This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/4CA8BBE232CF11EBADB5497FC4F9AE02.roa File: 4CA8BBE232CF11EBADB5497FC4F9AE02.roa (raw, json) Hash identifier: TcpChTsBYQR53TAci1Cu49H66zJAUKzrxZhCpAIeCNc= Subject key identifier: 7C:02:C4:7C:52:E3:2C:2A:FB:30:5E:76:85:FF:B9:89:06:43:3D:BC Certificate issuer: /CN=A91FF74B/serialNumber=540DDAC668D8B50C96605712195A988A1CAD9E3F Certificate serial: 07BB Authority key identifier: 54:0D:DA:C6:68:D8:B5:0C:96:60:57:12:19:5A:98:8A:1C:AD:9E:3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VA3axmjYtQyWYFcSGVqYihytnj8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/4CA8BBE232CF11EBADB5497FC4F9AE02.roa Signing time: Tue 11 Nov 2025 13:41:46 +0000 ROA not before: Tue 11 Nov 2025 13:41:46 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 56201 IP address blocks: 103.84.216.0/23 maxlen: 23 103.84.216.0/24 maxlen: 24 103.84.217.0/24 maxlen: 24 103.84.218.0/23 maxlen: 23 103.84.218.0/24 maxlen: 24 103.84.219.0/24 maxlen: 24 103.89.74.0/23 maxlen: 23 103.89.74.0/24 maxlen: 24 103.89.75.0/24 maxlen: 24 103.117.158.0/23 maxlen: 23 103.117.158.0/24 maxlen: 24 103.117.159.0/24 maxlen: 24 2001:df0:217::/48 maxlen: 48 2400:6d20::/47 maxlen: 47 2400:6d20::/48 maxlen: 48 2400:6d20:1::/48 maxlen: 48 2400:6d20:2::/47 maxlen: 47 2400:6d20:2::/48 maxlen: 48 2400:6d20:3::/48 maxlen: 48 2400:6d20:10::/47 maxlen: 47 2400:6d20:12::/47 maxlen: 47 2400:6d20:fc00::/47 maxlen: 47 2400:6d20:fc02::/47 maxlen: 47 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/VA3axmjYtQyWYFcSGVqYihytnj8.crl rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/VA3axmjYtQyWYFcSGVqYihytnj8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VA3axmjYtQyWYFcSGVqYihytnj8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 20:32:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1979 (0x7bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF74B, serialNumber=540DDAC668D8B50C96605712195A988A1CAD9E3F Validity Not Before: Nov 11 13:41:46 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69133d1a-e75e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:44:25:fb:3b:82:15:f8:3c:25:60:83:02:17: 72:33:b5:bf:7e:ab:5e:94:89:37:4f:dd:fb:cf:0e: cd:a4:55:c2:1b:ad:6b:e4:d8:b2:57:1d:33:a4:74: 72:cf:fc:8f:b5:fa:59:06:2e:a3:6e:22:ee:1a:de: 78:d6:7a:3d:a7:aa:c1:d2:d3:f4:c2:a3:53:8e:36: 12:95:0c:b0:c5:06:de:72:7d:54:f5:62:bd:57:04: cc:69:52:fa:9c:a9:fa:50:68:53:6d:10:d3:89:f8: fc:4a:b9:29:fb:2b:dc:b2:96:b8:05:05:34:83:65: 98:15:38:59:9d:d7:3a:2f:51:eb:33:3d:9f:98:06: 78:a2:f5:6f:f7:68:f2:99:86:7c:14:d5:b2:34:1f: 3e:dc:c8:e3:c1:f3:0e:0b:6d:73:96:fb:85:ad:d8: 4e:0e:c4:7b:dc:60:c1:28:aa:ee:88:c9:50:db:0a: 03:e3:a5:82:75:bd:c9:10:f7:8f:a0:4e:23:d1:67: 31:3e:a1:93:83:8b:d8:01:d4:fa:15:a4:6d:c2:ee: ab:e8:d6:8f:36:b0:1a:32:44:d1:f1:1f:79:28:47: 28:60:37:93:2e:b0:ac:d6:4a:bb:99:d6:c3:37:03: d3:4e:19:1d:ed:20:82:26:ef:ac:71:e8:48:a6:2f: 83:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:02:C4:7C:52:E3:2C:2A:FB:30:5E:76:85:FF:B9:89:06:43:3D:BC X509v3 Authority Key Identifier: keyid:54:0D:DA:C6:68:D8:B5:0C:96:60:57:12:19:5A:98:8A:1C:AD:9E:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/VA3axmjYtQyWYFcSGVqYihytnj8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VA3axmjYtQyWYFcSGVqYihytnj8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF74B/094489FE32CE11EB9C143F7EC4F9AE02/4CA8BBE232CF11EBADB5497FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.84.216.0/22 103.89.74.0/23 103.117.158.0/23 IPv6: 2001:df0:217::/48 2400:6d20::/46 2400:6d20:10::/46 2400:6d20:fc00::/46 Signature Algorithm: sha256WithRSAEncryption a0:fc:b5:06:45:22:bf:4b:64:57:2e:da:0c:bd:76:64:ec:26: c9:0c:7c:3a:43:6c:42:c2:51:f6:d0:16:54:1c:2b:8f:60:eb: 03:1c:2f:a4:28:1f:d2:37:47:76:58:dd:d0:61:9a:ad:6f:e9: f9:51:28:7d:c3:7a:73:05:d6:92:af:e9:4b:07:e3:6c:f3:bd: 0a:33:86:10:a7:70:14:e5:de:b1:fc:af:13:46:c5:00:9b:74: 93:d8:28:87:fc:71:97:65:ad:a9:36:51:92:94:7f:56:e0:8e: be:58:1e:b0:ef:e5:bd:87:28:67:0f:1b:a7:74:1d:54:b2:77: d0:f6:d3:7d:06:72:85:df:03:54:6a:29:cb:46:ea:48:b2:c5: 21:dc:d9:64:2c:c7:ed:18:eb:38:f6:63:9a:62:54:a4:bb:5f: 95:c4:9c:23:8e:8c:d7:4a:f1:d4:f6:d1:13:7e:8a:fc:32:cc: 95:9f:7e:b7:30:68:d1:cf:6b:81:e9:bd:8f:f1:ec:29:4f:8c: d0:6d:53:e7:7d:73:15:45:2e:da:f0:c4:0a:be:5f:d6:40:41: 76:d6:14:29:55:63:42:4c:c2:da:83:f6:e6:28:20:6b:be:d6: 7d:52:0b:fe:45:3a:cd:d3:0f:9e:59:2e:83:6f:1c:6f:bc:fc: 9b:0c:92:30 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgICB7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY3NEIxMTAvBgNVBAUTKDU0MEREQUM2NjhEOEI1MEM5NjYwNTcxMjE5NUE5ODhB MUNBRDlFM0YwHhcNMjUxMTExMTM0MTQ2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTEzM2QxYS1lNzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxEQl+zuCFfg8JWCDAhdyM7W/fqtelIk3T937zw7NpFXCG61r5NiyVx0zpHRy z/yPtfpZBi6jbiLuGt541no9p6rB0tP0wqNTjjYSlQywxQbecn1U9WK9VwTMaVL6 nKn6UGhTbRDTifj8Srkp+yvcspa4BQU0g2WYFThZndc6L1HrMz2fmAZ4ovVv92jy mYZ8FNWyNB8+3MjjwfMOC21zlvuFrdhODsR73GDBKKruiMlQ2woD46WCdb3JEPeP oE4j0WcxPqGTg4vYAdT6FaRtwu6r6NaPNrAaMkTR8R95KEcoYDeTLrCs1kq7mdbD NwPTThkd7SCCJu+scehIpi+DXwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFHwCxHxS 4ywq+zBedoX/uYkGQz28MB8GA1UdIwQYMBaAFFQN2sZo2LUMlmBXEhlamIocrZ4/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjc0Qi8wOTQ0ODlGRTMy Q0UxMUVCOUMxNDNGN0VDNEY5QUUwMi9WQTNheG1qWXRReVdZRmNTR1ZxWWloeXRu ajguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ZBM2F4bWpZdFF5V1lGY1NHVnFZaWh5dG5qOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkY3NEIvMDk0NDg5RkUzMkNFMTFFQjlDMTQzRjdFQzRGOUFFMDIvNENBOEJCRTIz MkNGMTFFQkFEQjU0OTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E SDBGMBgEAgABMBIDBAJnVNgDBAFnWUoDBAFndZ4wKgQCAAIwJAMHACABDfACFwMH AiQAbSAAAAMHAiQAbSAAEAMHAiQAbSD8ADANBgkqhkiG9w0BAQsFAAOCAQEAoPy1 BkUiv0tkVy7aDL12ZOwmyQx8OkNsQsJR9tAWVBwrj2DrAxwvpCgf0jdHdljd0GGa rW/p+VEofcN6cwXWkq/pSwfjbPO9CjOGEKdwFOXesfyvE0bFAJt0k9goh/xxl2Wt qTZRkpR/VuCOvlgesO/lvYcoZw8bp3QdVLJ30PbTfQZyhd8DVGopy0bqSLLFIdzZ ZCzH7RjrOPZjmmJUpLtflcScI46M10rx1PbRE36K/DLMlZ9+tzBo0c9rgem9j/Hs KU+M0G1T531zFUUu2vDECr5f1kBBdtYUKVVjQkzC2oP25igga77WfVIL/kU6zdMP nlkug28cb7z8mwySMA== -----END CERTIFICATE-----Generated at Sun Dec 7 07:44:53 2025 by rpki-client