This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1C3A6780F11511F0AE6AB1984B6F56BC.roa File: 1C3A6780F11511F0AE6AB1984B6F56BC.roa (raw, json) Hash identifier: aoMfzGohSgjGSTmn4l99aMl5fjZQEPd175WoQlCt3No= Subject key identifier: A3:8B:DA:9B:09:24:30:FF:44:C6:C5:32:C5:6D:5F:0D:34:6E:82:86 Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: CD94 Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1C3A6780F11511F0AE6AB1984B6F56BC.roa Signing time: Wed 14 Jan 2026 06:49:02 +0000 ROA not before: Wed 14 Jan 2026 06:49:02 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 151690 IP address blocks: 43.228.166.0/23 maxlen: 24 43.230.132.0/23 maxlen: 24 103.96.15.0/24 maxlen: 24 103.109.220.0/22 maxlen: 24 103.110.244.0/23 maxlen: 24 103.147.93.0/24 maxlen: 24 103.155.206.0/23 maxlen: 24 103.157.162.0/23 maxlen: 24 103.162.74.0/24 maxlen: 24 103.162.75.0/24 maxlen: 24 103.172.56.0/24 maxlen: 24 103.185.100.0/24 maxlen: 24 103.216.99.0/24 maxlen: 24 103.225.70.0/24 maxlen: 24 103.239.12.0/23 maxlen: 24 2001:df1:8040::/48 maxlen: 48 2001:df2:23c0::/48 maxlen: 48 2001:df2:9640::/48 maxlen: 48 2001:df3:29c0::/48 maxlen: 48 2001:df4:88c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 11:06:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52628 (0xcd94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Jan 14 06:49:02 2026 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69673c5e-39b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:17:da:b2:4a:93:8a:99:ca:d5:35:9e:ec:13: 7a:c8:cc:ec:43:21:81:50:d7:9b:e9:6e:6a:2f:fb: 35:66:20:ea:f3:62:f7:23:43:07:ac:85:4e:df:13: 51:97:9e:56:47:88:ef:a2:ec:f9:e0:53:5c:66:5a: 1f:63:b3:28:7e:29:8e:25:41:2e:fd:8e:1b:66:6a: 62:41:06:e5:da:1f:aa:fd:12:38:ff:ca:d0:af:98: 07:43:6f:6d:c9:82:09:d5:94:c9:ee:0b:c9:e5:40: 1f:0c:13:42:34:63:96:c3:ec:49:74:60:a1:b7:fe: 25:81:db:d8:01:34:8d:70:07:8d:8a:89:4f:1f:a2: f3:bc:74:40:b5:ae:79:75:f6:d0:9c:c5:cb:c2:f9: 57:af:01:fb:b4:52:7b:23:8c:02:4b:8a:d0:16:02: 7e:89:63:e8:17:1c:6f:1f:00:4a:9b:04:ba:fc:96: 80:37:23:b5:ca:2e:27:4b:f7:0a:6a:2d:19:1d:9b: 4d:61:92:32:52:94:7f:17:d3:d6:4a:31:23:ac:cf: d9:f3:20:c4:0e:a9:86:18:bc:66:f3:85:be:d8:fa: 90:63:7e:c1:fe:31:8d:f2:4a:cf:bb:b7:76:59:d0: 7d:16:37:12:c3:37:b4:68:90:4d:62:85:23:25:0c: 3d:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:8B:DA:9B:09:24:30:FF:44:C6:C5:32:C5:6D:5F:0D:34:6E:82:86 X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1C3A6780F11511F0AE6AB1984B6F56BC.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.228.166.0/23 43.230.132.0/23 103.96.15.0/24 103.109.220.0/22 103.110.244.0/23 103.147.93.0/24 103.155.206.0/23 103.157.162.0/23 103.162.74.0/23 103.172.56.0/24 103.185.100.0/24 103.216.99.0/24 103.225.70.0/24 103.239.12.0/23 IPv6: 2001:df1:8040::/48 2001:df2:23c0::/48 2001:df2:9640::/48 2001:df3:29c0::/48 2001:df4:88c0::/48 Signature Algorithm: sha256WithRSAEncryption 96:d0:84:ca:47:3c:3b:5a:b7:e3:75:03:0e:72:ee:0b:87:da: 6f:0f:73:0c:c6:89:0f:45:ff:cd:15:5d:60:ce:83:ce:bb:0b: bf:d5:7a:47:41:48:6f:19:18:61:d8:35:3c:6b:a0:2b:b0:58: 6a:9e:e2:d8:78:92:e8:e3:36:fc:95:e2:21:6f:f5:53:16:2c: 05:aa:57:33:7a:c5:67:d6:59:c2:b4:d1:f0:a5:5e:ac:b1:2c: 20:68:1d:89:df:f1:a1:2f:d1:89:a2:e6:89:06:73:64:c5:da: 81:88:3b:4f:b0:b4:ab:3c:f9:7b:ed:be:4c:a9:a8:7d:fb:6b: f1:15:2d:32:47:bb:53:0f:52:4b:ea:f2:5d:94:d2:5c:b9:5e: 51:78:78:0d:c1:fb:c3:11:7f:90:cb:ab:50:19:09:44:e7:4f: 56:bf:ff:3f:88:53:89:33:71:de:44:82:d2:3d:26:c3:8f:5c: d5:e4:2c:81:af:04:0d:71:31:48:5b:52:13:8b:2f:39:45:30: 0c:5c:db:bd:df:25:9d:d8:09:69:9d:fd:35:e2:d6:0f:f9:ed: 0b:6e:04:6e:e8:d1:57:6a:f7:45:4c:1b:c1:91:3a:08:2d:8b: 6a:d3:18:66:54:b6:d8:36:1d:d4:56:b4:2b:7e:e3:bd:d2:b4: 7c:6c:aa:c0 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIDAM2UMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMMCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI2MDExNDA2NDkwMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAwwNNjk2NzNjNWUtMzliOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAX2rJKk4qZytU1nuwTesjM7EMhgVDXm+luai/7NWYg6vNi9yNDB6yFTt8T UZeeVkeI76Ls+eBTXGZaH2OzKH4pjiVBLv2OG2ZqYkEG5dofqv0SOP/K0K+YB0Nv bcmCCdWUye4LyeVAHwwTQjRjlsPsSXRgobf+JYHb2AE0jXAHjYqJTx+i87x0QLWu eXX20JzFy8L5V68B+7RSeyOMAkuK0BYCfolj6Bccbx8ASpsEuvyWgDcjtcouJ0v3 CmotGR2bTWGSMlKUfxfT1koxI6zP2fMgxA6phhi8ZvOFvtj6kGN+wf4xjfJKz7u3 dlnQfRY3EsM3tGiQTWKFIyUMPcUCAwEAAaOCAxswggMXMB0GA1UdDgQWBBSji9qb CSQw/0TGxTLFbV8NNG6ChjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzFDM0E2Nzgw RjExNTExRjBBRTZBQjE5ODRCNkY1NkJDLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGkBggrBgEFBQcBBwEB /wSBlDCBkTBaBAIAATBUAwQBK+SmAwQBK+aEAwQAZ2APAwQCZ23cAwQBZ270AwQA Z5NdAwQBZ5vOAwQBZ52iAwQBZ6JKAwQAZ6w4AwQAZ7lkAwQAZ9hjAwQAZ+FGAwQB Z+8MMDMEAgACMC0DBwAgAQ3xgEADBwAgAQ3yI8ADBwAgAQ3ylkADBwAgAQ3zKcAD BwAgAQ30iMAwDQYJKoZIhvcNAQELBQADggEBAJbQhMpHPDtat+N1Aw5y7guH2m8P cwzGiQ9F/80VXWDOg867C7/VekdBSG8ZGGHYNTxroCuwWGqe4th4kujjNvyV4iFv 9VMWLAWqVzN6xWfWWcK00fClXqyxLCBoHYnf8aEv0Ymi5okGc2TF2oGIO0+wtKs8 +XvtvkypqH37a/EVLTJHu1MPUkvq8l2U0ly5XlF4eA3B+8MRf5DLq1AZCUTnT1a/ /z+IU4kzcd5EgtI9JsOPXNXkLIGvBA1xMUhbUhOLLzlFMAxc273fJZ3YCWmd/TXi 1g/57QtuBG7o0Vdq90VMG8GROggti2rTGGZUttg2HdRWtCt+473StHxsqsA= -----END CERTIFICATE-----Generated at Mon Jan 19 21:44:11 2026 by rpki-client