This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91538E7/C62B2986934211F0A987783BC4F9AE02/12A52794DD1211F0B41550BC5F6F56BC.roa File: 12A52794DD1211F0B41550BC5F6F56BC.roa (raw, json) Hash identifier: oz8NIpj9Tm03gt/8vqVFLzi3RgMkoP/E07i1bU9Ue0g= Subject key identifier: 6E:C7:15:B6:04:A9:C1:BE:14:8B:24:C9:7F:8B:A6:C0:45:53:55:AE Certificate issuer: /CN=A91538E7/serialNumber=3D6216D55CB54FC9B570F9F25F9ADD0F3769B4DE Certificate serial: 58 Authority key identifier: 3D:62:16:D5:5C:B5:4F:C9:B5:70:F9:F2:5F:9A:DD:0F:37:69:B4:DE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PWIW1Vy1T8m1cPnyX5rdDzdptN4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91538E7/C62B2986934211F0A987783BC4F9AE02/12A52794DD1211F0B41550BC5F6F56BC.roa Signing time: Fri 19 Dec 2025 19:36:54 +0000 ROA not before: Fri 19 Dec 2025 19:36:54 +0000 ROA not after: Wed 30 Dec 2026 00:00:00 +0000 asID: 984 IP address blocks: 72.57.135.0/24 maxlen: 24 72.57.136.0/21 maxlen: 24 72.57.144.0/24 maxlen: 24 72.57.145.0/24 maxlen: 24 72.57.146.0/23 maxlen: 24 72.57.148.0/22 maxlen: 24 72.57.152.0/23 maxlen: 24 72.57.154.0/24 maxlen: 24 72.57.155.0/24 maxlen: 24 72.57.156.0/22 maxlen: 24 72.57.160.0/22 maxlen: 24 72.57.164.0/24 maxlen: 24 72.57.165.0/24 maxlen: 24 72.57.166.0/23 maxlen: 24 72.57.168.0/21 maxlen: 24 72.57.176.0/22 maxlen: 24 72.57.180.0/24 maxlen: 24 72.57.181.0/24 maxlen: 24 72.57.182.0/23 maxlen: 24 72.57.184.0/23 maxlen: 24 72.57.186.0/23 maxlen: 24 72.57.188.0/22 maxlen: 24 72.57.192.0/22 maxlen: 24 72.57.196.0/22 maxlen: 24 72.57.200.0/21 maxlen: 24 72.57.208.0/20 maxlen: 24 72.57.224.0/22 maxlen: 24 72.57.228.0/22 maxlen: 24 72.57.232.0/22 maxlen: 24 72.57.236.0/23 maxlen: 24 72.57.238.0/23 maxlen: 24 72.57.240.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91538E7/C62B2986934211F0A987783BC4F9AE02/PWIW1Vy1T8m1cPnyX5rdDzdptN4.crl rsync://rpki.apnic.net/member_repository/A91538E7/C62B2986934211F0A987783BC4F9AE02/PWIW1Vy1T8m1cPnyX5rdDzdptN4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PWIW1Vy1T8m1cPnyX5rdDzdptN4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Dec 2025 14:50:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 88 (0x58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91538E7, serialNumber=3D6216D55CB54FC9B570F9F25F9ADD0F3769B4DE Validity Not Before: Dec 19 19:36:54 2025 GMT Not After : Dec 30 00:00:00 2026 GMT Subject: CN=6945a956-5cca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:4e:72:f0:22:3c:7c:d9:df:02:81:08:3b:fe: 84:ff:38:64:e7:92:99:21:b8:6b:15:9f:c2:f9:90: 25:21:39:82:6c:62:a4:02:d5:11:65:75:ed:60:ad: 89:cc:13:fe:45:af:db:2c:25:a3:d5:39:f9:43:a7: d6:3e:26:d4:aa:8c:c9:2d:64:c7:97:0d:f8:52:bd: eb:fa:a5:93:87:74:1d:46:55:54:d7:c1:eb:84:2b: f0:40:10:24:a1:0a:09:b6:76:11:67:51:59:68:af: 9e:4c:3a:b2:de:aa:2f:53:26:6e:33:f7:e1:95:4f: 06:41:de:3c:85:6f:3d:91:4a:2a:7b:91:71:08:45: 77:41:f0:68:55:11:c3:b8:1f:90:5f:cf:a0:0f:f7: 46:05:b4:4c:e8:20:d6:dc:94:75:83:9e:9f:1e:cb: 1a:25:2f:0d:17:12:a3:e1:81:de:35:91:2d:d6:3f: f2:5c:e6:10:39:65:1b:0e:6f:37:2d:f4:32:c9:33: f2:d4:0a:49:54:d6:63:6d:b2:5c:05:fc:7c:36:34: a3:3b:bf:99:4f:04:b2:13:df:bf:6e:1b:05:aa:5b: 71:86:ad:af:6f:e3:32:14:df:92:fb:d3:bf:e1:96: e1:9c:55:6d:13:86:7a:0c:97:73:63:e4:10:44:c7: 3d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:C7:15:B6:04:A9:C1:BE:14:8B:24:C9:7F:8B:A6:C0:45:53:55:AE X509v3 Authority Key Identifier: keyid:3D:62:16:D5:5C:B5:4F:C9:B5:70:F9:F2:5F:9A:DD:0F:37:69:B4:DE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91538E7/C62B2986934211F0A987783BC4F9AE02/PWIW1Vy1T8m1cPnyX5rdDzdptN4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PWIW1Vy1T8m1cPnyX5rdDzdptN4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91538E7/C62B2986934211F0A987783BC4F9AE02/12A52794DD1211F0B41550BC5F6F56BC.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 72.57.135.0-72.57.255.255 Signature Algorithm: sha256WithRSAEncryption 6c:29:48:74:97:c9:d1:c5:77:5d:b5:fd:07:f1:7b:b8:3d:de: f5:44:8d:92:2e:2b:0d:ac:f3:10:ac:68:e5:33:c3:e2:25:20: c1:1d:69:ef:41:01:7b:1e:1b:ef:b7:bf:1d:e2:62:a6:87:e6: 74:1e:a8:a4:35:3a:2e:d4:97:36:b0:65:bb:f2:1c:11:e5:d3: 44:7b:c8:e3:97:f4:06:d4:ce:92:8e:a9:01:f3:b5:ae:2a:62: 41:4a:c5:c6:33:ea:65:61:8d:3d:00:cc:1e:d5:91:2f:91:8c: 26:ac:e3:b4:79:68:aa:60:b7:64:26:33:ad:c5:d3:e4:b3:b2: e4:7f:fe:7a:cf:4d:45:4f:5e:a8:f3:52:af:54:82:05:61:17: fb:d4:ca:5c:27:1e:b3:96:aa:8d:f2:4d:a7:a9:36:53:54:c5: 2f:a1:b3:f2:93:69:3b:8a:bc:d0:a9:3e:bd:d5:1b:63:f5:50: 0b:1c:3f:e2:c2:a8:05:dc:9f:ee:02:86:c5:17:c5:f1:5b:55: 3a:ab:ee:8e:27:f6:57:46:91:eb:54:d3:e1:68:96:80:8e:bf: 30:2e:6e:76:a5:25:ff:7e:91:93:50:5d:04:ff:bd:6f:6a:cf: 85:ae:e1:d3:72:4c:8d:75:af:bb:12:11:ec:18:3c:49:56:05: 18:c7:71:03 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgIBWDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 MzhFNzExMC8GA1UEBRMoM0Q2MjE2RDU1Q0I1NEZDOUI1NzBGOUYyNUY5QUREMEYz NzY5QjRERTAeFw0yNTEyMTkxOTM2NTRaFw0yNjEyMzAwMDAwMDBaMBgxFjAUBgNV BAMMDTY5NDVhOTU2LTVjY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHTnLwIjx82d8CgQg7/oT/OGTnkpkhuGsVn8L5kCUhOYJsYqQC1RFlde1grYnM E/5Fr9ssJaPVOflDp9Y+JtSqjMktZMeXDfhSvev6pZOHdB1GVVTXweuEK/BAECSh Cgm2dhFnUVlor55MOrLeqi9TJm4z9+GVTwZB3jyFbz2RSip7kXEIRXdB8GhVEcO4 H5Bfz6AP90YFtEzoINbclHWDnp8eyxolLw0XEqPhgd41kS3WP/Jc5hA5ZRsObzct 9DLJM/LUCklU1mNtslwF/Hw2NKM7v5lPBLIT379uGwWqW3GGra9v4zIU35L707/h luGcVW0ThnoMl3Nj5BBExz0PAgMBAAGjggKcMIICmDAdBgNVHQ4EFgQUbscVtgSp wb4UiyTJf4umwEVTVa4wHwYDVR0jBBgwFoAUPWIW1Vy1T8m1cPnyX5rdDzdptN4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUzOEU3L0M2MkIyOTg2OTM0 MjExRjBBOTg3NzgzQkM0RjlBRTAyL1BXSVcxVnkxVDhtMWNQbnlYNXJkRHpkcHRO NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUFdJVzFWeTFUOG0xY1BueVg1cmREemRwdE40LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MzhFNy9DNjJCMjk4NjkzNDIxMUYwQTk4Nzc4M0JDNEY5QUUwMi8xMkE1Mjc5NERE MTIxMUYwQjQxNTUwQkM1RjZGNTZCQy5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAmBggrBgEFBQcBBwEB/wQX MBUwEwQCAAEwDTALAwQASDmHAwMBSDgwDQYJKoZIhvcNAQELBQADggEBAGwpSHSX ydHFd121/Qfxe7g93vVEjZIuKw2s8xCsaOUzw+IlIMEdae9BAXseG++3vx3iYqaH 5nQeqKQ1Oi7UlzawZbvyHBHl00R7yOOX9AbUzpKOqQHzta4qYkFKxcYz6mVhjT0A zB7VkS+RjCas47R5aKpgt2QmM63F0+SzsuR//nrPTUVPXqjzUq9UggVhF/vUylwn HrOWqo3yTaepNlNUxS+hs/KTaTuKvNCpPr3VG2P1UAscP+LCqAXcn+4ChsUXxfFb VTqr7o4n9ldGketU0+FoloCOvzAubnalJf9+kZNQXQT/vW9qz4Wu4dNyTI11r7sS EewYPElWBRjHcQM= -----END CERTIFICATE-----Generated at Fri Dec 19 22:50:17 2025 by rpki-client