This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A913E614/38E21D52C3A111F0B744C339C4F9AE02/CAFFD8E6C6D511F09C4D4F76C4F9AE02.roa File: CAFFD8E6C6D511F09C4D4F76C4F9AE02.roa (raw, json) Hash identifier: LxjilRVcBRn1uZ3KLrjzsRj18qwxRaPtFbLfUU5tlx0= Subject key identifier: 5B:3E:FA:B4:BC:A0:0D:1F:23:05:5E:1F:D2:42:61:2F:93:99:D7:E2 Certificate issuer: /CN=A913E614/serialNumber=420F831CCE9A95B4F3135B1E557783AB202C6BAF Certificate serial: 05 Authority key identifier: 42:0F:83:1C:CE:9A:95:B4:F3:13:5B:1E:55:77:83:AB:20:2C:6B:AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qg-DHM6albTzE1seVXeDqyAsa68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E614/38E21D52C3A111F0B744C339C4F9AE02/CAFFD8E6C6D511F09C4D4F76C4F9AE02.roa Signing time: Fri 21 Nov 2025 12:29:58 +0000 ROA not before: Fri 21 Nov 2025 12:29:58 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 136905 IP address blocks: 2402:37e0::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E614/38E21D52C3A111F0B744C339C4F9AE02/Qg-DHM6albTzE1seVXeDqyAsa68.crl rsync://rpki.apnic.net/member_repository/A913E614/38E21D52C3A111F0B744C339C4F9AE02/Qg-DHM6albTzE1seVXeDqyAsa68.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qg-DHM6albTzE1seVXeDqyAsa68.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Dec 2025 05:57:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E614, serialNumber=420F831CCE9A95B4F3135B1E557783AB202C6BAF Validity Not Before: Nov 21 12:29:58 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69205b46-68fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:3d:bd:65:5c:7a:a4:d4:f8:21:4a:5d:a9:c1: 05:6a:70:ee:06:74:2f:cb:3b:49:c8:72:bc:80:28: ba:c0:c3:ef:62:53:ac:6c:1c:4a:7f:07:74:6b:cb: 90:bb:a6:62:52:84:17:de:50:15:09:14:8d:f8:80: 95:41:fc:25:cd:68:e8:be:14:18:1f:30:31:f1:f2: 92:ef:d2:04:4f:45:43:5d:d8:3a:6c:45:46:17:0a: 32:ff:11:2b:3d:cb:b1:0a:53:17:8c:fe:96:95:36: bb:0e:eb:8d:51:7a:32:62:4d:b4:3c:a5:6f:e4:52: b3:9a:30:77:b5:29:cf:5b:31:08:b0:f9:4c:81:7c: 88:b5:24:e0:36:c5:fc:d8:8d:66:09:a1:e5:f9:8f: 4c:ef:d4:ef:6e:f9:e5:82:0f:27:b8:37:93:fc:54: b0:91:b8:33:39:37:91:73:6f:ae:10:00:07:91:ad: 21:61:79:7d:7b:8f:62:9e:20:bb:95:da:ae:87:96: f4:16:b8:12:fa:6c:26:b1:25:88:80:8f:1e:5c:56: 31:d0:4f:41:0c:58:04:e0:03:84:d2:f4:0f:87:c6: 60:2b:c3:1d:4f:bf:ca:a0:b8:32:04:50:ed:4e:cd: f4:ce:31:8c:7f:40:c6:af:3f:6d:f6:ba:8b:fc:76: 2b:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:3E:FA:B4:BC:A0:0D:1F:23:05:5E:1F:D2:42:61:2F:93:99:D7:E2 X509v3 Authority Key Identifier: keyid:42:0F:83:1C:CE:9A:95:B4:F3:13:5B:1E:55:77:83:AB:20:2C:6B:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E614/38E21D52C3A111F0B744C339C4F9AE02/Qg-DHM6albTzE1seVXeDqyAsa68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qg-DHM6albTzE1seVXeDqyAsa68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E614/38E21D52C3A111F0B744C339C4F9AE02/CAFFD8E6C6D511F09C4D4F76C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2402:37e0::/32 Signature Algorithm: sha256WithRSAEncryption c1:cf:ca:b3:6f:c4:34:dd:c3:e1:2a:4f:9a:95:d8:25:54:08: 42:72:8f:ad:42:0c:3c:e9:47:ee:fb:52:35:8b:3e:75:15:a8: 7f:da:c7:14:8f:3d:d0:93:52:74:7b:fd:dc:0b:c5:4f:3a:c6: 44:0c:fe:7d:de:03:84:b9:6c:ca:cc:8b:ed:18:a4:8f:2a:18: 9b:e5:d0:de:3f:ac:bb:e0:48:73:5a:fc:fb:38:e9:82:ac:ca: ad:b5:ff:4d:5b:f1:83:58:84:11:fc:68:19:e6:bc:57:49:93: db:5f:fc:eb:5d:e6:cb:2b:2f:30:3f:1a:5b:7c:14:b1:5a:0a: 49:01:3c:ed:5c:12:dc:4c:a6:18:1e:00:16:f1:b2:57:1a:06: b4:a4:e8:b2:81:6e:af:45:fa:39:07:ed:53:23:2c:56:14:a3: d8:1d:b5:72:96:c7:2a:a2:b6:71:e8:50:89:4b:3c:5c:9c:0d: 97:d3:2f:8a:c4:2c:bf:5a:44:b9:7d:46:53:01:20:b7:a3:87: 3e:a8:99:89:02:cf:91:9d:77:43:56:70:4a:d0:f5:07:9e:33: 04:e0:e0:cb:ec:10:b7:a5:bb:d3:bd:19:42:9b:8b:ac:d0:16: b3:d5:08:f8:0d:c8:df:76:8f:7b:88:90:04:8f:0f:ff:03:7b: ca:11:2a:e8 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz RTYxNDExMC8GA1UEBRMoNDIwRjgzMUNDRTlBOTVCNEYzMTM1QjFFNTU3NzgzQUIy MDJDNkJBRjAeFw0yNTExMjExMjI5NThaFw0yNzAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MjA1YjQ2LTY4ZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+Pb1lXHqk1PghSl2pwQVqcO4GdC/LO0nIcryAKLrAw+9iU6xsHEp/B3Rry5C7 pmJShBfeUBUJFI34gJVB/CXNaOi+FBgfMDHx8pLv0gRPRUNd2DpsRUYXCjL/ESs9 y7EKUxeM/paVNrsO641RejJiTbQ8pW/kUrOaMHe1Kc9bMQiw+UyBfIi1JOA2xfzY jWYJoeX5j0zv1O9u+eWCDye4N5P8VLCRuDM5N5Fzb64QAAeRrSFheX17j2KeILuV 2q6HlvQWuBL6bCaxJYiAjx5cVjHQT0EMWATgA4TS9A+HxmArwx1Pv8qguDIEUO1O zfTOMYx/QMavP232uov8divzAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUWz76tLyg DR8jBV4f0kJhL5OZ1+IwHwYDVR0jBBgwFoAUQg+DHM6albTzE1seVXeDqyAsa68w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNFNjE0LzM4RTIxRDUyQzNB MTExRjBCNzQ0QzMzOUM0RjlBRTAyL1FnLURITTZhbGJUekUxc2VWWGVEcXlBc2E2 OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUWctREhNNmFsYlR6RTFzZVZYZURxeUFzYTY4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTYxNC8zOEUyMUQ1MkMzQTExMUYwQjc0NEMzMzlDNEY5QUUwMi9DQUZGRDhFNkM2 RDUxMUYwOUM0RDRGNzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR MA8wDQQCAAIwBwMFACQCN+AwDQYJKoZIhvcNAQELBQADggEBAMHPyrNvxDTdw+Eq T5qV2CVUCEJyj61CDDzpR+77UjWLPnUVqH/axxSPPdCTUnR7/dwLxU86xkQM/n3e A4S5bMrMi+0YpI8qGJvl0N4/rLvgSHNa/Ps46YKsyq21/01b8YNYhBH8aBnmvFdJ k9tf/Otd5ssrLzA/Glt8FLFaCkkBPO1cEtxMphgeABbxslcaBrSk6LKBbq9F+jkH 7VMjLFYUo9gdtXKWxyqitnHoUIlLPFycDZfTL4rELL9aRLl9RlMBILejhz6omYkC z5Gdd0NWcErQ9QeeMwTg4MvsELelu9O9GUKbi6zQFrPVCPgNyN92j3uIkASPD/8D e8oRKug= -----END CERTIFICATE-----Generated at Sun Dec 7 10:27:40 2025 by rpki-client