This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/3CE5C23A550611ED96C8F350C4F9AE02.roa File: 3CE5C23A550611ED96C8F350C4F9AE02.roa (raw, json) Hash identifier: wfo3IJ4QVH7mLkWRPHTdhiFpu+AklmK5OoP63oQmtyg= Subject key identifier: B5:A7:83:0E:F3:2B:64:CF:A5:80:68:83:40:35:48:97:C5:AF:3F:58 Certificate issuer: /CN=A91FFEDB/serialNumber=594F7A0BA9BD1C1386847CE8963963FE4E71636C Certificate serial: 0244 Authority key identifier: 59:4F:7A:0B:A9:BD:1C:13:86:84:7C:E8:96:39:63:FE:4E:71:63:6C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WU96C6m9HBOGhHzoljlj_k5xY2w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/3CE5C23A550611ED96C8F350C4F9AE02.roa Signing time: Sun 09 Nov 2025 00:17:28 +0000 ROA not before: Sun 09 Nov 2025 00:17:28 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 38327 IP address blocks: 158.89.0.0/16 maxlen: 16 158.89.0.0/17 maxlen: 17 158.89.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/WU96C6m9HBOGhHzoljlj_k5xY2w.crl rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/WU96C6m9HBOGhHzoljlj_k5xY2w.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WU96C6m9HBOGhHzoljlj_k5xY2w.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Dec 2025 00:18:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 580 (0x244) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FFEDB, serialNumber=594F7A0BA9BD1C1386847CE8963963FE4E71636C Validity Not Before: Nov 9 00:17:28 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=690fdd97-bef0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3d:1f:de:da:7d:9a:94:c7:71:b8:d8:50:0c: a5:cd:5e:26:51:98:fc:49:fa:6e:a5:e5:0a:e9:c4: d9:db:24:88:cc:a5:1c:fa:48:4b:b1:7c:44:53:de: 4b:a7:c1:db:c9:b6:6e:c6:63:d4:e8:68:22:6d:05: 5b:8a:1f:e1:d9:79:2f:84:38:d9:cc:89:06:96:d9: fe:55:6a:e9:58:77:df:e1:b7:d4:10:80:da:15:17: 14:d7:16:25:34:8c:b6:6b:5c:5c:0d:6e:cc:71:1d: 04:c2:4c:d1:29:79:86:36:f1:d3:b5:0b:4e:50:ae: c4:91:cf:04:c4:4f:37:18:42:6f:47:56:b1:c9:26: ab:4e:04:90:58:c5:d9:45:a2:cd:8d:48:58:71:a8: 3a:0c:00:9b:95:f6:f0:18:8f:c6:f4:e9:90:e6:32: 4e:11:3e:6c:9e:b4:c5:cc:42:65:39:d1:41:24:6b: 7d:c5:02:00:1d:41:85:dd:1e:2e:ef:00:2c:23:e2: 8a:1b:8f:81:0d:f3:1c:7f:76:8a:cf:a7:11:2e:4e: 39:06:9e:e7:74:49:22:87:21:42:87:cf:b4:9f:1c: 9d:d9:32:a0:d7:3c:81:55:44:ee:d6:08:6c:97:de: bb:bf:f3:13:f9:8c:c3:36:6c:cc:6f:6e:f4:40:73: 7a:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:A7:83:0E:F3:2B:64:CF:A5:80:68:83:40:35:48:97:C5:AF:3F:58 X509v3 Authority Key Identifier: keyid:59:4F:7A:0B:A9:BD:1C:13:86:84:7C:E8:96:39:63:FE:4E:71:63:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/WU96C6m9HBOGhHzoljlj_k5xY2w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/WU96C6m9HBOGhHzoljlj_k5xY2w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFEDB/34D5D7E6550211ED964B7A4AC4F9AE02/3CE5C23A550611ED96C8F350C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 158.89.0.0/16 Signature Algorithm: sha256WithRSAEncryption 21:d8:25:0b:eb:46:54:d0:80:ac:9a:87:42:68:2b:43:91:d2: 36:57:07:d3:b3:59:0a:d0:27:7e:ba:fc:8f:f1:53:ab:6e:41: 38:6e:3d:81:df:da:b2:a4:60:a2:ad:1c:bd:25:d2:ad:82:07: f4:10:7b:40:58:fd:58:6c:e6:07:9c:51:67:76:d1:9b:54:d4: 07:56:f0:30:f0:c8:d8:43:7e:36:ba:bb:40:f5:6d:f8:39:39: c4:37:63:b4:78:01:37:83:c2:12:2f:ac:56:88:c1:78:86:c9: 0e:4e:1f:70:5f:f0:9a:b4:e4:94:8c:10:b0:51:ca:e8:ec:11: 0c:ce:ae:2f:0a:4b:52:4b:d9:b6:6d:33:d8:b9:fa:ef:9b:41: 45:60:0e:cf:88:0a:61:2a:27:b0:65:73:b8:d2:d3:c4:63:42: b0:2e:93:8a:6b:7a:2a:ab:75:bf:f5:c3:08:e4:bf:c4:ed:c0: b6:15:6e:33:74:b7:a3:33:4d:8f:f9:35:9e:2b:25:89:ae:88: 3c:65:6e:af:98:75:c4:ec:56:6d:ed:38:53:df:79:f7:69:2e: f1:0a:f6:d2:8b:49:a0:0c:8f:d3:51:e2:c9:94:d2:3b:3b:ff: 07:3b:d2:33:c6:2f:8f:73:2e:b0:f9:a0:ea:63:3c:1d:e6:b3: a1:d7:a4:d4 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgICAkQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkZFREIxMTAvBgNVBAUTKDU5NEY3QTBCQTlCRDFDMTM4Njg0N0NFODk2Mzk2M0ZF NEU3MTYzNkMwHhcNMjUxMTA5MDAxNzI4WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTBmZGQ5Ny1iZWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsz0f3tp9mpTHcbjYUAylzV4mUZj8SfpupeUK6cTZ2ySIzKUc+khLsXxEU95L p8HbybZuxmPU6GgibQVbih/h2XkvhDjZzIkGltn+VWrpWHff4bfUEIDaFRcU1xYl NIy2a1xcDW7McR0EwkzRKXmGNvHTtQtOUK7Ekc8ExE83GEJvR1axySarTgSQWMXZ RaLNjUhYcag6DACblfbwGI/G9OmQ5jJOET5snrTFzEJlOdFBJGt9xQIAHUGF3R4u 7wAsI+KKG4+BDfMcf3aKz6cRLk45Bp7ndEkihyFCh8+0nxyd2TKg1zyBVUTu1ghs l967v/MT+YzDNmzMb270QHN6MwIDAQABo4IClDCCApAwHQYDVR0OBBYEFLWngw7z K2TPpYBog0A1SJfFrz9YMB8GA1UdIwQYMBaAFFlPegupvRwThoR86JY5Y/5OcWNs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkVEQi8zNEQ1RDdFNjU1 MDIxMUVEOTY0QjdBNEFDNEY5QUUwMi9XVTk2QzZtOUhCT0doSHpvbGpsal9rNXhZ MncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1dVOTZDNm05SEJPR2hIem9samxqX2s1eFkydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RkZFREIvMzRENUQ3RTY1NTAyMTFFRDk2NEI3QTRBQzRGOUFFMDIvM0NFNUMyM0E1 NTA2MTFFRDk2QzhGMzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E DzANMAsEAgABMAUDAwCeWTANBgkqhkiG9w0BAQsFAAOCAQEAIdglC+tGVNCArJqH QmgrQ5HSNlcH07NZCtAnfrr8j/FTq25BOG49gd/asqRgoq0cvSXSrYIH9BB7QFj9 WGzmB5xRZ3bRm1TUB1bwMPDI2EN+Nrq7QPVt+Dk5xDdjtHgBN4PCEi+sVojBeIbJ Dk4fcF/wmrTklIwQsFHK6OwRDM6uLwpLUkvZtm0z2Ln675tBRWAOz4gKYSonsGVz uNLTxGNCsC6Timt6Kqt1v/XDCOS/xO3AthVuM3S3ozNNj/k1nislia6IPGVur5h1 xOxWbe04U99592ku8Qr20otJoAyP01HiyZTSOzv/BzvSM8Yvj3MusPmg6mM8Heaz odek1A== -----END CERTIFICATE-----Generated at Sun Dec 7 06:08:28 2025 by rpki-client