This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9F0E533AB97311F08173C545C4F9AE02.roa File: 9F0E533AB97311F08173C545C4F9AE02.roa (raw, json) Hash identifier: dyIpK/szW5FuulCXAZXE5Tk6mUWfHilPgQEO8TARZJs= Subject key identifier: 7A:D7:81:B8:47:97:E4:96:57:95:19:AF:99:27:A9:37:0E:8A:60:EC Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Certificate serial: C7BA Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9F0E533AB97311F08173C545C4F9AE02.roa Signing time: Tue 18 Nov 2025 05:44:54 +0000 ROA not before: Tue 18 Nov 2025 05:44:54 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 151732 IP address blocks: 103.129.194.0/24 maxlen: 24 103.164.26.0/23 maxlen: 24 103.191.88.0/23 maxlen: 24 103.197.78.0/23 maxlen: 23 103.197.78.0/24 maxlen: 24 103.197.79.0/24 maxlen: 24 2001:df4:5c40::/48 maxlen: 48 2401:d5e0::/32 maxlen: 32 2401:d5e0::/48 maxlen: 48 2401:d5e0:1::/48 maxlen: 48 2401:d5e0:2::/48 maxlen: 48 2401:d5e0:3::/48 maxlen: 48 2401:d5e0:4::/48 maxlen: 48 2401:d5e0:5::/48 maxlen: 48 2401:d5e0:6::/48 maxlen: 48 2401:d5e0:7::/48 maxlen: 48 2401:d5e0:8::/48 maxlen: 48 2401:d5e0:9::/48 maxlen: 48 2401:d5e0:a::/48 maxlen: 48 2401:d5e0:b::/48 maxlen: 48 2401:d5e0:c::/48 maxlen: 48 2401:d5e0:d::/48 maxlen: 48 2401:d5e0:e::/48 maxlen: 48 2401:d5e0:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 12:14:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51130 (0xc7ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823 Validity Not Before: Nov 18 05:44:54 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=691c07d5-465f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:ae:ca:c1:99:b0:c5:b0:17:f4:fb:2d:5c:59: 87:11:40:f9:c7:ec:3a:1e:1b:58:80:d7:14:8a:c3: e2:e0:98:02:ee:11:f1:50:1b:75:99:50:ce:41:ad: 96:22:b1:9b:54:ba:eb:d6:20:a3:f8:df:95:b7:d1: 02:ee:89:52:f4:15:de:c1:b6:a5:23:68:fc:95:4e: b5:ad:48:ff:8d:28:b3:ac:1f:96:eb:c7:1b:6a:bf: 10:4c:cd:f3:42:3d:c5:7d:b3:5b:7f:f6:78:9a:cd: 0a:11:17:ff:d9:e7:a3:db:48:d9:77:a5:1f:f9:f8: c1:d6:14:4f:29:bd:5c:cb:2e:72:78:f9:00:9d:fd: 36:e8:6b:8d:85:a9:ce:8a:1e:12:d8:3c:b1:a2:aa: 35:e1:eb:f5:e7:1b:0c:61:29:8f:99:77:de:00:a7: db:19:c0:40:c1:fc:f6:ad:23:92:4b:c6:3d:ca:b2: 67:cd:db:55:8e:4b:53:7c:d7:4f:bd:04:22:4b:11: 94:db:85:f1:19:64:56:0d:e3:0b:26:6f:b1:53:c7: 70:ed:8d:1b:6b:2b:14:ee:12:05:f5:21:3b:be:be: 13:19:89:43:00:20:d5:97:9a:3a:99:00:fb:9a:b8: a9:c1:44:1b:9a:9f:10:55:8e:97:4b:4d:6e:19:c9: 1a:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:D7:81:B8:47:97:E4:96:57:95:19:AF:99:27:A9:37:0E:8A:60:EC X509v3 Authority Key Identifier: keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9F0E533AB97311F08173C545C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.129.194.0/24 103.164.26.0/23 103.191.88.0/23 103.197.78.0/23 IPv6: 2001:df4:5c40::/48 2401:d5e0::/32 Signature Algorithm: sha256WithRSAEncryption 25:93:11:f5:35:00:e6:a5:b1:43:85:c7:21:ea:2b:4b:c1:a4: df:07:c1:33:14:13:0c:b9:8d:d6:31:8b:6d:16:b0:82:32:3a: bd:f7:13:46:a2:a2:12:dc:e9:42:cc:2f:5a:3c:8b:62:c6:7a: 5a:71:08:5f:b9:60:a0:ea:8b:5c:32:0b:73:7e:3a:50:66:de: 16:03:04:30:53:98:50:a6:7e:25:97:eb:25:f9:ca:75:5f:59: fe:95:db:7e:17:7d:2b:cc:82:72:ac:0f:aa:78:c8:81:63:f1: b9:23:7e:e5:6f:48:cb:f4:d6:1d:16:25:33:13:a1:5d:82:90: 2f:ad:e3:6d:47:de:3a:a7:74:22:fe:6e:86:b2:ee:fb:3d:13: 04:ef:7e:34:22:f3:29:06:5a:80:60:9e:1d:2e:ff:46:26:47: be:8d:c7:21:12:31:70:64:24:d6:84:fd:64:66:d0:f2:f3:ed: ee:55:28:5a:8b:c5:8d:d1:92:a4:08:f2:64:42:c9:b6:a3:8e: cf:60:5a:3e:ca:80:c5:eb:8b:aa:a7:12:27:0d:2e:a8:c3:3b: 9d:74:cf:ab:65:45:14:b4:1b:5f:df:c1:68:84:d8:7c:b8:30: bf:a5:58:54:fe:db:19:b2:06:d0:03:6c:eb:07:23:17:34:bb: 0b:8c:9e:87 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIDAMe6MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5 MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4 M0UzQUJDODIzMB4XDTI1MTExODA1NDQ1NFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG A1UEAxMNNjkxYzA3ZDUtNDY1ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOGuysGZsMWwF/T7LVxZhxFA+cfsOh4bWIDXFIrD4uCYAu4R8VAbdZlQzkGt liKxm1S669Ygo/jflbfRAu6JUvQV3sG2pSNo/JVOta1I/40os6wfluvHG2q/EEzN 80I9xX2zW3/2eJrNChEX/9nno9tI2XelH/n4wdYUTym9XMsucnj5AJ39NuhrjYWp zooeEtg8saKqNeHr9ecbDGEpj5l33gCn2xnAQMH89q0jkkvGPcqyZ83bVY5LU3zX T70EIksRlNuF8RlkVg3jCyZvsVPHcO2NG2srFO4SBfUhO76+ExmJQwAg1ZeaOpkA +5q4qcFEG5qfEFWOl0tNbhnJGpsCAwEAAaOCAr8wggK7MB0GA1UdDgQWBBR614G4 R5fklleVGa+ZJ6k3Dopg7DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3 MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB /wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5 MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlGMEU1MzNB Qjk3MzExRjA4MTczQzU0NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6 Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEkGCCsGAQUFBwEHAQH/ BDowODAeBAIAATAYAwQAZ4HCAwQBZ6QaAwQBZ79YAwQBZ8VOMBYEAgACMBADBwAg AQ30XEADBQAkAdXgMA0GCSqGSIb3DQEBCwUAA4IBAQAlkxH1NQDmpbFDhcch6itL waTfB8EzFBMMuY3WMYttFrCCMjq99xNGoqIS3OlCzC9aPItixnpacQhfuWCg6otc MgtzfjpQZt4WAwQwU5hQpn4ll+sl+cp1X1n+ldt+F30rzIJyrA+qeMiBY/G5I37l b0jL9NYdFiUzE6FdgpAvreNtR946p3Qi/m6Gsu77PRME7340IvMpBlqAYJ4dLv9G Jke+jcchEjFwZCTWhP1kZtDy8+3uVShai8WN0ZKkCPJkQsm2o47PYFo+yoDF64uq pxInDS6owzuddM+rZUUUtBtf38FohNh8uDC/pVhU/tsZsgbQA2zrByMXNLsLjJ6H -----END CERTIFICATE-----Generated at Fri Dec 5 17:19:25 2025 by rpki-client