This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa File: 8BFEF29C3AEA11EC84E6634EC4F9AE02.roa (raw, json) Hash identifier: /zMIu4aAire5r9mqMzQqAKINeMM11LU3wVsWK0GAqus= Subject key identifier: FA:4D:75:57:68:3C:2E:62:E2:8A:CE:14:E1:E9:73:0F:9F:C1:57:2D Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF Certificate serial: 0DA6 Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa Signing time: Sat 22 Nov 2025 17:37:42 +0000 ROA not before: Sat 22 Nov 2025 17:37:42 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 134520 IP address blocks: 27.122.56.0/24 maxlen: 24 27.122.57.0/24 maxlen: 24 43.239.156.0/22 maxlen: 24 43.251.157.0/24 maxlen: 24 43.251.158.0/24 maxlen: 24 43.251.159.0/24 maxlen: 24 103.1.152.0/24 maxlen: 24 103.1.153.0/24 maxlen: 24 103.1.154.0/24 maxlen: 24 103.10.196.0/24 maxlen: 24 103.10.198.0/24 maxlen: 24 103.35.72.0/22 maxlen: 22 103.35.72.0/24 maxlen: 24 103.35.73.0/24 maxlen: 24 103.35.74.0/24 maxlen: 24 103.35.75.0/24 maxlen: 24 2402:c480:8000::/48 maxlen: 48 2402:c480:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 15:10:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3494 (0xda6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B885C, serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF Validity Not Before: Nov 22 17:37:42 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=6921f4e6-36e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:06:58:d2:ba:f6:12:c8:e8:f9:e0:90:a7:f1: 35:2d:8a:92:db:3f:10:00:cf:9a:c6:0b:94:0d:f8: 4b:aa:b2:4d:57:e7:6c:b7:0a:7a:dd:73:cd:98:f8: 75:82:13:f0:a1:d2:a2:57:1f:e0:a4:92:5a:f3:1b: 35:54:37:71:22:41:a8:64:ea:47:09:78:2b:2e:e9: 2c:a6:39:8c:b3:3b:84:62:d6:4e:67:f4:8f:ce:21: 1c:75:00:16:02:ae:5d:1f:54:ce:09:f1:80:fd:6f: 70:b7:54:7b:15:52:7c:cf:32:3f:dc:a0:68:63:0b: 5a:e5:a1:83:4e:f7:c0:e1:04:4c:3a:9d:79:d8:55: 94:82:01:28:22:11:90:7c:74:d3:7e:83:3e:e5:34: 12:b6:27:43:64:49:fc:5f:ff:ff:03:c2:43:44:9b: a0:aa:5f:71:46:07:f3:87:33:08:4d:d4:4e:66:61: 05:42:c6:0a:1e:42:1c:16:77:b3:13:51:2f:a8:d8: cc:14:9b:cf:e1:0a:34:67:2d:d2:d6:76:ba:79:de: 8d:2e:94:b7:5f:6c:71:24:45:df:87:c4:8f:49:dc: 76:1c:99:4d:97:be:e2:84:16:b8:8c:ba:0f:fb:f6: 5d:3f:4e:fc:fb:bd:fc:43:15:d8:b1:4c:4d:c4:4f: 8c:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:4D:75:57:68:3C:2E:62:E2:8A:CE:14:E1:E9:73:0F:9F:C1:57:2D X509v3 Authority Key Identifier: keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8BFEF29C3AEA11EC84E6634EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 27.122.56.0/23 43.239.156.0/22 43.251.157.0-43.251.159.255 103.1.152.0-103.1.154.255 103.10.196.0/24 103.10.198.0/24 103.35.72.0/22 IPv6: 2402:c480:8000::/48 2402:c480:9000::/48 Signature Algorithm: sha256WithRSAEncryption 0c:6b:ec:ae:61:fc:b1:c7:6e:19:db:31:79:d6:ea:28:dc:70: 44:19:c0:a2:a4:00:eb:4e:25:ef:ed:3e:79:03:d2:ba:68:c3: 10:b7:00:85:cf:7f:5d:05:7b:5f:bb:9b:e5:1b:ff:15:94:24: 6e:d5:5e:dd:1e:d3:d1:39:3f:b2:fb:cd:7d:8d:0b:3d:d9:a0: 4c:b4:ab:3b:87:7f:b2:a4:08:3e:17:8b:aa:67:4b:94:81:81: e9:9c:46:f6:4b:e1:67:ad:03:d8:e5:11:6d:b2:97:42:b3:85: 3e:2d:75:bf:c6:13:42:38:ab:35:b4:3a:4f:93:ac:6e:cb:d4: 3a:7d:1a:da:21:6b:9c:50:b5:4e:21:8a:6c:02:69:d7:25:97: 22:70:20:1f:73:a7:96:f6:10:c5:de:8e:a5:75:b8:d0:25:42: d0:0c:e8:cf:a5:88:17:b9:57:95:ba:09:56:fb:7c:b1:d3:4c: 5f:11:48:69:ed:73:16:65:74:61:e6:8f:a3:85:0f:1a:e9:76: a4:c8:b2:56:e8:88:4e:65:5f:e7:3f:03:3b:ab:e6:8a:f7:5c: b1:ed:d4:e1:cb:b6:9c:eb:d8:9e:b3:a8:2e:73:96:f6:bd:0f: f0:0f:8f:be:bb:86:9b:3b:62:86:e5:6b:54:0c:e9:f8:25:81: e9:cc:32:c8 -----BEGIN CERTIFICATE----- MIIFvzCCBKegAwIBAgICDaYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG MDA5Q0M5QUYwHhcNMjUxMTIyMTczNzQyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTIxZjRlNi0zNmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtgZY0rr2Esjo+eCQp/E1LYqS2z8QAM+axguUDfhLqrJNV+dstwp63XPNmPh1 ghPwodKiVx/gpJJa8xs1VDdxIkGoZOpHCXgrLukspjmMszuEYtZOZ/SPziEcdQAW Aq5dH1TOCfGA/W9wt1R7FVJ8zzI/3KBoYwta5aGDTvfA4QRMOp152FWUggEoIhGQ fHTTfoM+5TQStidDZEn8X///A8JDRJugql9xRgfzhzMITdROZmEFQsYKHkIcFnez E1EvqNjMFJvP4Qo0Zy3S1na6ed6NLpS3X2xxJEXfh8SPSdx2HJlNl77ihBa4jLoP +/ZdP078+738QxXYsUxNxE+MjwIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFPpNdVdo PC5i4orOFOHpcw+fwVctMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5 YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEJGRUYyOUMz QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E XjBcMEAEAgABMDoDBAEbejgDBAIr75wwDAMEACv7nQMEBSv7gDAMAwQDZwGYAwQA ZwGaAwQAZwrEAwQAZwrGAwQCZyNIMBgEAgACMBIDBwAkAsSAgAADBwAkAsSAkAAw DQYJKoZIhvcNAQELBQADggEBAAxr7K5h/LHHbhnbMXnW6ijccEQZwKKkAOtOJe/t PnkD0rpowxC3AIXPf10Fe1+7m+Ub/xWUJG7VXt0e09E5P7L7zX2NCz3ZoEy0qzuH f7KkCD4Xi6pnS5SBgemcRvZL4WetA9jlEW2yl0KzhT4tdb/GE0I4qzW0Ok+TrG7L 1Dp9Gtoha5xQtU4himwCadcllyJwIB9zp5b2EMXejqV1uNAlQtAM6M+liBe5V5W6 CVb7fLHTTF8RSGntcxZldGHmj6OFDxrpdqTIslboiE5lX+c/Azur5or3XLHt1OHL tpzr2J6zqC5zlva9D/APj767hps7Yobla1QM6fglgenMMsg= -----END CERTIFICATE-----Generated at Sat Dec 6 22:43:27 2025 by rpki-client