This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91705D7/A0816ED016D811EFBF901E5FC4F9AE02/71DE3A16C2F511F09F5F373FC4F9AE02.roa File: 71DE3A16C2F511F09F5F373FC4F9AE02.roa (raw, json) Hash identifier: WkJYQisnSBazPrwPxv44l2gKryzTzLronGoqsIsb18Q= Subject key identifier: 64:DE:9F:6F:21:A3:94:85:C6:58:BB:CE:90:CC:05:C9:3C:FA:EF:98 Certificate issuer: /CN=A91705D7/serialNumber=0A8BD2B02FF695171DC01E8C7E4AA2D988DA3B9A Certificate serial: 0123 Authority key identifier: 0A:8B:D2:B0:2F:F6:95:17:1D:C0:1E:8C:7E:4A:A2:D9:88:DA:3B:9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CovSsC_2lRcdwB6Mfkqi2YjaO5o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91705D7/A0816ED016D811EFBF901E5FC4F9AE02/71DE3A16C2F511F09F5F373FC4F9AE02.roa Signing time: Sun 16 Nov 2025 14:06:28 +0000 ROA not before: Sun 16 Nov 2025 14:06:28 +0000 ROA not after: Mon 31 Aug 2026 00:00:00 +0000 asID: 133112 IP address blocks: 2401:a0e0::/48 maxlen: 48 2401:a0e0:1::/48 maxlen: 48 2401:a0e0:2::/48 maxlen: 48 2401:a0e0:3::/48 maxlen: 48 2401:a0e0:4::/48 maxlen: 48 2401:a0e0:5::/48 maxlen: 48 2401:a0e0:6::/48 maxlen: 48 2401:a0e0:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91705D7/A0816ED016D811EFBF901E5FC4F9AE02/CovSsC_2lRcdwB6Mfkqi2YjaO5o.crl rsync://rpki.apnic.net/member_repository/A91705D7/A0816ED016D811EFBF901E5FC4F9AE02/CovSsC_2lRcdwB6Mfkqi2YjaO5o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CovSsC_2lRcdwB6Mfkqi2YjaO5o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Dec 2025 02:47:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 291 (0x123) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91705D7, serialNumber=0A8BD2B02FF695171DC01E8C7E4AA2D988DA3B9A Validity Not Before: Nov 16 14:06:28 2025 GMT Not After : Aug 31 00:00:00 2026 GMT Subject: CN=6919da64-98e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:cc:ce:28:73:cf:3f:96:b9:ae:e8:57:21:70: 3f:25:89:77:3e:2b:11:ea:a8:fe:97:03:75:1d:42: 80:38:81:43:3b:4b:fa:44:01:a8:36:d1:61:c7:15: 8e:21:ec:e5:63:ed:2f:9d:dd:0b:8a:7f:e7:f4:68: 2f:5f:e0:ac:bd:c1:c9:dc:ba:a6:64:c7:d4:e7:e8: a8:fa:8b:ae:70:08:3c:2a:1a:d9:a9:0a:c7:ff:71: 57:d9:ee:be:82:5f:ba:2e:db:cb:71:c1:b2:93:4a: 65:4b:69:15:2c:61:77:dd:ea:f5:66:44:63:d2:9e: 19:9a:8f:95:5c:79:d7:9e:8d:de:86:cb:ff:d5:2b: a3:53:a7:ad:71:42:cb:56:5e:78:ab:f4:d5:61:52: 70:2b:2e:c1:af:10:8c:f3:fd:d7:6f:e7:ec:7a:b1: 79:a7:d6:00:41:44:ca:96:9f:79:fb:cf:76:11:fe: 27:0a:6a:68:5b:87:8c:7c:40:2d:4f:cd:2e:a4:7f: 99:59:ab:d6:d4:55:f8:5e:b1:91:36:4b:63:a3:de: e8:04:b1:68:b1:f7:2e:10:a2:81:f9:5d:2f:8b:df: 22:e6:d8:27:e2:83:22:de:91:d9:a8:60:f4:3c:69: da:f7:b2:14:a2:c9:2e:6b:5e:ef:46:4e:5d:b2:0e: 53:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:DE:9F:6F:21:A3:94:85:C6:58:BB:CE:90:CC:05:C9:3C:FA:EF:98 X509v3 Authority Key Identifier: keyid:0A:8B:D2:B0:2F:F6:95:17:1D:C0:1E:8C:7E:4A:A2:D9:88:DA:3B:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91705D7/A0816ED016D811EFBF901E5FC4F9AE02/CovSsC_2lRcdwB6Mfkqi2YjaO5o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CovSsC_2lRcdwB6Mfkqi2YjaO5o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91705D7/A0816ED016D811EFBF901E5FC4F9AE02/71DE3A16C2F511F09F5F373FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2401:a0e0::/45 Signature Algorithm: sha256WithRSAEncryption 93:e5:9e:77:14:4e:0d:fd:e9:00:13:86:7f:82:3e:b5:7e:d1: a3:e5:c0:9a:4d:86:86:43:a1:da:5a:83:70:14:9f:3d:53:f5: 9d:b3:b6:5f:19:d9:e0:c9:19:03:bf:ef:07:03:aa:ce:cc:c6: ca:70:29:c0:c3:36:67:5a:7e:a8:06:46:c3:ef:37:61:3f:d6: 0f:52:53:d1:6f:8c:01:25:9b:0e:81:14:98:95:2c:25:fa:7a: 18:67:20:a3:be:80:d6:11:e8:34:d7:44:40:45:cc:0e:10:07: 81:11:8c:46:7a:52:9d:93:18:c1:aa:9f:5f:22:3d:4d:17:05: 70:77:d9:69:50:36:94:2d:cb:82:0c:af:00:46:4a:6d:65:82: e6:7a:dd:aa:4c:45:86:4a:d2:bb:fa:8a:b4:75:58:28:d7:e1: f9:04:78:75:cd:6b:a0:e1:89:b3:c7:e1:ae:bc:00:ff:36:ad: 04:fb:df:0a:1c:92:0b:ee:42:53:45:40:b8:66:8a:f5:22:51: f2:22:7b:f0:00:bd:a0:58:9c:84:ff:33:b1:75:b9:1e:d1:fe: 8a:c8:f9:54:ea:a6:03:5d:37:10:e7:21:94:a9:74:8f:99:ad: 54:ad:83:3b:36:93:3d:00:7c:8b:5d:24:ff:0c:53:3e:ed:37: db:d3:d7:05 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgICASMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzA1RDcxMTAvBgNVBAUTKDBBOEJEMkIwMkZGNjk1MTcxREMwMUU4QzdFNEFBMkQ5 ODhEQTNCOUEwHhcNMjUxMTE2MTQwNjI4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTE5ZGE2NC05OGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1MzOKHPPP5a5ruhXIXA/JYl3PisR6qj+lwN1HUKAOIFDO0v6RAGoNtFhxxWO IezlY+0vnd0Lin/n9GgvX+CsvcHJ3LqmZMfU5+io+ouucAg8KhrZqQrH/3FX2e6+ gl+6LtvLccGyk0plS2kVLGF33er1ZkRj0p4Zmo+VXHnXno3ehsv/1SujU6etcULL Vl54q/TVYVJwKy7BrxCM8/3Xb+fserF5p9YAQUTKlp95+892Ef4nCmpoW4eMfEAt T80upH+ZWavW1FX4XrGRNktjo97oBLFosfcuEKKB+V0vi98i5tgn4oMi3pHZqGD0 PGna97IUoskua17vRk5dsg5TBQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFGTen28h o5SFxli7zpDMBck8+u+YMB8GA1UdIwQYMBaAFAqL0rAv9pUXHcAejH5KotmI2jua MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDVENy9BMDgxNkVEMDE2 RDgxMUVGQkY5MDFFNUZDNEY5QUUwMi9Db3ZTc0NfMmxSY2R3QjZNZmtxaTJZamFP NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NvdlNzQ18ybFJjZHdCNk1ma3FpMllqYU81by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NzA1RDcvQTA4MTZFRDAxNkQ4MTFFRkJGOTAxRTVGQzRGOUFFMDIvNzFERTNBMTZD MkY1MTFGMDlGNUYzNzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E EzARMA8EAgACMAkDBwMkAaDgAAAwDQYJKoZIhvcNAQELBQADggEBAJPlnncUTg39 6QAThn+CPrV+0aPlwJpNhoZDodpag3AUnz1T9Z2ztl8Z2eDJGQO/7wcDqs7Mxspw KcDDNmdafqgGRsPvN2E/1g9SU9FvjAElmw6BFJiVLCX6ehhnIKO+gNYR6DTXREBF zA4QB4ERjEZ6Up2TGMGqn18iPU0XBXB32WlQNpQty4IMrwBGSm1lguZ63apMRYZK 0rv6irR1WCjX4fkEeHXNa6DhibPH4a68AP82rQT73wockgvuQlNFQLhmivUiUfIi e/AAvaBYnIT/M7F1uR7R/orI+VTqpgNdNxDnIZSpdI+ZrVStgzs2kz0AfItdJP8M Uz7tN9vT1wU= -----END CERTIFICATE-----Generated at Sun Dec 7 00:35:06 2025 by rpki-client