This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/84559BB01D4611EDBB06705BC4F9AE02.roa File: 84559BB01D4611EDBB06705BC4F9AE02.roa (raw, json) Hash identifier: Bg5JnhOTYWXrnwhhpqWfW4Q3wmcNB2++JHlbLdOmesM= Subject key identifier: E3:71:D4:43:71:86:5B:08:C1:41:BB:C0:92:CC:6F:52:67:0C:CB:47 Certificate issuer: /CN=A91D462A/serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45 Certificate serial: 1A91 Authority key identifier: CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/84559BB01D4611EDBB06705BC4F9AE02.roa Signing time: Mon 10 Nov 2025 16:04:39 +0000 ROA not before: Mon 10 Nov 2025 16:04:39 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 9484 IP address blocks: 45.117.32.0/22 maxlen: 22 45.117.32.0/24 maxlen: 24 45.117.33.0/24 maxlen: 24 45.117.34.0/24 maxlen: 24 45.117.35.0/24 maxlen: 24 202.21.96.0/19 maxlen: 19 202.21.96.0/24 maxlen: 24 202.21.97.0/24 maxlen: 24 202.21.98.0/24 maxlen: 24 202.21.99.0/24 maxlen: 24 202.21.100.0/24 maxlen: 24 202.21.101.0/24 maxlen: 24 202.21.102.0/24 maxlen: 24 202.21.103.0/24 maxlen: 24 202.21.104.0/24 maxlen: 24 202.21.105.0/24 maxlen: 24 202.21.106.0/24 maxlen: 24 202.21.107.0/24 maxlen: 24 202.21.108.0/24 maxlen: 24 202.21.109.0/24 maxlen: 24 202.21.110.0/24 maxlen: 24 202.21.111.0/24 maxlen: 24 202.21.112.0/24 maxlen: 24 202.21.113.0/24 maxlen: 24 202.21.114.0/24 maxlen: 24 202.21.115.0/24 maxlen: 24 202.21.116.0/24 maxlen: 24 202.21.117.0/24 maxlen: 24 202.21.118.0/24 maxlen: 24 202.21.119.0/24 maxlen: 24 202.21.120.0/24 maxlen: 24 202.21.121.0/24 maxlen: 24 202.21.122.0/23 maxlen: 24 202.21.124.0/22 maxlen: 22 202.21.124.0/24 maxlen: 24 202.21.125.0/24 maxlen: 24 202.21.126.0/24 maxlen: 24 202.21.127.0/24 maxlen: 24 202.126.92.0/22 maxlen: 24 202.131.224.0/19 maxlen: 19 202.131.224.0/24 maxlen: 24 202.131.225.0/24 maxlen: 24 202.131.226.0/24 maxlen: 24 202.131.227.0/24 maxlen: 24 202.131.228.0/24 maxlen: 24 202.131.229.0/24 maxlen: 24 202.131.230.0/24 maxlen: 24 202.131.231.0/24 maxlen: 24 202.131.232.0/24 maxlen: 24 202.131.233.0/24 maxlen: 24 202.131.234.0/24 maxlen: 24 202.131.235.0/24 maxlen: 24 202.131.236.0/24 maxlen: 24 202.131.237.0/24 maxlen: 24 202.131.238.0/24 maxlen: 24 202.131.239.0/24 maxlen: 24 202.131.240.0/24 maxlen: 24 202.131.241.0/24 maxlen: 24 202.131.242.0/24 maxlen: 24 202.131.243.0/24 maxlen: 24 202.131.244.0/24 maxlen: 24 202.131.245.0/24 maxlen: 24 202.131.246.0/24 maxlen: 24 202.131.247.0/24 maxlen: 24 202.131.248.0/24 maxlen: 24 202.131.249.0/24 maxlen: 24 202.131.250.0/24 maxlen: 24 202.131.251.0/24 maxlen: 24 202.131.252.0/24 maxlen: 24 202.131.253.0/24 maxlen: 24 202.131.254.0/24 maxlen: 24 202.131.255.0/24 maxlen: 24 2407:6400::/32 maxlen: 48 2407:6400:400:700::/56 maxlen: 56 2407:6400:400:800::/56 maxlen: 56 2407:6400:400:900::/56 maxlen: 56 2407:6400:400:1000::/56 maxlen: 56 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Dec 2025 16:03:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6801 (0x1a91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D462A, serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45 Validity Not Before: Nov 10 16:04:39 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=69120d17-7a4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:fc:bc:37:e9:9f:b1:ca:09:e6:39:c0:c0:5f: 53:86:a3:54:39:de:b3:bd:87:b2:96:ca:c5:5b:f5: 1e:f2:51:bc:05:83:96:b8:bc:0d:a2:f2:59:ea:8e: e0:7d:9b:15:b6:3f:4a:1a:04:94:c4:45:5a:33:1f: f6:68:c0:e8:f4:07:79:2b:e1:0b:a2:f6:56:5f:34: e1:fe:f8:2d:5e:21:7c:9b:de:4e:c6:fc:63:c6:7f: 2d:13:13:49:fb:c1:09:73:7e:a5:ea:3e:1e:aa:07: d8:18:46:0f:04:ee:60:38:8e:c8:6b:b9:3f:36:e0: 90:eb:a8:48:df:d0:cc:a2:e5:95:75:28:6f:41:2c: 7a:68:9c:b7:79:dd:be:53:bb:47:7c:e0:06:9e:13: af:ab:18:06:d2:81:26:47:28:54:81:f0:5f:aa:88: f8:7a:8b:8d:5c:99:c7:e2:fa:91:4b:2a:aa:0b:29: 9d:0f:0b:0e:48:5f:7f:9a:62:9e:25:c5:c8:fc:c8: 39:c2:2e:70:2d:c7:ab:67:29:43:1d:4a:46:7d:e7: e6:13:97:2a:a5:a5:1c:8d:69:c7:8d:37:1d:b7:b9: d2:ba:10:7f:9a:2c:6a:40:ad:06:39:85:cd:ba:30: 3c:34:27:1d:db:03:df:b8:6d:7b:93:2e:35:e5:12: 01:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:71:D4:43:71:86:5B:08:C1:41:BB:C0:92:CC:6F:52:67:0C:CB:47 X509v3 Authority Key Identifier: keyid:CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/84559BB01D4611EDBB06705BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.117.32.0/22 202.21.96.0/19 202.126.92.0/22 202.131.224.0/19 IPv6: 2407:6400::/32 Signature Algorithm: sha256WithRSAEncryption ba:f6:03:86:64:a9:ff:c3:9d:94:3b:58:85:74:73:51:e1:cb: a7:27:5b:72:58:8e:e9:81:d0:cb:9a:18:57:ba:23:8f:cb:77: a3:42:6d:91:33:77:15:64:9e:5b:04:ce:f5:7b:6e:a8:61:57: 8e:c5:58:b3:26:77:fb:c4:27:93:de:e0:1d:4d:0b:da:fa:ce: 8c:4e:00:81:df:c4:d4:c0:08:99:09:76:47:0e:ff:0a:2d:06: 05:0a:5e:56:1b:51:26:94:c5:70:a0:59:2d:2f:cc:85:f8:55: 86:b2:1a:b6:c2:12:80:cf:98:fc:92:34:03:38:45:b3:99:8f: 6c:88:59:23:22:d4:20:1d:11:09:df:57:9b:c7:7f:d3:44:06: 77:1d:1e:2b:96:d1:2a:2f:80:33:77:09:4f:aa:b0:d5:fc:3f: d9:4b:6b:f7:99:24:4b:6a:eb:77:0b:32:fa:d4:27:55:a7:29: e7:1f:17:06:a3:a7:80:45:84:9a:e2:f0:cf:65:db:26:51:e0: 3d:a2:d7:af:95:1c:1a:88:2d:ab:1f:93:a0:3d:35:4d:b3:a1: ad:7f:1a:41:5d:cc:ac:0e:76:3a:b2:88:84:97:b9:50:d6:a8: ae:07:51:93:9b:6e:82:e4:d2:06:84:3e:2e:bf:fa:c4:30:3f: 9f:25:1a:99 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgICGpEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ2MkExMTAvBgNVBAUTKENGNzEyQ0IzODlFRTg0REExOUNBOTgxREU2MzBGNTA5 RkY0NENENDUwHhcNMjUxMTEwMTYwNDM5WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTEyMGQxNy03YTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxvy8N+mfscoJ5jnAwF9ThqNUOd6zvYeylsrFW/Ue8lG8BYOWuLwNovJZ6o7g fZsVtj9KGgSUxEVaMx/2aMDo9Ad5K+ELovZWXzTh/vgtXiF8m95Oxvxjxn8tExNJ +8EJc36l6j4eqgfYGEYPBO5gOI7Ia7k/NuCQ66hI39DMouWVdShvQSx6aJy3ed2+ U7tHfOAGnhOvqxgG0oEmRyhUgfBfqoj4eouNXJnH4vqRSyqqCymdDwsOSF9/mmKe JcXI/Mg5wi5wLcerZylDHUpGfefmE5cqpaUcjWnHjTcdt7nSuhB/mixqQK0GOYXN ujA8NCcd2wPfuG17ky415RIBLwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFONx1ENx hlsIwUG7wJLMb1JnDMtHMB8GA1UdIwQYMBaAFM9xLLOJ7oTaGcqYHeYw9Qn/RM1F MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDYyQS80Q0JEM0Y4NDUw RDUxMUU3OTMxM0FFMTJDNEY5QUUwMi96M0VzczRudWhOb1p5cGdkNWpEMUNmOUV6 VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ozRXNzNG51aE5vWnlwZ2Q1akQxQ2Y5RXpVVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDQ2MkEvNENCRDNGODQ1MEQ1MTFFNzkzMTNBRTEyQzRGOUFFMDIvODQ1NTlCQjAx RDQ2MTFFREJCMDY3MDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E MTAvMB4EAgABMBgDBAItdSADBAXKFWADBALKflwDBAXKg+AwDQQCAAIwBwMFACQH ZAAwDQYJKoZIhvcNAQELBQADggEBALr2A4Zkqf/DnZQ7WIV0c1Hhy6cnW3JYjumB 0MuaGFe6I4/Ld6NCbZEzdxVknlsEzvV7bqhhV47FWLMmd/vEJ5Pe4B1NC9r6zoxO AIHfxNTACJkJdkcO/wotBgUKXlYbUSaUxXCgWS0vzIX4VYayGrbCEoDPmPySNAM4 RbOZj2yIWSMi1CAdEQnfV5vHf9NEBncdHiuW0SovgDN3CU+qsNX8P9lLa/eZJEtq 63cLMvrUJ1WnKecfFwajp4BFhJri8M9l2yZR4D2i16+VHBqILasfk6A9NU2zoa1/ GkFdzKwOdjqyiISXuVDWqK4HUZObboLk0gaEPi6/+sQwP58lGpk= -----END CERTIFICATE-----Generated at Sat Dec 6 15:58:59 2025 by rpki-client