This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/8E652A7AC77611E68B1CDE6AC4F9AE02.roa File: 8E652A7AC77611E68B1CDE6AC4F9AE02.roa (raw, json) Hash identifier: y/2fN4L/gwSzwwCp0pT43OYe5/fuip0ysiHVGh2xquc= Subject key identifier: 7A:58:73:89:74:46:2C:BC:F5:D2:B7:3C:71:88:CE:94:AB:D8:DE:D9 Certificate issuer: /CN=A914A140/serialNumber=05020FBF1020FD63BE57DA1B9704B0AA8103444A Certificate serial: 1D49 Authority key identifier: 05:02:0F:BF:10:20:FD:63:BE:57:DA:1B:97:04:B0:AA:81:03:44:4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/8E652A7AC77611E68B1CDE6AC4F9AE02.roa Signing time: Sun 14 Dec 2025 05:54:39 +0000 ROA not before: Sun 14 Dec 2025 05:54:39 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 63526 IP address blocks: 45.125.220.0/22 maxlen: 22 45.125.220.0/22 maxlen: 24 45.125.220.0/23 maxlen: 23 45.125.220.0/24 maxlen: 24 45.125.221.0/24 maxlen: 24 45.125.222.0/23 maxlen: 23 45.125.222.0/24 maxlen: 24 45.125.223.0/24 maxlen: 24 103.239.252.0/22 maxlen: 22 103.239.252.0/22 maxlen: 24 103.239.252.0/24 maxlen: 24 103.239.252.0/25 maxlen: 25 103.239.252.128/25 maxlen: 25 103.239.253.0/24 maxlen: 24 103.239.253.0/25 maxlen: 25 103.239.253.128/25 maxlen: 25 103.239.254.0/24 maxlen: 24 103.239.254.0/25 maxlen: 25 103.239.254.128/25 maxlen: 25 103.239.255.0/24 maxlen: 24 103.239.255.0/25 maxlen: 25 103.239.255.128/25 maxlen: 25 2404:4580::/32 maxlen: 32 2404:4580::/48 maxlen: 48 2404:4580:1::/48 maxlen: 48 2404:4580:2::/48 maxlen: 48 2404:4580:3::/48 maxlen: 48 2404:4580:4::/48 maxlen: 48 2404:4580:5::/48 maxlen: 48 2404:4580:6::/48 maxlen: 48 2404:4580:7::/48 maxlen: 48 2404:4580:cd10::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.crl rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 15:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7497 (0x1d49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914A140, serialNumber=05020FBF1020FD63BE57DA1B9704B0AA8103444A Validity Not Before: Dec 14 05:54:39 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=693e511f-dcef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:8e:67:8c:e0:d7:f4:b3:63:31:68:e3:b0:9a: a4:04:10:a6:ab:ae:66:d6:d4:47:22:bb:ca:d7:eb: de:19:82:67:41:be:f6:85:0d:02:90:66:7d:6f:7a: ba:3c:a0:47:10:37:79:98:b5:7e:86:0a:05:0f:5a: 31:87:c0:06:be:4d:68:27:59:53:1a:b4:ec:e7:ea: 33:bb:2b:fd:b8:a3:6e:f3:71:1c:5f:bb:b8:87:bc: ba:00:7c:f3:3e:76:e4:98:4d:22:00:84:c9:0f:30: 5e:7c:1e:7c:7a:a3:33:1e:1a:e2:c9:35:67:53:c2: 36:dd:eb:f4:fd:ff:f2:4e:35:1c:8e:85:77:21:bb: 3c:dc:de:b6:6b:4a:11:d0:8a:ff:db:ed:f8:2a:dd: 9c:76:b8:ac:70:da:23:ff:98:5b:f0:45:b5:9a:70: 3c:38:ee:53:e5:d1:e6:3e:dc:be:31:17:e3:18:2d: e6:31:ce:4c:50:9d:57:e1:6f:82:ac:3b:34:cd:71: 5a:5a:de:83:3d:47:a4:54:30:c9:b6:4c:2c:60:fa: 3c:b4:a8:21:a6:8b:8f:85:e7:dd:27:01:9f:38:2f: 03:ac:de:95:17:b1:f5:f8:78:a0:d3:58:f3:63:ad: 9a:78:94:7f:49:e4:9f:31:50:7c:cb:5e:7b:db:28: 69:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:58:73:89:74:46:2C:BC:F5:D2:B7:3C:71:88:CE:94:AB:D8:DE:D9 X509v3 Authority Key Identifier: keyid:05:02:0F:BF:10:20:FD:63:BE:57:DA:1B:97:04:B0:AA:81:03:44:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/8E652A7AC77611E68B1CDE6AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.125.220.0/22 103.239.252.0/22 IPv6: 2404:4580::/32 Signature Algorithm: sha256WithRSAEncryption 2e:f8:af:f9:96:36:8e:30:fd:6c:53:3c:0d:dd:fc:f0:d9:f0: d0:41:bd:c0:72:90:ec:18:52:d1:be:32:b3:7b:bd:7d:c2:e9: e5:71:df:d5:bd:9f:9d:44:79:4f:f9:4d:d5:42:56:7c:6e:c4: 39:c4:8e:c6:c6:a6:ba:23:e8:20:b9:5f:75:2c:2b:ef:c3:fd: 49:7e:d6:cc:0c:e9:e4:58:8d:29:9c:c8:aa:4b:f4:f7:0c:ca: d4:56:ad:f1:73:f0:ec:d5:06:77:39:8e:3d:87:e4:7e:9b:26: 8a:ae:32:fb:18:23:d1:79:19:87:11:ce:f1:60:9e:02:25:b9: ba:36:c9:3c:6a:99:2b:bf:3a:76:08:79:89:82:f9:34:66:4b: c5:7a:bb:37:ea:f2:97:3f:0f:6d:e5:2a:9c:ad:71:61:81:2d: 81:c7:3c:49:b6:cf:b9:08:2d:cb:3d:a7:66:b9:d2:d2:01:ab: 61:74:e0:ed:52:93:dc:5e:d2:7d:f6:5b:64:44:13:cf:e1:5b: 51:4d:8d:67:9a:1d:d9:16:d4:b4:0f:04:61:56:17:06:7b:f8: fd:ef:4c:08:79:c6:7a:69:1a:53:9c:0b:3c:39:a8:f9:76:a4: b6:d7:7a:63:77:40:70:d2:ee:28:99:34:e1:b8:f6:5e:86:f3: 60:a6:0f:4f -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICHUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEExNDAxMTAvBgNVBAUTKDA1MDIwRkJGMTAyMEZENjNCRTU3REExQjk3MDRCMEFB ODEwMzQ0NEEwHhcNMjUxMjE0MDU1NDM5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTNlNTExZi1kY2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnY5njODX9LNjMWjjsJqkBBCmq65m1tRHIrvK1+veGYJnQb72hQ0CkGZ9b3q6 PKBHEDd5mLV+hgoFD1oxh8AGvk1oJ1lTGrTs5+ozuyv9uKNu83EcX7u4h7y6AHzz PnbkmE0iAITJDzBefB58eqMzHhriyTVnU8I23ev0/f/yTjUcjoV3Ibs83N62a0oR 0Ir/2+34Kt2cdriscNoj/5hb8EW1mnA8OO5T5dHmPty+MRfjGC3mMc5MUJ1X4W+C rDs0zXFaWt6DPUekVDDJtkwsYPo8tKghpouPhefdJwGfOC8DrN6VF7H1+Hig01jz Y62aeJR/SeSfMVB8y1572yhpHQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHpYc4l0 Riy89dK3PHGIzpSr2N7ZMB8GA1UdIwQYMBaAFAUCD78QIP1jvlfaG5cEsKqBA0RK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTE0MC9DQzFEQ0NFOEM3 NzQxMUU2OTgxNkIwNjhDNEY5QUUwMi9CUUlQdnhBZ19XTy1WOW9ibHdTd3FvRURS RW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JRSVB2eEFnX1dPLVY5b2Jsd1N3cW9FRFJFby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NEExNDAvQ0MxRENDRThDNzc0MTFFNjk4MTZCMDY4QzRGOUFFMDIvOEU2NTJBN0FD Nzc2MTFFNjhCMUNERTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAItfdwDBAJn7/wwDQQCAAIwBwMFACQERYAwDQYJKoZIhvcN AQELBQADggEBAC74r/mWNo4w/WxTPA3d/PDZ8NBBvcBykOwYUtG+MrN7vX3C6eVx 39W9n51EeU/5TdVCVnxuxDnEjsbGproj6CC5X3UsK+/D/Ul+1swM6eRYjSmcyKpL 9PcMytRWrfFz8OzVBnc5jj2H5H6bJoquMvsYI9F5GYcRzvFgngIlubo2yTxqmSu/ OnYIeYmC+TRmS8V6uzfq8pc/D23lKpytcWGBLYHHPEm2z7kILcs9p2a50tIBq2F0 4O1Sk9xe0n32W2REE8/hW1FNjWeaHdkW1LQPBGFWFwZ7+P3vTAh5xnppGlOcCzw5 qPl2pLbXemN3QHDS7iiZNOG49l6G82CmD08= -----END CERTIFICATE-----Generated at Mon Dec 22 06:15:30 2025 by rpki-client