This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/DC812B38F6CD11F0B253129E516F56BC.roa File: DC812B38F6CD11F0B253129E516F56BC.roa (raw, json) Hash identifier: Pt79s4I3yxDLMK6PYz/AXAuSaCc2PXJg+CO8CpTmZEA= Subject key identifier: CD:C4:F8:96:F9:D9:40:8A:F1:77:5C:5C:02:90:DF:D6:F6:CD:6C:9A Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Certificate serial: 21FA Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/DC812B38F6CD11F0B253129E516F56BC.roa Signing time: Wed 21 Jan 2026 13:48:42 +0000 ROA not before: Wed 21 Jan 2026 13:48:42 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 151734 IP address blocks: 138.252.200.0/23 maxlen: 24 157.15.202.0/23 maxlen: 24 157.20.211.0/24 maxlen: 24 160.22.108.0/23 maxlen: 24 168.220.232.0/22 maxlen: 24 168.220.236.0/22 maxlen: 24 168.220.240.0/22 maxlen: 24 168.220.244.0/22 maxlen: 24 168.220.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 13:53:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8698 (0x21fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9 Validity Not Before: Jan 21 13:48:42 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6970d93a-daa1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:70:cf:37:fb:6b:c4:4f:a1:97:71:b6:f6:9d: 4b:cd:12:62:f0:21:f2:8e:ca:14:68:68:ed:8c:14: 44:dd:45:d8:a6:83:1b:cd:c5:77:5b:b9:12:52:f1: de:4e:44:27:6b:7e:4a:8d:32:1f:cf:a3:48:af:c9: fa:3d:3f:6a:ee:e2:fd:04:7f:30:02:e9:1e:4e:6e: 83:03:7c:c6:43:09:d0:aa:84:54:12:30:95:74:3c: 24:bc:a6:59:dc:1a:67:41:7d:59:47:0a:dd:df:8e: d0:85:af:6a:d8:ec:b4:65:12:ea:35:fe:74:46:9e: fe:62:83:8f:d1:2c:e3:66:74:18:d0:5f:77:86:2e: ee:66:80:d1:5e:bd:b2:0b:85:c1:20:ce:fc:de:e6: 35:2b:c7:b1:81:9e:f9:7c:d7:32:dd:01:10:8f:f3: 97:d7:7b:bb:de:9c:6c:22:4c:5d:e2:af:9c:d9:02: f9:fe:a9:c0:bb:05:b2:6e:3a:1d:a9:66:c2:21:8c: 7b:1e:ed:e2:e4:99:fe:04:e6:2b:27:c7:59:0d:71: 72:35:64:cd:94:f8:27:99:d7:02:4e:de:23:40:72: 7a:bd:21:b2:91:c9:5d:88:76:50:26:f0:cd:7c:d1: d2:12:69:36:d6:75:b5:e1:5f:b7:5b:f2:1d:d0:ed: 3b:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:C4:F8:96:F9:D9:40:8A:F1:77:5C:5C:02:90:DF:D6:F6:CD:6C:9A X509v3 Authority Key Identifier: keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/DC812B38F6CD11F0B253129E516F56BC.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 138.252.200.0/23 157.15.202.0/23 157.20.211.0/24 160.22.108.0/23 168.220.232.0-168.220.251.255 Signature Algorithm: sha256WithRSAEncryption 0e:1d:b0:62:7d:ad:94:0c:b6:b4:b4:1a:6c:b1:ba:c7:6a:94: c5:7d:6a:32:69:ac:bf:27:71:04:86:9c:be:07:6e:7a:20:84: 72:c3:ce:8f:82:97:77:59:6c:d1:9f:b4:4c:12:11:d9:e9:11: 23:3b:5d:af:e0:6f:70:e3:7e:8c:b4:db:49:bd:5c:77:be:f9: 5e:45:68:90:aa:49:62:50:c1:90:87:92:3f:eb:03:ce:e7:79: 24:5c:15:bf:4b:09:bf:72:44:a7:3c:c8:3a:04:89:e6:bc:da: 54:4f:d9:90:36:1d:0e:44:ef:43:dd:a0:65:af:90:25:62:35: 93:10:91:34:6c:d0:66:0b:84:07:6b:6d:3e:c6:ef:e6:f5:05: 9d:00:2c:35:7d:8f:6b:b0:fc:87:c8:98:af:69:2e:b7:8e:42: e7:02:17:e0:09:07:47:c4:6d:fd:d0:48:52:3c:47:06:6b:c3: 40:d2:2d:b7:fa:b2:87:fc:f1:3e:f5:0e:c7:dd:3d:46:4f:ce: f7:dc:6e:b2:e1:04:3d:b3:08:64:66:6f:9d:2b:91:ab:93:29: 81:3a:9b:ab:c0:0c:ea:1a:6f:47:70:04:08:26:92:f8:22:aa: f0:44:ea:72:5a:54:ce:0c:ba:97:4b:0a:12:21:d6:fc:7d:91: 1d:a2:37:89 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICIfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF QkU2OTczRjkwHhcNMjYwMTIxMTM0ODQyWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTcwZDkzYS1kYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAl3DPN/trxE+hl3G29p1LzRJi8CHyjsoUaGjtjBRE3UXYpoMbzcV3W7kSUvHe TkQna35KjTIfz6NIr8n6PT9q7uL9BH8wAukeTm6DA3zGQwnQqoRUEjCVdDwkvKZZ 3BpnQX1ZRwrd347Qha9q2Oy0ZRLqNf50Rp7+YoOP0SzjZnQY0F93hi7uZoDRXr2y C4XBIM783uY1K8exgZ75fNcy3QEQj/OX13u73pxsIkxd4q+c2QL5/qnAuwWybjod qWbCIYx7Hu3i5Jn+BOYrJ8dZDXFyNWTNlPgnmdcCTt4jQHJ6vSGykcldiHZQJvDN fNHSEmk21nW14V+3W/Id0O07CQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFM3E+Jb5 2UCK8XdcXAKQ39b2zWyaMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvREM4MTJCMzhG NkNEMTFGMEIyNTMxMjlFNTE2RjU2QkMucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBAGK/MgDBAGdD8oDBACdFNMDBAGgFmwwDAMEA6jc6AMEAqjc +DANBgkqhkiG9w0BAQsFAAOCAQEADh2wYn2tlAy2tLQabLG6x2qUxX1qMmmsvydx BIacvgdueiCEcsPOj4KXd1ls0Z+0TBIR2ekRIztdr+BvcON+jLTbSb1cd775XkVo kKpJYlDBkIeSP+sDzud5JFwVv0sJv3JEpzzIOgSJ5rzaVE/ZkDYdDkTvQ92gZa+Q JWI1kxCRNGzQZguEB2ttPsbv5vUFnQAsNX2Pa7D8h8iYr2kut45C5wIX4AkHR8Rt /dBIUjxHBmvDQNItt/qyh/zxPvUOx909Rk/O99xusuEEPbMIZGZvnSuRq5MpgTqb q8AM6hpvR3AECCaS+CKq8ETqclpUzgy6l0sKEiHW/H2RHaI3iQ== -----END CERTIFICATE-----Generated at Wed Jan 21 18:53:26 2026 by rpki-client