This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/43DCAEE0BBE811F092C97714C4F9AE02.roa File: 43DCAEE0BBE811F092C97714C4F9AE02.roa (raw, json) Hash identifier: wn9mLZSQ6AihZIoAEJrdnF89hRITb8oywlGW6i8zClI= Subject key identifier: 8F:84:F7:D7:B1:1C:9B:71:2A:D0:5C:17:CA:F6:51:C4:47:A2:E9:C6 Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Certificate serial: 0CB8 Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/43DCAEE0BBE811F092C97714C4F9AE02.roa Signing time: Tue 16 Dec 2025 00:44:32 +0000 ROA not before: Tue 16 Dec 2025 00:44:32 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 202736 IP address blocks: 43.246.129.0/24 maxlen: 24 103.26.164.0/24 maxlen: 24 103.244.211.0/24 maxlen: 24 160.20.45.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 18:42:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3256 (0xcb8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Validity Not Before: Dec 16 00:44:32 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=6940ab70-36b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:52:e2:c9:8b:f9:a8:c1:d2:d3:56:ee:38:c6: 6d:82:b7:4d:c2:44:62:40:56:3c:3e:bb:81:2b:18: 91:49:30:58:83:ba:3c:bd:76:24:37:17:6d:1f:c1: ee:62:ad:d5:e7:5a:31:49:65:93:90:24:53:67:cd: b4:6d:5e:d8:f5:06:94:fd:cb:62:af:f6:f6:bd:2a: cb:42:ce:2c:8f:3c:ce:32:ba:e9:3d:09:f7:f5:b1: 9a:f5:1a:e8:ac:5c:21:d0:ad:7d:80:f5:bc:fc:12: af:7e:04:ca:60:1a:30:91:63:da:bd:69:f8:7e:9e: cb:e8:7f:c8:c4:6d:c4:86:99:9c:67:12:97:4e:24: c3:4b:3a:48:2b:bc:98:2b:96:2f:a9:ed:1f:dc:06: 07:10:f2:68:64:b5:65:e7:e8:01:8c:d7:04:d8:48: 62:b6:ff:48:ee:35:3f:f0:42:4d:2b:df:a3:06:dc: 0d:1f:98:93:fd:34:af:f6:bd:30:28:aa:cd:a6:e4: 18:da:0b:e5:09:90:08:d7:bc:64:55:88:9b:cd:c3: b8:df:b6:5b:73:72:04:06:6a:2c:7d:f4:95:a9:91: 31:88:ba:c1:3b:c5:ab:21:39:d9:fb:c1:be:b2:1a: 9e:0f:f6:e3:ca:3f:55:80:64:de:f7:ac:91:41:d2: ab:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:84:F7:D7:B1:1C:9B:71:2A:D0:5C:17:CA:F6:51:C4:47:A2:E9:C6 X509v3 Authority Key Identifier: keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/43DCAEE0BBE811F092C97714C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.246.129.0/24 103.26.164.0/24 103.244.211.0/24 160.20.45.0/24 Signature Algorithm: sha256WithRSAEncryption dd:74:b0:e2:33:25:23:af:24:f9:51:47:eb:f2:4c:3e:be:b3: 2c:a8:ff:fc:e2:6c:8a:54:9b:a9:a5:d0:6b:1f:09:b9:1e:0d: f1:68:ef:8f:a6:2e:ec:7d:76:9a:f9:e1:ea:d0:f8:7c:3a:cf: 66:76:e9:45:a8:de:d6:b7:47:34:76:0c:b6:cf:a2:2c:8b:ae: b9:de:1b:e7:52:7f:2e:3e:cc:4f:f2:8a:54:c5:c9:c7:93:bf: fe:99:8b:ca:35:e6:95:9d:29:ae:a2:09:8b:a7:f2:3d:b0:44: c0:51:5f:d4:fc:6f:8e:06:4e:7a:2e:25:55:a2:b1:40:b4:d5: 21:84:64:23:53:10:ed:2a:66:a2:2d:04:66:83:c2:c9:7a:34: 74:6d:30:c2:8a:03:f1:99:45:57:6b:3f:67:23:15:32:82:46: ca:d2:a8:0e:19:78:53:24:72:4e:bd:5b:84:e1:e3:98:55:46: f2:bd:ca:70:19:76:de:5c:9f:a5:35:ad:e1:4f:2a:cc:8f:d8: d2:c0:b2:db:3a:49:a0:0d:c0:be:18:ca:ba:fc:4f:ec:27:6d: c8:30:a9:76:26:8c:d3:c7:7c:d9:fe:e3:62:45:b7:65:1d:e6: ef:c3:f0:9e:87:35:42:88:5a:3b:20:a9:f4:02:f6:01:a8:46: d9:e5:1c:b6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgICDLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG NjlDQkE4NDYwHhcNMjUxMjE2MDA0NDMyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDDA02OTQwYWI3MC0zNmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtVLiyYv5qMHS01buOMZtgrdNwkRiQFY8PruBKxiRSTBYg7o8vXYkNxdtH8Hu Yq3V51oxSWWTkCRTZ820bV7Y9QaU/ctir/b2vSrLQs4sjzzOMrrpPQn39bGa9Rro rFwh0K19gPW8/BKvfgTKYBowkWPavWn4fp7L6H/IxG3EhpmcZxKXTiTDSzpIK7yY K5Yvqe0f3AYHEPJoZLVl5+gBjNcE2Ehitv9I7jU/8EJNK9+jBtwNH5iT/TSv9r0w KKrNpuQY2gvlCZAI17xkVYibzcO437Zbc3IEBmosffSVqZExiLrBO8WrITnZ+8G+ shqeD/bjyj9VgGTe96yRQdKrTwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFI+E99ex HJtxKtBcF8r2UcRHounGMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvNDNEQ0FFRTBC QkU4MTFGMDkyQzk3NzE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E IjAgMB4EAgABMBgDBAAr9oEDBABnGqQDBABn9NMDBACgFC0wDQYJKoZIhvcNAQEL BQADggEBAN10sOIzJSOvJPlRR+vyTD6+syyo//zibIpUm6ml0GsfCbkeDfFo74+m Lux9dpr54erQ+Hw6z2Z26UWo3ta3RzR2DLbPoiyLrrneG+dSfy4+zE/yilTFyceT v/6Zi8o15pWdKa6iCYun8j2wRMBRX9T8b44GTnouJVWisUC01SGEZCNTEO0qZqIt BGaDwsl6NHRtMMKKA/GZRVdrP2cjFTKCRsrSqA4ZeFMkck69W4Th45hVRvK9ynAZ dt5cn6U1reFPKsyP2NLAsts6SaANwL4Yyrr8T+wnbcgwqXYmjNPHfNn+42JFt2Ud 5u/D8J6HNUKIWjsgqfQC9gGoRtnlHLY= -----END CERTIFICATE-----Generated at Fri Dec 19 16:49:48 2025 by rpki-client