This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/0FD0ED72DEDF11F085D204E3526F56BC.roa File: 0FD0ED72DEDF11F085D204E3526F56BC.roa (raw, json) Hash identifier: 8DkUzdP/I30cuE6y9U/AqATYTEceQa8WQHx8JCg9d7U= Subject key identifier: 3D:38:25:8B:2B:D5:B6:48:87:BB:DD:EE:56:D7:7B:C6:18:9F:BE:1F Certificate issuer: /CN=A911E509/serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8 Certificate serial: 09EB Authority key identifier: AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/0FD0ED72DEDF11F085D204E3526F56BC.roa Signing time: Mon 22 Dec 2025 02:36:47 +0000 ROA not before: Mon 22 Dec 2025 02:36:47 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 135391 IP address blocks: 43.224.64.0/22 maxlen: 24 43.230.88.0/22 maxlen: 24 45.253.246.0/23 maxlen: 24 45.255.132.0/22 maxlen: 24 61.29.240.0/22 maxlen: 24 61.29.248.0/24 maxlen: 24 61.29.249.0/24 maxlen: 24 61.29.250.0/23 maxlen: 24 103.43.84.0/22 maxlen: 23 103.43.84.0/23 maxlen: 24 103.43.86.0/24 maxlen: 24 103.49.132.0/22 maxlen: 24 103.65.40.0/22 maxlen: 24 103.98.8.0/22 maxlen: 24 103.211.230.0/23 maxlen: 24 103.216.100.0/22 maxlen: 23 103.216.100.0/24 maxlen: 24 103.216.102.0/23 maxlen: 24 146.196.76.0/23 maxlen: 24 157.119.232.0/22 maxlen: 24 2405:fd80:1000::/40 maxlen: 40 2405:fd80:1000::/48 maxlen: 48 2405:fd80:1003::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.crl rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 19:29:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2539 (0x9eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E509, serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8 Validity Not Before: Dec 22 02:36:47 2025 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=6948aebf-07a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:bc:51:64:05:38:d1:06:ea:3c:95:08:2a:50: 8f:86:43:c4:3f:ae:c7:78:f6:37:19:ab:22:fe:36: 24:9d:e1:6d:4f:fc:8b:ba:b7:c6:96:f0:39:dd:cf: ec:44:8d:01:02:cb:b6:89:ee:b3:21:0e:b8:97:38: b6:f8:3f:a3:59:ff:28:74:17:b3:17:41:a4:69:f8: f7:f7:98:bc:15:2a:cf:c5:32:53:57:be:4e:7b:0c: 9a:54:ba:9c:91:5f:97:d5:0a:a9:64:24:a8:10:99: 7f:cb:1c:d0:01:57:5c:81:73:7d:bf:a4:cc:2d:c2: 3b:af:02:bb:dc:94:89:d0:14:75:5e:7b:01:e2:43: 20:f1:d3:72:e9:8f:fb:0c:7a:5d:2e:ee:70:7a:60: 12:13:47:27:77:fc:22:15:ce:77:46:34:4e:f6:87: 6f:2c:4c:23:14:e5:ed:98:eb:66:dc:d7:0b:92:23: 9d:a0:0e:e1:6c:12:95:6b:8f:2a:9c:18:64:8e:66: 16:cc:7b:06:10:47:66:c9:c8:81:51:48:27:00:d6: 79:d9:22:c2:8b:55:c3:e0:71:02:69:63:5f:47:85: e5:50:e3:42:a1:85:f1:d7:07:18:04:9e:27:42:1d: 09:90:6a:c8:a2:22:35:a6:85:c4:f6:84:43:27:7f: e4:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:38:25:8B:2B:D5:B6:48:87:BB:DD:EE:56:D7:7B:C6:18:9F:BE:1F X509v3 Authority Key Identifier: keyid:AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/0FD0ED72DEDF11F085D204E3526F56BC.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.64.0/22 43.230.88.0/22 45.253.246.0/23 45.255.132.0/22 61.29.240.0/22 61.29.248.0/22 103.43.84.0/22 103.49.132.0/22 103.65.40.0/22 103.98.8.0/22 103.211.230.0/23 103.216.100.0/22 146.196.76.0/23 157.119.232.0/22 IPv6: 2405:fd80:1000::/40 Signature Algorithm: sha256WithRSAEncryption 09:6f:d1:8e:f3:2d:95:42:9a:e3:b7:ef:fc:af:7c:6f:a7:42: 62:e1:f3:51:a8:bb:54:1f:bf:09:03:94:eb:0d:8d:40:08:9e: 72:9f:0a:0d:78:86:3d:ae:8b:65:bb:d4:1f:ae:92:f6:21:07: 8a:d5:4d:57:c0:37:9d:2c:44:83:33:c3:a7:6b:ca:7b:ca:7c: 0d:02:e8:d0:c8:a1:c7:bf:07:6e:7d:13:65:2e:77:0d:b8:99: 2a:a5:67:ab:6d:8b:61:4d:78:27:01:a9:ed:55:58:5c:28:a5: 0e:a3:de:d0:8c:09:93:d3:2a:56:72:e3:99:88:2a:69:92:69: 07:e7:62:00:81:7d:fc:2f:6d:b7:f1:d3:cf:a7:53:9c:05:c9: a3:a2:a1:09:7b:40:5c:a8:0d:cc:b6:58:99:f2:2b:10:9d:58: 36:f5:7c:14:33:fe:ae:50:3b:23:97:f4:34:97:b4:e6:9c:1a: 98:36:a6:24:a6:e5:37:52:fa:b8:0a:7d:2f:c2:f1:a0:9c:d0: ad:39:24:bc:f1:af:68:b8:c5:4f:fc:88:24:d1:56:d3:35:d1: 7c:58:9f:86:11:cb:35:8a:68:03:23:93:0f:9a:c2:28:16:ba: f2:88:3c:3a:04:9a:b1:f8:83:58:64:dd:4a:3f:b6:a1:2f:92: 57:22:73:ca -----BEGIN CERTIFICATE----- MIIFzzCCBLegAwIBAgICCeswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUU1MDkxMTAvBgNVBAUTKEFBOEUxQkUzNjI0MjQwREMzMzAyMDQ3RkI0MUE3RDRF NDc4MDhFRjgwHhcNMjUxMjIyMDIzNjQ3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDDA02OTQ4YWViZi0wN2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1LxRZAU40QbqPJUIKlCPhkPEP67HePY3Gasi/jYkneFtT/yLurfGlvA53c/s RI0BAsu2ie6zIQ64lzi2+D+jWf8odBezF0Gkafj395i8FSrPxTJTV75OewyaVLqc kV+X1QqpZCSoEJl/yxzQAVdcgXN9v6TMLcI7rwK73JSJ0BR1XnsB4kMg8dNy6Y/7 DHpdLu5wemASE0cnd/wiFc53RjRO9odvLEwjFOXtmOtm3NcLkiOdoA7hbBKVa48q nBhkjmYWzHsGEEdmyciBUUgnANZ52SLCi1XD4HECaWNfR4XlUONCoYXx1wcYBJ4n Qh0JkGrIoiI1poXE9oRDJ3/kswIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFD04JYsr 1bZIh7vd7lbXe8YYn74fMB8GA1UdIwQYMBaAFKqOG+NiQkDcMwIEf7QafU5HgI74 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTUwOS83OUVBNTkxRUE3 QkQxMUVBQUFBNjI5NDhDNEY5QUUwMi9xbzRiNDJKQ1FOd3pBZ1JfdEJwOVRrZUFq dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FvNGI0MkpDUU53ekFnUl90QnA5VGtlQWp2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUU1MDkvNzlFQTU5MUVBN0JEMTFFQUFBQTYyOTQ4QzRGOUFFMDIvMEZEMEVENzJE RURGMTFGMDg1RDIwNEUzNTI2RjU2QkMucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfQYIKwYBBQUHAQcBAf8E bjBsMFoEAgABMFQDBAIr4EADBAIr5lgDBAEt/fYDBAIt/4QDBAI9HfADBAI9HfgD BAJnK1QDBAJnMYQDBAJnQSgDBAJnYggDBAFn0+YDBAJn2GQDBAGSxEwDBAKdd+gw DgQCAAIwCAMGACQF/YAQMA0GCSqGSIb3DQEBCwUAA4IBAQAJb9GO8y2VQprjt+/8 r3xvp0Ji4fNRqLtUH78JA5TrDY1ACJ5ynwoNeIY9rotlu9QfrpL2IQeK1U1XwDed LESDM8Ona8p7ynwNAujQyKHHvwdufRNlLncNuJkqpWerbYthTXgnAantVVhcKKUO o97QjAmT0ypWcuOZiCppkmkH52IAgX38L2238dPPp1OcBcmjoqEJe0BcqA3MtliZ 8isQnVg29XwUM/6uUDsjl/Q0l7TmnBqYNqYkpuU3Uvq4Cn0vwvGgnNCtOSS88a9o uMVP/Igk0VbTNdF8WJ+GEcs1imgDI5MPmsIoFrryiDw6BJqx+INYZN1KP7ahL5JX InPK -----END CERTIFICATE-----Generated at Wed Dec 24 20:19:55 2025 by rpki-client