This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/5DA849821C1211EA819EA46EC4F9AE02.roa File: 5DA849821C1211EA819EA46EC4F9AE02.roa (raw, json) Hash identifier: jHyUuEAKktVXEUof3rSdaEiWa7WCjf2WX5QDNY0K2Zw= Subject key identifier: 4E:5E:0F:A1:6E:A6:8E:B1:79:5C:0D:9D:47:75:FE:48:8D:6D:7D:D5 Certificate issuer: /CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248 Certificate serial: 0C8E Authority key identifier: B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/5DA849821C1211EA819EA46EC4F9AE02.roa Signing time: Wed 31 Dec 2025 19:15:38 +0000 ROA not before: Wed 31 Dec 2025 19:15:38 +0000 ROA not after: Fri 01 May 2026 00:00:00 +0000 asID: 138546 IP address blocks: 43.243.96.0/22 maxlen: 24 103.38.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 31 Jan 2026 18:15:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3214 (0xc8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC966, serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248 Validity Not Before: Dec 31 19:15:38 2025 GMT Not After : May 1 00:00:00 2026 GMT Subject: CN=6955765a-bff9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ff:f6:c1:a5:03:6e:bf:2b:8e:76:e3:7c:fb: 01:70:76:80:63:88:52:87:9e:09:c5:e9:0a:2f:0f: 4d:0e:de:a5:d0:aa:0e:fe:35:21:de:98:8f:9c:89: 26:70:9a:e2:46:f7:7d:3a:1c:7f:14:89:17:9d:9c: e3:7d:93:ac:57:d4:84:2c:e5:64:23:51:2d:6a:c9: 79:37:33:f7:ec:1d:e3:fe:2f:6d:74:88:4e:0a:2a: 83:51:6f:6c:61:c3:12:2f:68:75:21:94:be:ad:4d: fd:cb:1d:48:07:f9:62:34:0c:07:55:f4:c4:b0:68: 6d:7a:a9:19:53:c7:19:9b:8b:c4:b4:56:fe:b2:c6: 04:51:94:e4:d0:f8:37:92:2c:39:6d:31:de:aa:bd: be:21:77:c6:ee:53:e1:78:4d:18:bf:e2:78:fd:b1: 41:9c:10:ef:38:56:1b:80:e4:84:96:45:c4:0c:7f: a1:08:d8:15:ac:6b:9d:7f:61:e3:18:08:9a:14:02: f2:ac:61:35:66:c3:12:bf:21:40:8d:ae:23:ba:f4: d0:32:24:26:9c:7b:28:a4:77:65:a7:a9:8b:83:31: 9a:88:ef:96:be:3e:51:70:c4:7c:a2:0b:80:31:35: 2d:4d:9a:fe:03:81:af:43:79:43:36:29:16:3b:a6: 05:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:5E:0F:A1:6E:A6:8E:B1:79:5C:0D:9D:47:75:FE:48:8D:6D:7D:D5 X509v3 Authority Key Identifier: keyid:B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/5DA849821C1211EA819EA46EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.243.96.0/22 103.38.196.0/22 Signature Algorithm: sha256WithRSAEncryption 27:d1:50:0e:96:5e:66:46:6c:e4:3f:1f:f6:4e:a9:d7:0c:39: ac:f8:5a:b6:4e:ca:98:1e:86:ce:1d:b3:dd:cd:42:cc:64:1f: ac:8a:14:39:3f:dc:6c:db:29:90:b4:30:81:7c:69:c1:a5:00: 5e:d8:0c:26:7f:6c:02:49:fc:76:b4:31:3b:53:d0:56:81:1f: f6:67:05:c7:33:bd:42:91:c3:7e:37:5c:9d:18:04:b1:ba:d1: 47:80:b8:ad:da:e7:dc:38:0a:1a:ff:27:fb:5f:12:b7:f3:7f: 6b:59:31:f4:0c:e0:45:37:86:95:ea:fe:94:a0:64:7a:15:68: f7:c2:88:99:95:a3:2c:cc:5e:b5:b6:48:02:18:fa:ae:af:0f: d2:c1:4f:d7:bc:36:f6:38:b1:f7:d3:09:98:2b:65:1e:e4:cf: 6e:ab:18:22:97:c3:a8:66:db:fe:6d:23:26:e4:c5:59:5c:60: 06:a0:9a:6b:31:5e:5d:5f:94:a6:39:94:06:a3:21:18:ab:7b: 0b:82:a7:6d:55:b1:ff:25:7e:be:57:4f:3d:a3:41:4e:fa:36: 02:74:35:3c:0d:c7:5d:be:da:70:ad:9f:9c:d9:2e:73:60:7d: 11:62:eb:52:3e:2c:c6:50:66:e2:bd:b0:de:63:65:49:05:ba: a2:63:76:53 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICDI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx QkM5NjYxMTAvBgNVBAUTKEIyQTI1RERFMUE5RUM5MUI1OTk4NkE1MzJGNzg4MzU0 MzYxODMyNDgwHhcNMjUxMjMxMTkxNTM4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTU1NzY1YS1iZmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyv/2waUDbr8rjnbjfPsBcHaAY4hSh54JxekKLw9NDt6l0KoO/jUh3piPnIkm cJriRvd9Ohx/FIkXnZzjfZOsV9SELOVkI1Etasl5NzP37B3j/i9tdIhOCiqDUW9s YcMSL2h1IZS+rU39yx1IB/liNAwHVfTEsGhteqkZU8cZm4vEtFb+ssYEUZTk0Pg3 kiw5bTHeqr2+IXfG7lPheE0Yv+J4/bFBnBDvOFYbgOSElkXEDH+hCNgVrGudf2Hj GAiaFALyrGE1ZsMSvyFAja4juvTQMiQmnHsopHdlp6mLgzGaiO+Wvj5RcMR8oguA MTUtTZr+A4GvQ3lDNikWO6YFHwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFE5eD6Fu po6xeVwNnUd1/kiNbX3VMB8GA1UdIwQYMBaAFLKiXd4anskbWZhqUy94g1Q2GDJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzk2Ni9BMTk1MkJBMjFD MTExMUVBQjZDM0M3NkRDNEY5QUUwMi9zcUpkM2hxZXlSdFptR3BUTDNpRFZEWVlN a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NxSmQzaHFleVJ0Wm1HcFRMM2lEVkRZWU1rZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkM5NjYvQTE5NTJCQTIxQzExMTFFQUI2QzNDNzZEQzRGOUFFMDIvNURBODQ5ODIx QzEyMTFFQTgxOUVBNDZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAIr82ADBAJnJsQwDQYJKoZIhvcNAQELBQADggEBACfRUA6W XmZGbOQ/H/ZOqdcMOaz4WrZOypgehs4ds93NQsxkH6yKFDk/3GzbKZC0MIF8acGl AF7YDCZ/bAJJ/Ha0MTtT0FaBH/ZnBcczvUKRw343XJ0YBLG60UeAuK3a59w4Chr/ J/tfErfzf2tZMfQM4EU3hpXq/pSgZHoVaPfCiJmVoyzMXrW2SAIY+q6vD9LBT9e8 NvY4sffTCZgrZR7kz26rGCKXw6hm2/5tIybkxVlcYAagmmsxXl1flKY5lAajIRir ewuCp21Vsf8lfr5XTz2jQU76NgJ0NTwNx12+2nCtn5zZLnNgfRFi61I+LMZQZuK9 sN5jZUkFuqJjdlM= -----END CERTIFICATE-----Generated at Sun Jan 25 15:33:10 2026 by rpki-client