This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/FC895C72C39F11F095CC9914C4F9AE02.roa File: FC895C72C39F11F095CC9914C4F9AE02.roa (raw, json) Hash identifier: uYEzCWLaVUrJF31Uyzd6mg/VgXA7JVYC2/J8xaXMb68= Subject key identifier: 50:4B:21:94:23:4F:B3:9F:90:AF:8E:EB:6A:AA:B1:26:21:BE:AC:7A Certificate issuer: /CN=A912C8AF/serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4 Certificate serial: 0BFD Authority key identifier: 76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/FC895C72C39F11F095CC9914C4F9AE02.roa Signing time: Wed 10 Dec 2025 10:33:23 +0000 ROA not before: Wed 10 Dec 2025 10:33:23 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 138915 IP address blocks: 59.153.156.0/24 maxlen: 24 59.153.157.0/24 maxlen: 24 59.153.158.0/24 maxlen: 24 59.153.159.0/24 maxlen: 24 103.84.108.0/24 maxlen: 24 103.84.109.0/24 maxlen: 24 103.84.110.0/24 maxlen: 24 103.84.111.0/24 maxlen: 24 103.136.248.0/22 maxlen: 22 103.136.248.0/24 maxlen: 24 103.136.249.0/24 maxlen: 24 103.136.250.0/24 maxlen: 24 103.136.251.0/24 maxlen: 24 103.145.72.0/24 maxlen: 24 103.145.73.0/24 maxlen: 24 103.151.138.0/23 maxlen: 23 103.151.138.0/24 maxlen: 24 103.151.139.0/24 maxlen: 24 103.152.14.0/24 maxlen: 24 103.152.15.0/24 maxlen: 24 103.152.98.0/24 maxlen: 24 103.152.99.0/24 maxlen: 24 103.154.242.0/24 maxlen: 24 103.154.243.0/24 maxlen: 24 103.155.16.0/24 maxlen: 24 103.155.17.0/24 maxlen: 24 103.198.200.0/24 maxlen: 24 103.198.201.0/24 maxlen: 24 103.198.202.0/24 maxlen: 24 103.198.203.0/24 maxlen: 24 175.176.192.0/24 maxlen: 24 175.176.193.0/24 maxlen: 24 175.176.194.0/24 maxlen: 24 175.176.195.0/24 maxlen: 24 2404:a140::/32 maxlen: 32 2404:a140:2::/48 maxlen: 48 2404:a140:3::/48 maxlen: 48 2404:a140:4::/48 maxlen: 48 2404:a140:5::/48 maxlen: 48 2404:a140:6::/48 maxlen: 48 2404:a140:7::/48 maxlen: 48 2404:a140:8::/48 maxlen: 48 2404:a140:9::/48 maxlen: 48 2404:a140:a::/48 maxlen: 48 2404:a140:b::/48 maxlen: 48 2404:a140:c::/48 maxlen: 48 2404:a140:d::/48 maxlen: 48 2404:a140:e::/48 maxlen: 48 2404:a140:f::/48 maxlen: 48 2404:a140:10::/48 maxlen: 48 2404:a140:11::/48 maxlen: 48 2404:a140:12::/48 maxlen: 48 2404:a140:13::/48 maxlen: 48 2404:a140:14::/48 maxlen: 48 2404:a140:15::/48 maxlen: 48 2404:a140:16::/48 maxlen: 48 2404:a140:17::/48 maxlen: 48 2404:a140:18::/48 maxlen: 48 2404:a140:19::/48 maxlen: 48 2404:a140:1a::/48 maxlen: 48 2404:a140:1b::/48 maxlen: 48 2404:a140:1c::/48 maxlen: 48 2404:a140:1d::/48 maxlen: 48 2404:a140:1e::/48 maxlen: 48 2404:a140:1f::/48 maxlen: 48 2404:a140:20::/48 maxlen: 48 2404:a140:21::/48 maxlen: 48 2404:a140:22::/48 maxlen: 48 2404:a140:23::/48 maxlen: 48 2404:a140:24::/48 maxlen: 48 2404:a140:25::/48 maxlen: 48 2404:a140:26::/48 maxlen: 48 2404:a140:27::/48 maxlen: 48 2404:a140:28::/48 maxlen: 48 2404:a140:29::/48 maxlen: 48 2404:a140:2a::/48 maxlen: 48 2404:a140:2b::/48 maxlen: 48 2404:a140:2c::/48 maxlen: 48 2404:a140:2d::/48 maxlen: 48 2404:a140:2e::/48 maxlen: 48 2404:a140:2f::/48 maxlen: 48 2404:a140:30::/48 maxlen: 48 2404:a140:32::/48 maxlen: 48 2404:a140:33::/48 maxlen: 48 2404:a140:38::/48 maxlen: 48 2404:a140:39::/48 maxlen: 48 2404:a140:3a::/48 maxlen: 48 2404:a140:3b::/48 maxlen: 48 2404:a140:3c::/48 maxlen: 48 2404:a140:3d::/48 maxlen: 48 2404:a140:3e::/48 maxlen: 48 2404:a140:3f::/48 maxlen: 48 2404:a140:42::/48 maxlen: 48 2404:a140:43::/48 maxlen: 48 2404:a140:44::/48 maxlen: 48 2404:a140:45::/48 maxlen: 48 2404:a140:46::/48 maxlen: 48 2404:a140:47::/48 maxlen: 48 2404:a140:4a::/48 maxlen: 48 2404:a140:4b::/48 maxlen: 48 2404:a140:4c::/48 maxlen: 48 2404:a140:4d::/48 maxlen: 48 2404:a140:4f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 18:55:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3069 (0xbfd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912C8AF, serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4 Validity Not Before: Dec 10 10:33:23 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69394c73-ba8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:30:12:b7:1c:11:5e:a0:38:78:9f:a9:41:0d: 07:69:4f:32:4e:55:a9:2d:b9:91:eb:c2:a2:28:00: 19:e2:d2:cf:d8:b7:f3:26:87:52:e9:ee:f8:b6:69: 41:19:ee:db:b2:bd:87:e2:e5:14:70:ca:31:f0:ea: 93:e1:1e:d9:99:8c:75:aa:8b:24:cd:a2:23:f7:7c: 3a:35:47:31:f4:79:63:d5:2a:11:d8:6f:25:fc:98: b2:0e:2d:61:aa:6a:46:15:15:0b:f8:31:d3:6d:59: c5:da:ad:ec:1f:e0:34:19:94:90:a8:f4:75:6e:d9: bf:77:d8:07:4d:5e:ed:60:73:7f:69:6b:4a:b1:cc: c6:f1:a1:68:64:f3:21:66:e3:86:38:78:b2:17:d6: 1f:af:ba:2d:44:90:ee:d3:41:d7:23:76:45:24:50: e1:0d:19:3d:fc:4b:38:83:1e:9a:ce:0a:95:6d:2f: af:af:e2:cf:a8:24:78:5d:15:5b:c8:52:c9:7b:26: 3c:e8:56:51:76:d1:2b:76:b2:1d:71:a8:69:8d:e7: fd:42:c1:17:f6:2d:3c:b6:f5:d9:41:37:8f:62:6c: 8f:0f:19:cc:52:5c:5b:11:41:d2:8d:6f:45:b2:6f: 76:c9:1a:e3:fc:98:08:44:f1:00:c1:55:b7:ed:62: 5a:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:4B:21:94:23:4F:B3:9F:90:AF:8E:EB:6A:AA:B1:26:21:BE:AC:7A X509v3 Authority Key Identifier: keyid:76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/FC895C72C39F11F095CC9914C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 59.153.156.0/22 103.84.108.0/22 103.136.248.0/22 103.145.72.0/23 103.151.138.0/23 103.152.14.0/23 103.152.98.0/23 103.154.242.0/23 103.155.16.0/23 103.198.200.0/22 175.176.192.0/22 IPv6: 2404:a140::/32 Signature Algorithm: sha256WithRSAEncryption 3f:a7:b4:f2:b4:f5:2c:95:06:22:ce:de:2d:5f:82:d1:9f:90: 8b:c3:29:82:36:2e:6e:cf:32:19:0b:07:40:45:1b:ff:1d:84: 1d:08:33:d4:68:5a:c9:97:42:76:a1:d6:d2:8f:b8:8d:01:f4: 0f:d1:35:dc:a5:9b:2b:73:2d:0e:e5:cd:04:49:da:6e:8d:d7: 08:df:36:1a:43:4f:66:46:d3:fa:e3:1f:b6:7a:94:47:91:57: 11:e2:4e:b8:34:5b:bc:a1:29:a4:25:a0:5f:16:2f:5e:ec:25: df:0d:a7:cf:b0:54:f1:e1:dd:7d:e5:c3:19:54:bf:8d:3c:d3: e0:ac:96:f3:18:0b:6f:04:a7:b7:d1:97:58:00:1e:cb:23:71: d7:cf:a4:e3:1f:3e:27:e6:b0:ed:be:62:f2:7b:67:ff:ab:23: 2e:03:81:f5:a0:04:80:77:a3:d6:35:38:c0:fe:d7:e6:47:f8: a7:9b:ef:26:bb:f8:e1:2f:6f:99:c6:b7:93:b5:5f:58:62:5c: b5:a4:4b:b2:f2:2f:2f:68:13:30:c9:e8:a5:84:7c:22:85:7f: 47:8f:79:6a:24:90:6e:d9:11:39:4e:02:c6:d8:a4:f0:07:b4: ef:2e:0e:98:a0:7f:a9:89:06:5d:9e:5f:52:73:84:ff:84:c3: 1f:08:a4:0b -----BEGIN CERTIFICATE----- MIIFvDCCBKSgAwIBAgICC/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkM4QUYxMTAvBgNVBAUTKDc2M0Y3RkJEOTY0QTFDMzY2ODMwOEM5QTI5RTE1MDI1 QzBEREY5RDQwHhcNMjUxMjEwMTAzMzIzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTM5NGM3My1iYThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwTAStxwRXqA4eJ+pQQ0HaU8yTlWpLbmR68KiKAAZ4tLP2LfzJodS6e74tmlB Ge7bsr2H4uUUcMox8OqT4R7ZmYx1qoskzaIj93w6NUcx9Hlj1SoR2G8l/JiyDi1h qmpGFRUL+DHTbVnF2q3sH+A0GZSQqPR1btm/d9gHTV7tYHN/aWtKsczG8aFoZPMh ZuOGOHiyF9Yfr7otRJDu00HXI3ZFJFDhDRk9/Es4gx6azgqVbS+vr+LPqCR4XRVb yFLJeyY86FZRdtErdrIdcahpjef9QsEX9i08tvXZQTePYmyPDxnMUlxbEUHSjW9F sm92yRrj/JgIRPEAwVW37WJa8wIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFFBLIZQj T7OfkK+O62qqsSYhvqx6MB8GA1UdIwQYMBaAFHY/f72WShw2aDCMminhUCXA3fnU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhBRi9EMUY2NEU3MjVF RUYxMUVBQTU0RTZDNkNDNEY5QUUwMi9kajlfdlpaS0hEWm9NSXlhS2VGUUpjRGQt ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RqOV92WlpLSERab01JeWFLZUZRSmNEZC1kUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MkM4QUYvRDFGNjRFNzI1RUVGMTFFQUE1NEU2QzZDQzRGOUFFMDIvRkM4OTVDNzJD MzlGMTFGMDk1Q0M5OTE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E WzBZMEgEAgABMEIDBAI7mZwDBAJnVGwDBAJniPgDBAFnkUgDBAFnl4oDBAFnmA4D BAFnmGIDBAFnmvIDBAFnmxADBAJnxsgDBAKvsMAwDQQCAAIwBwMFACQEoUAwDQYJ KoZIhvcNAQELBQADggEBAD+ntPK09SyVBiLO3i1fgtGfkIvDKYI2Lm7PMhkLB0BF G/8dhB0IM9RoWsmXQnah1tKPuI0B9A/RNdylmytzLQ7lzQRJ2m6N1wjfNhpDT2ZG 0/rjH7Z6lEeRVxHiTrg0W7yhKaQloF8WL17sJd8Np8+wVPHh3X3lwxlUv4080+Cs lvMYC28Ep7fRl1gAHssjcdfPpOMfPifmsO2+YvJ7Z/+rIy4DgfWgBIB3o9Y1OMD+ 1+ZH+Keb7ya7+OEvb5nGt5O1X1hiXLWkS7LyLy9oEzDJ6KWEfCKFf0ePeWokkG7Z ETlOAsbYpPAHtO8uDpigf6mJBl2eX1JzhP+Ewx8IpAs= -----END CERTIFICATE-----Generated at Sat Dec 20 22:18:04 2025 by rpki-client