This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/9DDA09EC05DC11EA9B6B0560C4F9AE02.roa File: 9DDA09EC05DC11EA9B6B0560C4F9AE02.roa (raw, json) Hash identifier: zg4ngSvDnII0EgnGozN5wPgIbLHYCQwnbwFPTUFG8lU= Subject key identifier: DB:57:4E:21:11:35:77:D8:B2:D7:CC:F4:52:54:85:6D:9B:B6:EA:CB Certificate issuer: /CN=A91454F3/serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Certificate serial: 0CA0 Authority key identifier: 6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/9DDA09EC05DC11EA9B6B0560C4F9AE02.roa Signing time: Wed 26 Nov 2025 18:08:05 +0000 ROA not before: Wed 26 Nov 2025 18:08:05 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 133477 IP address blocks: 103.95.38.0/24 maxlen: 24 103.101.249.0/24 maxlen: 24 103.101.250.0/23 maxlen: 23 103.101.250.0/24 maxlen: 24 103.101.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 17:42:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3232 (0xca0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91454F3, serialNumber=6CE9254A9CBFA07042243735DCE4FBF7E5461166 Validity Not Before: Nov 26 18:08:05 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=69274205-ec71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:20:6c:c4:ea:90:81:73:00:12:96:87:0a:d7: e9:82:5e:76:fb:e7:e6:b4:74:ec:a6:87:44:0b:59: eb:48:18:ce:1c:ef:43:6a:ef:ab:1e:13:93:f5:47: 89:39:25:fe:41:16:ed:aa:93:aa:68:11:c3:4a:24: 34:dd:21:ae:c4:61:58:ec:58:8e:ad:6d:0f:d4:de: 09:aa:a5:e9:f2:ad:0f:f7:20:21:bd:f2:8a:eb:f4: e7:9a:bc:fa:c5:da:da:f1:f7:77:1e:38:4c:44:58: 4a:eb:af:44:8c:44:43:a3:0b:50:fe:32:ae:46:ef: c8:63:86:db:13:25:12:fe:b6:b7:48:31:d1:d3:68: ed:2b:e6:20:6c:f1:6a:68:25:41:1b:6c:23:4b:00: 90:13:f7:67:08:5f:ba:8f:34:3e:0f:d7:c5:ba:f5: cd:45:8c:ac:97:81:78:f2:2c:93:d3:fe:48:96:a4: 23:e0:bc:19:2b:3d:01:69:30:ca:2c:39:58:68:53: b5:4d:58:9c:5c:c4:2d:15:26:22:8d:1d:84:aa:7e: 75:b9:49:b5:3b:74:8e:f9:c1:73:2a:d0:69:8a:aa: 38:b1:dd:85:51:02:56:a9:13:44:68:cd:46:9d:16: be:83:fb:05:b7:19:7f:d9:09:ed:aa:b1:e5:64:d2: 12:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:57:4E:21:11:35:77:D8:B2:D7:CC:F4:52:54:85:6D:9B:B6:EA:CB X509v3 Authority Key Identifier: keyid:6C:E9:25:4A:9C:BF:A0:70:42:24:37:35:DC:E4:FB:F7:E5:46:11:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/bOklSpy_oHBCJDc13OT79-VGEWY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bOklSpy_oHBCJDc13OT79-VGEWY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91454F3/1EF7866805DC11EA9743BA5FC4F9AE02/9DDA09EC05DC11EA9B6B0560C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.95.38.0/24 103.101.249.0-103.101.251.255 Signature Algorithm: sha256WithRSAEncryption 5f:42:9f:34:24:c2:8b:ff:f0:05:4d:60:67:de:bd:bf:64:80: 8d:0e:95:c1:9e:03:b0:71:7d:4d:85:cc:d5:c2:24:57:ac:42: 51:60:2c:61:10:02:b5:58:f6:9f:ff:25:8b:fa:d4:0f:67:9a: 3b:a1:5f:29:a8:55:bb:47:2f:c3:58:15:e9:03:b9:3a:a5:08: 72:c7:b7:9b:ca:d9:ad:e8:ae:e5:c0:ff:0c:80:69:89:25:41: fb:e7:5c:70:f3:32:97:ae:fa:66:0f:e0:30:32:7a:68:5e:56: dc:73:a5:cf:61:22:17:71:3f:b9:3a:d0:f1:d1:d4:3a:cc:7d: 47:c5:ce:5f:2f:07:21:1a:53:88:46:b4:2f:fa:8c:52:1f:40: d7:4d:ff:58:31:c7:a5:91:a3:3d:66:1b:b7:53:f7:27:d4:87: b5:e8:e5:9c:4b:41:cc:69:2a:23:97:40:59:1e:9b:be:3e:69: 22:3e:9c:7b:4e:43:2e:a4:20:ac:1c:5e:23:63:6b:52:35:a3: 54:4b:d9:a0:8b:d4:4b:9a:3c:f0:bf:a8:20:44:e0:a6:d5:c8: d5:36:94:0e:2f:97:fa:83:14:d0:39:16:a3:49:5b:a2:0e:81: 67:50:c7:58:1d:9d:f0:b9:c0:dd:f5:af:8e:4d:65:9a:3e:3f: f3:52:e3:32 -----BEGIN CERTIFICATE----- MIIFfzCCBGegAwIBAgICDKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDU0RjMxMTAvBgNVBAUTKDZDRTkyNTRBOUNCRkEwNzA0MjI0MzczNURDRTRGQkY3 RTU0NjExNjYwHhcNMjUxMTI2MTgwODA1WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD VQQDEw02OTI3NDIwNS1lYzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8SBsxOqQgXMAEpaHCtfpgl52++fmtHTspodEC1nrSBjOHO9Dau+rHhOT9UeJ OSX+QRbtqpOqaBHDSiQ03SGuxGFY7FiOrW0P1N4JqqXp8q0P9yAhvfKK6/Tnmrz6 xdra8fd3HjhMRFhK669EjERDowtQ/jKuRu/IY4bbEyUS/ra3SDHR02jtK+YgbPFq aCVBG2wjSwCQE/dnCF+6jzQ+D9fFuvXNRYysl4F48iyT0/5IlqQj4LwZKz0BaTDK LDlYaFO1TVicXMQtFSYijR2Eqn51uUm1O3SO+cFzKtBpiqo4sd2FUQJWqRNEaM1G nRa+g/sFtxl/2QntqrHlZNISCwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFNtXTiER NXfYstfM9FJUhW2bturLMB8GA1UdIwQYMBaAFGzpJUqcv6BwQiQ3Ndzk+/flRhFm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTRGMy8xRUY3ODY2ODA1 REMxMUVBOTc0M0JBNUZDNEY5QUUwMi9iT2tsU3B5X29IQkNKRGMxM09UNzktVkdF V1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPa2xTcHlfb0hCQ0pEYzEzT1Q3OS1WR0VXWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NDU0RjMvMUVGNzg2NjgwNURDMTFFQTk3NDNCQTVGQzRGOUFFMDIvOUREQTA5RUMw NURDMTFFQTlCNkIwNTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E HjAcMBoEAgABMBQDBABnXyYwDAMEAGdl+QMEAmdl+DANBgkqhkiG9w0BAQsFAAOC AQEAX0KfNCTCi//wBU1gZ969v2SAjQ6VwZ4DsHF9TYXM1cIkV6xCUWAsYRACtVj2 n/8li/rUD2eaO6FfKahVu0cvw1gV6QO5OqUIcse3m8rZreiu5cD/DIBpiSVB++dc cPMyl676Zg/gMDJ6aF5W3HOlz2EiF3E/uTrQ8dHUOsx9R8XOXy8HIRpTiEa0L/qM Uh9A103/WDHHpZGjPWYbt1P3J9SHtejlnEtBzGkqI5dAWR6bvj5pIj6ce05DLqQg rBxeI2NrUjWjVEvZoIvUS5o88L+oIETgptXI1TaUDi+X+oMU0DkWo0lbog6BZ1DH WB2d8LnA3fWvjk1lmj4/81LjMg== -----END CERTIFICATE-----Generated at Mon Dec 8 09:37:57 2025 by rpki-client