This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/2346577EAE5811EFAFE7FF84C4F9AE02.roa File: 2346577EAE5811EFAFE7FF84C4F9AE02.roa (raw, json) Hash identifier: 8Y7BjEQwwth3UdSD7/xgkj96IaOOzZmnkVz9bWZwiMI= Subject key identifier: 20:D4:D3:07:A4:40:FB:C8:DE:06:55:DB:C3:BF:9E:0E:52:AD:B9:13 Certificate issuer: /CN=A912B12A/serialNumber=ECFF32440C4EE1D27943CDB72A7D491063402DF1 Certificate serial: C9 Authority key identifier: EC:FF:32:44:0C:4E:E1:D2:79:43:CD:B7:2A:7D:49:10:63:40:2D:F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7P8yRAxO4dJ5Q823Kn1JEGNALfE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/2346577EAE5811EFAFE7FF84C4F9AE02.roa Signing time: Wed 17 Dec 2025 06:24:22 +0000 ROA not before: Wed 17 Dec 2025 06:24:22 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 137047 IP address blocks: 2401:db60::/34 maxlen: 34 2401:db60:4000::/34 maxlen: 34 2401:db60:8000::/34 maxlen: 34 2401:db60:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/7P8yRAxO4dJ5Q823Kn1JEGNALfE.crl rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/7P8yRAxO4dJ5Q823Kn1JEGNALfE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7P8yRAxO4dJ5Q823Kn1JEGNALfE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 04:58:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 201 (0xc9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912B12A, serialNumber=ECFF32440C4EE1D27943CDB72A7D491063402DF1 Validity Not Before: Dec 17 06:24:22 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69424c96-26d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:6e:f1:7a:04:53:17:8d:63:f6:7f:f1:71:05: 0d:59:fe:42:c6:79:60:ca:db:db:cd:96:25:a6:61: 01:f9:fd:aa:37:5c:cc:41:0e:53:44:fe:2b:20:24: a4:a4:4d:3e:2e:28:7f:6e:03:84:db:60:3e:b3:3d: 24:6e:77:dc:86:06:f1:91:b5:32:d0:8f:1d:3e:eb: 84:08:32:f9:e8:ad:93:18:c2:9f:4a:92:18:d5:f7: 68:1f:04:80:2e:dc:84:46:ae:81:5f:81:9f:4b:e9: 4c:07:44:2b:71:38:2a:68:cc:37:66:f6:bd:0b:de: 0b:c1:e1:cb:98:e0:fb:81:c5:a0:7c:b4:6c:f1:e5: 4a:a1:40:2c:84:e3:99:3b:54:c6:b9:05:ba:07:f9: 7e:7c:5e:d4:a2:ac:71:99:59:4c:50:7a:40:f9:3d: 6e:14:7a:8e:6d:8b:29:97:76:7e:6e:27:7a:3b:2a: d0:61:f1:a0:a0:0f:ad:f4:db:26:21:2b:1d:c3:3a: d4:fe:32:e5:b5:06:a3:82:7b:4a:40:a0:99:5b:cc: bb:6a:66:05:04:16:f2:bd:22:01:f2:77:10:29:55: 9d:65:62:d7:32:f1:e7:70:f9:75:80:4b:a6:14:62: 5e:25:69:f5:73:e4:16:8f:6c:f5:40:ce:8b:29:b2: ba:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:D4:D3:07:A4:40:FB:C8:DE:06:55:DB:C3:BF:9E:0E:52:AD:B9:13 X509v3 Authority Key Identifier: keyid:EC:FF:32:44:0C:4E:E1:D2:79:43:CD:B7:2A:7D:49:10:63:40:2D:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/7P8yRAxO4dJ5Q823Kn1JEGNALfE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7P8yRAxO4dJ5Q823Kn1JEGNALfE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B12A/B9D4CF42AE3D11EF96B76C6AC4F9AE02/2346577EAE5811EFAFE7FF84C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:db60::/32 Signature Algorithm: sha256WithRSAEncryption 4c:ba:2c:c9:2c:d2:00:64:37:2e:7a:90:51:88:8d:76:d4:d2: 1e:f3:c3:09:28:e7:77:2c:6b:6d:77:75:d0:6b:88:f2:e5:83: 36:b9:6d:f7:5b:fd:10:bb:19:28:15:ae:36:5f:e6:a8:01:0c: 92:62:0d:82:14:6e:b3:10:ff:8f:70:82:b4:59:60:21:a7:78: 23:2b:f2:22:00:36:31:ba:46:e4:9e:96:91:1f:e2:6e:25:7d: 20:0d:9b:ab:22:e7:75:a3:59:a7:67:3e:e7:10:8f:55:37:dc: 17:0a:57:94:d7:0a:93:64:55:15:e3:0e:a0:74:38:66:15:4a: 79:d9:a6:8e:1e:8a:3b:f3:8e:ce:96:c8:51:f6:d8:a8:a5:56: d3:ac:c1:68:1d:4c:70:ec:ad:4a:44:ae:61:5c:f1:94:c4:16: 82:aa:e5:97:45:8a:f1:7c:0d:4f:b8:30:3e:c0:ac:86:7f:08: 4b:87:29:ba:06:b7:e0:b3:da:bb:59:31:74:57:60:4e:7e:fb: da:f4:ee:ad:30:88:91:ca:96:f1:7b:20:a9:4b:ab:47:ef:e1: c2:fd:7e:15:18:9f:e0:4a:b8:e4:4a:68:e9:38:e0:69:56:65: 82:f3:bf:b3:12:bb:5c:08:1e:61:36:ee:61:4c:9a:a0:d1:47: f9:2c:51:bc -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkIxMkExMTAvBgNVBAUTKEVDRkYzMjQ0MEM0RUUxRDI3OTQzQ0RCNzJBN0Q0OTEw NjM0MDJERjEwHhcNMjUxMjE3MDYyNDIyWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDDA02OTQyNGM5Ni0yNmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArW7xegRTF41j9n/xcQUNWf5CxnlgytvbzZYlpmEB+f2qN1zMQQ5TRP4rICSk pE0+Lih/bgOE22A+sz0kbnfchgbxkbUy0I8dPuuECDL56K2TGMKfSpIY1fdoHwSA LtyERq6BX4GfS+lMB0QrcTgqaMw3Zva9C94LweHLmOD7gcWgfLRs8eVKoUAshOOZ O1TGuQW6B/l+fF7UoqxxmVlMUHpA+T1uFHqObYspl3Z+bid6OyrQYfGgoA+t9Nsm ISsdwzrU/jLltQajgntKQKCZW8y7amYFBBbyvSIB8ncQKVWdZWLXMvHncPl1gEum FGJeJWn1c+QWj2z1QM6LKbK6LwIDAQABo4ICljCCApIwHQYDVR0OBBYEFCDU0wek QPvI3gZV28O/ng5SrbkTMB8GA1UdIwQYMBaAFOz/MkQMTuHSeUPNtyp9SRBjQC3x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjEyQS9COUQ0Q0Y0MkFF M0QxMUVGOTZCNzZDNkFDNEY5QUUwMi83UDh5UkF4TzRkSjVRODIzS24xSkVHTkFM ZkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdQOHlSQXhPNGRKNVE4MjNLbjFKRUdOQUxmRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkIxMkEvQjlENENGNDJBRTNEMTFFRjk2Qjc2QzZBQzRGOUFFMDIvMjM0NjU3N0VB RTU4MTFFRkFGRTdGRjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E ETAPMA0EAgACMAcDBQAkAdtgMA0GCSqGSIb3DQEBCwUAA4IBAQBMuizJLNIAZDcu epBRiI121NIe88MJKOd3LGttd3XQa4jy5YM2uW33W/0QuxkoFa42X+aoAQySYg2C FG6zEP+PcIK0WWAhp3gjK/IiADYxukbknpaRH+JuJX0gDZurIud1o1mnZz7nEI9V N9wXCleU1wqTZFUV4w6gdDhmFUp52aaOHoo7847OlshR9tiopVbTrMFoHUxw7K1K RK5hXPGUxBaCquWXRYrxfA1PuDA+wKyGfwhLhym6Brfgs9q7WTF0V2BOfvva9O6t MIiRypbxeyCpS6tH7+HC/X4VGJ/gSrjkSmjpOOBpVmWC87+zErtcCB5hNu5hTJqg 0Uf5LFG8 -----END CERTIFICATE-----Generated at Sat Dec 20 16:05:28 2025 by rpki-client