22.232.0/24 maxlen: 24 160.22.233.0/24 maxlen: 24 165.99.226.0/23 maxlen: 24 165.101.109.0/24 maxlen: 24 165.101.204.0/24 maxlen: 24 165.101.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 13:39:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8670 (0x21de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: Jan 17 10:00:29 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=696b5dbd-ae40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:44:6d:ce:72:23:d3:98:1d:51:59:74:cd:32: f6:be:70:00:e0:a6:f8:19:ba:0d:16:95:1c:63:cb: 89:ad:25:d5:98:0e:8a:59:9a:fb:53:36:ed:e4:ef: 35:1e:cc:48:77:e3:15:19:1c:b5:34:fe:23:a1:d1: 94:8c:dc:86:72:6c:ec:1b:92:2e:50:e7:b7:ad:45: 82:72:da:8e:62:4c:0a:0a:a1:ab:45:d2:77:77:46: a7:7e:25:e2:9f:d9:18:c0:62:de:40:01:64:85:21: df:b3:8c:79:35:c4:e5:1a:8b:36:8c:a1:56:ed:e0: 2a:53:2b:23:43:dc:ef:14:c7:35:b0:9e:d0:53:4a: 79:56:97:59:0c:22:91:a0:48:a7:17:9c:c7:05:23: 50:cf:05:ec:99:21:29:6d:6b:27:bf:8d:9b:33:2f: 2a:90:b0:05:2d:2f:3a:73:dc:4f:ad:27:da:0b:7d: 85:3c:ca:d5:73:e9:67:f0:80:b9:b7:9c:97:95:7d: 11:bc:d9:ff:95:97:82:39:bd:8b:d0:2d:d9:0b:de: 48:7e:85:9c:27:83:c1:8f:d5:b0:79:cd:6b:47:57: b6:63:2a:08:32:b4:38:22:26:b8:4d:74:d1:fb:26: 11:81:04:40:9d:02:c2:05:c8:56:6e:cb:ba:c3:7b: c5:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:79:04:20:86:B9:85:74:77:2E:A6:EA:D8:AB:65:2B:55:9D:61:C2 X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/D43EBED0613C11F0B60AFC14C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 160.22.232.0/23 165.99.226.0/23 165.101.109.0/24 165.101.204.0/24 165.101.229.0/24 Signature Algorithm: sha256WithRSAEncryption ba:c7:04:48:5d:9e:f1:1d:1b:cf:d5:1f:6e:8d:91:3a:ac:8c: e7:88:8f:7c:34:42:f6:3a:6e:6c:8d:bc:4a:3b:b7:b3:66:04: 14:ff:50:bb:3e:a0:60:e0:3c:43:46:b6:dc:04:d2:a1:11:06: ed:d8:9f:9a:5d:58:f0:52:dc:78:18:a6:91:d6:f7:3c:25:2f: 51:c7:c3:a2:49:20:a1:a4:0a:ed:db:ed:14:3d:e8:7c:99:5d: ce:fe:0b:fe:d7:67:85:fd:87:09:71:3a:fc:bc:44:13:41:ed: 9d:4f:a0:62:d5:e1:02:27:93:e0:b8:16:89:1e:74:da:b6:a7: 7d:7a:91:ac:62:91:d0:77:b5:d9:d7:0f:e8:90:10:0e:a2:04: ba:25:3d:72:0c:0b:09:33:b9:f8:f6:75:51:d3:63:b9:a3:2d: 49:91:ae:40:56:2d:ec:f7:2c:56:49:de:f9:ab:f3:f8:61:65: a7:71:4e:93:ac:19:74:1c:47:32:35:3a:0d:d8:d8:68:c7:a7: fc:f0:aa:50:42:dd:78:d5:c9:20:b1:5d:4a:f5:8b:62:9a:82: 13:9e:68:42:9a:50:6b:b2:11:9c:b6:bc:b3:a3:97:ff:79:81: 81:46:94:b6:df:f7:4b:33:b3:28:47:2d:ed:74:35:b5:33:d2: 61:76:8f:19 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgICId4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjYwMTE3MTAwMDI5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTZiNWRiZC1hZTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvERtznIj05gdUVl0zTL2vnAA4Kb4GboNFpUcY8uJrSXVmA6KWZr7Uzbt5O81 HsxId+MVGRy1NP4jodGUjNyGcmzsG5IuUOe3rUWCctqOYkwKCqGrRdJ3d0anfiXi n9kYwGLeQAFkhSHfs4x5NcTlGos2jKFW7eAqUysjQ9zvFMc1sJ7QU0p5VpdZDCKR oEinF5zHBSNQzwXsmSEpbWsnv42bMy8qkLAFLS86c9xPrSfaC32FPMrVc+ln8IC5 t5yXlX0RvNn/lZeCOb2L0C3ZC95IfoWcJ4PBj9Wwec1rR1e2YyoIMrQ4Iia4TXTR +yYRgQRAnQLCBchWbsu6w3vF3wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFAx5BCCG uYV0dy6m6tirZStVnWHCMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDQzRUJFRDA2 MTNDMTFGMEI2MEFGQzE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E KDAmMCQEAgABMB4DBAGgFugDBAGlY+IDBAClZW0DBAClZcwDBAClZeUwDQYJKoZI hvcNAQELBQADggEBALrHBEhdnvEdG8/VH26NkTqsjOeIj3w0QvY6bmyNvEo7t7Nm BBT/ULs+oGDgPENGttwE0qERBu3Yn5pdWPBS3HgYppHW9zwlL1HHw6JJIKGkCu3b 7RQ96HyZXc7+C/7XZ4X9hwlxOvy8RBNB7Z1PoGLV4QInk+C4FokedNq2p316kaxi kdB3tdnXD+iQEA6iBLolPXIMCwkzufj2dVHTY7mjLUmRrkBWLez3LFZJ3vmr8/hh ZadxTpOsGXQcRzI1Og3Y2GjHp/zwqlBC3XjVySCxXUr1i2KaghOeaEKaUGuyEZy2 vLOjl/95gYFGlLbf90szsyhHLe10NbUz0mF2jxk= -----END CERTIFICATE-----Generated at Wed Jan 21 15:57:56 2026 by rpki-client