This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AD5C8/80D8B48AEF8511F09D6DE831606F56BC/40DFA7D2EF8811F0A94034DF606F56BC.roa File: 40DFA7D2EF8811F0A94034DF606F56BC.roa (raw, json) Hash identifier: aL9mpzSLdVdL5Ni8kcknF+vvh2ZNflEf3wU+HZuzkto= Subject key identifier: A9:60:93:91:53:CB:61:A3:ED:88:BA:AF:45:AE:95:A6:D1:5A:78:79 Certificate issuer: /CN=A91AD5C8/serialNumber=1D3E18B8F6A67D9296CED71E219245A32805267D Certificate serial: 02 Authority key identifier: 1D:3E:18:B8:F6:A6:7D:92:96:CE:D7:1E:21:92:45:A3:28:05:26:7D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HT4YuPamfZKWztceIZJFoygFJn0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AD5C8/80D8B48AEF8511F09D6DE831606F56BC/40DFA7D2EF8811F0A94034DF606F56BC.roa Signing time: Mon 12 Jan 2026 07:28:13 +0000 ROA not before: Mon 12 Jan 2026 07:28:13 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 24514 IP address blocks: 103.17.78.0/24 maxlen: 24 103.26.47.0/24 maxlen: 24 103.26.74.0/23 maxlen: 23 103.26.74.0/24 maxlen: 24 122.129.120.0/22 maxlen: 22 122.129.120.0/24 maxlen: 24 122.129.121.0/24 maxlen: 24 122.129.122.0/24 maxlen: 24 122.129.123.0/24 maxlen: 24 122.129.124.0/22 maxlen: 22 122.129.124.0/24 maxlen: 24 122.129.125.0/24 maxlen: 24 122.129.126.0/24 maxlen: 24 122.129.127.0/24 maxlen: 24 150.129.184.0/23 maxlen: 23 150.129.185.0/24 maxlen: 24 150.129.186.0/24 maxlen: 24 203.80.16.0/22 maxlen: 22 203.80.16.0/24 maxlen: 24 203.80.19.0/24 maxlen: 24 203.80.20.0/22 maxlen: 22 203.80.20.0/24 maxlen: 24 203.80.21.0/24 maxlen: 24 203.80.22.0/24 maxlen: 24 203.80.23.0/24 maxlen: 24 2404:a8:5::/48 maxlen: 48 2404:a8:19::/48 maxlen: 48 2404:a8:3ff::/48 maxlen: 48 2404:a8:4000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AD5C8/80D8B48AEF8511F09D6DE831606F56BC/HT4YuPamfZKWztceIZJFoygFJn0.crl rsync://rpki.apnic.net/member_repository/A91AD5C8/80D8B48AEF8511F09D6DE831606F56BC/HT4YuPamfZKWztceIZJFoygFJn0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HT4YuPamfZKWztceIZJFoygFJn0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Feb 2026 07:08:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AD5C8, serialNumber=1D3E18B8F6A67D9296CED71E219245A32805267D Validity Not Before: Jan 12 07:28:13 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=6964a28d-b4e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:89:e6:b6:1e:20:ef:78:8b:db:84:e9:0d:16: f3:cc:4d:6b:b7:12:52:39:6d:26:04:9e:bd:17:aa: c0:a3:e1:ce:20:8e:50:4a:07:9f:33:17:f2:3a:5e: de:a2:aa:16:0e:be:c9:0b:d0:b5:b6:92:de:65:1b: f9:12:2e:14:e4:ba:37:e2:36:2f:47:0f:6d:33:35: b4:44:1d:d7:9f:ae:ce:3b:17:94:86:ef:25:9b:83: a8:7f:51:7c:36:57:5f:8a:6b:42:f9:f2:12:40:3c: 86:22:73:23:0e:a4:c6:1f:61:ab:c6:9c:d8:c4:92: 35:fe:74:a7:42:69:0a:92:7e:fe:b0:76:26:bc:e5: 45:6b:0a:16:56:8e:42:23:7d:1f:73:20:25:50:c2: 8c:32:dc:50:ed:f0:c0:5d:14:81:2c:03:6b:33:e1: e8:71:f4:d0:75:aa:9d:33:6c:cb:8d:df:65:b8:3a: 36:09:cd:8b:b1:76:12:02:58:e6:92:1f:a9:bc:80: 12:2d:ec:7d:ef:9f:05:61:48:0d:8d:1e:8a:ea:48: 0c:ba:be:20:66:c1:69:9a:6a:31:13:8b:51:20:cb: 4f:d9:b9:00:b7:d3:bc:d7:24:9f:1b:ca:22:97:d2: ea:50:f2:f4:eb:91:10:c3:75:0c:a9:bc:d9:ea:3c: bc:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:60:93:91:53:CB:61:A3:ED:88:BA:AF:45:AE:95:A6:D1:5A:78:79 X509v3 Authority Key Identifier: keyid:1D:3E:18:B8:F6:A6:7D:92:96:CE:D7:1E:21:92:45:A3:28:05:26:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AD5C8/80D8B48AEF8511F09D6DE831606F56BC/HT4YuPamfZKWztceIZJFoygFJn0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HT4YuPamfZKWztceIZJFoygFJn0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AD5C8/80D8B48AEF8511F09D6DE831606F56BC/40DFA7D2EF8811F0A94034DF606F56BC.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.17.78.0/24 103.26.47.0/24 103.26.74.0/23 122.129.120.0/21 150.129.184.0-150.129.186.255 203.80.16.0/21 IPv6: 2404:a8:5::/48 2404:a8:19::/48 2404:a8:3ff::/48 2404:a8:4000::/36 Signature Algorithm: sha256WithRSAEncryption aa:f7:6d:17:ce:d4:27:d3:5f:6f:2a:47:29:84:49:6f:43:37: 9b:b9:86:51:ce:11:34:a5:d1:28:f4:d6:19:77:97:41:75:4c: 4e:a0:76:25:f6:73:31:15:81:37:fc:89:11:85:5f:b3:c5:03: 94:4d:fd:73:7e:87:a7:7d:27:ec:44:d5:6f:04:28:c7:33:ad: f3:70:d8:cf:49:4e:ae:91:32:b1:d2:ac:1a:99:01:e1:83:f2: 4b:c9:bc:52:09:26:1b:24:c1:cf:91:d3:02:6f:18:bb:63:a3: 4b:49:b1:28:6d:54:24:a0:6e:5a:55:ec:20:73:08:84:a4:bb: fc:84:16:7e:8b:64:f8:05:bf:77:9c:87:81:4b:e9:08:d2:69: c3:55:0d:79:46:c9:d3:53:35:63:5b:ec:17:4a:57:16:e6:2b: 25:5f:99:a1:0d:fd:1a:a3:fc:ec:2d:d9:e2:9d:8c:96:0b:9f: 94:62:bc:aa:83:ca:aa:b8:fd:d0:04:d8:2b:57:fb:e9:50:d0: 78:43:dd:0c:3b:a7:bc:fc:0f:3c:37:43:ce:b1:13:54:40:9e: ce:42:49:07:e7:cc:67:4c:8d:04:40:f4:17:13:86:59:93:f7: 82:c4:e3:ce:7a:c0:cf:bc:54:a9:33:6e:bf:bb:89:3e:93:24: 4d:1b:9a:ef -----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDDAhBOTFB RDVDODExMC8GA1UEBRMoMUQzRTE4QjhGNkE2N0Q5Mjk2Q0VENzFFMjE5MjQ1QTMy ODA1MjY3RDAeFw0yNjAxMTIwNzI4MTNaFw0yNzAzMDIwMDAwMDBaMBgxFjAUBgNV BAMMDTY5NjRhMjhkLWI0ZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDCiea2HiDveIvbhOkNFvPMTWu3ElI5bSYEnr0XqsCj4c4gjlBKB58zF/I6Xt6i qhYOvskL0LW2kt5lG/kSLhTkujfiNi9HD20zNbREHdefrs47F5SG7yWbg6h/UXw2 V1+Ka0L58hJAPIYicyMOpMYfYavGnNjEkjX+dKdCaQqSfv6wdia85UVrChZWjkIj fR9zICVQwowy3FDt8MBdFIEsA2sz4ehx9NB1qp0zbMuN32W4OjYJzYuxdhICWOaS H6m8gBIt7H3vnwVhSA2NHorqSAy6viBmwWmaajETi1Egy0/ZuQC307zXJJ8byiKX 0upQ8vTrkRDDdQypvNnqPLzpAgMBAAGjggLmMIIC4jAdBgNVHQ4EFgQUqWCTkVPL YaPtiLqvRa6VptFaeHkwHwYDVR0jBBgwFoAUHT4YuPamfZKWztceIZJFoygFJn0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFENUM4LzgwRDhCNDhBRUY4 NTExRjA5RDZERTgzMTYwNkY1NkJDL0hUNFl1UGFtZlpLV3p0Y2VJWkpGb3lnRkpu MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSFQ0WXVQYW1mWktXenRjZUlaSkZveWdGSm4wLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RDVDOC84MEQ4QjQ4QUVGODUxMUYwOUQ2REU4MzE2MDZGNTZCQy80MERGQTdEMkVG ODgxMUYwQTk0MDM0REY2MDZGNTZCQy5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBwBggrBgEFBQcBBwEB/wRh MF8wMgQCAAEwLAMEAGcRTgMEAGcaLwMEAWcaSgMEA3qBeDAMAwQDloG4AwQAloG6 AwQDy1AQMCkEAgACMCMDBwAkBACoAAUDBwAkBACoABkDBwAkBACoA/8DBgQkBACo QDANBgkqhkiG9w0BAQsFAAOCAQEAqvdtF87UJ9NfbypHKYRJb0M3m7mGUc4RNKXR KPTWGXeXQXVMTqB2JfZzMRWBN/yJEYVfs8UDlE39c36Hp30n7ETVbwQoxzOt83DY z0lOrpEysdKsGpkB4YPyS8m8UgkmGyTBz5HTAm8Yu2OjS0mxKG1UJKBuWlXsIHMI hKS7/IQWfotk+AW/d5yHgUvpCNJpw1UNeUbJ01M1Y1vsF0pXFuYrJV+ZoQ39GqP8 7C3Z4p2MlguflGK8qoPKqrj90ATYK1f76VDQeEPdDDunvPwPPDdDzrETVECezkJJ B+fMZ0yNBED0FxOGWZP3gsTjznrAz7xUqTNuv7uJPpMkTRua7w== -----END CERTIFICATE-----Generated at Sun Jan 25 16:38:01 2026 by rpki-client