This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/5164F13EDBD811F0A0A88CE756641951.roa File: 5164F13EDBD811F0A0A88CE756641951.roa (raw, json) Hash identifier: dzkg5DJUbZBryBBl0bj8Y0ekyIFso09dXRIHhTkjR50= Subject key identifier: EE:56:FE:6C:60:C1:99:EC:96:67:A7:71:26:B7:20:C8:49:88:2A:99 Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Certificate serial: 0CC6 Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/5164F13EDBD811F0A0A88CE756641951.roa Signing time: Thu 18 Dec 2025 06:10:57 +0000 ROA not before: Thu 18 Dec 2025 06:10:57 +0000 ROA not after: Thu 28 May 2026 00:00:00 +0000 asID: 5065 IP address blocks: 43.230.52.0/24 maxlen: 24 43.230.53.0/24 maxlen: 24 43.246.198.0/24 maxlen: 24 43.249.240.0/24 maxlen: 24 43.249.243.0/24 maxlen: 24 43.250.89.0/24 maxlen: 24 43.250.90.0/24 maxlen: 24 43.250.91.0/24 maxlen: 24 43.251.184.0/24 maxlen: 24 43.251.186.0/24 maxlen: 24 45.115.33.0/24 maxlen: 24 45.115.35.0/24 maxlen: 24 45.124.63.0/24 maxlen: 24 103.7.118.0/24 maxlen: 24 103.7.119.0/24 maxlen: 24 103.13.19.0/24 maxlen: 24 103.15.32.0/24 maxlen: 24 103.15.34.0/24 maxlen: 24 103.15.35.0/24 maxlen: 24 103.248.150.0/24 maxlen: 24 103.248.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 18:42:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3270 (0xcc6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Validity Not Before: Dec 18 06:10:57 2025 GMT Not After : May 28 00:00:00 2026 GMT Subject: CN=69439af1-da60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:02:fe:96:7e:bb:84:91:e4:5f:6d:7a:54:12: 7b:28:dd:a3:a3:f5:0a:75:48:82:3d:f9:e9:9f:38: d2:06:09:f3:54:5f:dc:83:f4:0c:05:e5:74:eb:3f: 0d:92:91:bd:d8:2a:14:0b:85:00:41:c8:a6:bc:46: ca:a0:83:6c:ae:ac:3e:eb:22:48:9c:60:60:23:0a: 1f:72:48:e0:ae:05:be:36:27:54:08:e3:4d:92:9f: 17:98:17:dc:2b:20:45:43:4c:3d:16:2c:3b:14:a8: 9b:be:e6:f2:1d:7b:fb:f1:6a:24:d2:25:3f:ca:63: 23:b3:ee:95:02:60:ed:b7:42:d5:ba:19:6b:40:a9: e4:7d:11:65:91:84:3f:9e:1c:08:81:6f:6f:cc:54: 44:92:45:fb:c0:a4:44:2e:93:11:51:d4:38:04:5a: f6:b8:0b:5b:a8:e8:46:c7:69:f3:0f:66:df:e8:89: 27:05:10:b9:67:26:b6:81:40:3b:2d:e8:92:d1:06: 11:75:03:5a:6c:0e:9d:c1:0c:72:5c:29:4f:a7:ce: 29:77:c3:ca:4f:40:d8:2a:09:b5:c8:4c:a5:7e:e9: 46:92:db:52:b8:78:52:ca:e9:e7:f6:bd:51:6f:05: 66:46:ac:3e:d8:1e:67:c1:ba:8d:bb:f7:d9:f8:42: 95:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:56:FE:6C:60:C1:99:EC:96:67:A7:71:26:B7:20:C8:49:88:2A:99 X509v3 Authority Key Identifier: keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/5164F13EDBD811F0A0A88CE756641951.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.230.52.0/23 43.246.198.0/24 43.249.240.0/24 43.249.243.0/24 43.250.89.0-43.250.91.255 43.251.184.0/24 43.251.186.0/24 45.115.33.0/24 45.115.35.0/24 45.124.63.0/24 103.7.118.0/23 103.13.19.0/24 103.15.32.0/24 103.15.34.0/23 103.248.150.0/23 Signature Algorithm: sha256WithRSAEncryption 5b:46:de:01:4c:0b:7c:42:1f:ad:39:81:44:d9:6e:5a:1b:7e: e6:25:37:74:6a:57:0a:40:8f:f6:d2:bf:6a:3c:6f:3a:28:48: 04:33:ad:06:e8:c1:b2:ef:0e:71:a1:8c:7e:ce:5c:e0:30:39: 5b:00:a6:f6:bf:0c:fd:d9:e7:4c:2e:ba:62:c7:5f:74:fc:5c: eb:4b:0c:85:e2:9a:33:dd:2c:c5:c6:a4:23:0d:a4:2c:e2:d3: f9:7e:e4:30:08:f0:c0:1b:ec:d9:cc:db:18:b6:ed:e6:1d:a0: e2:e1:41:6f:8b:93:42:cd:ab:49:bf:2d:22:a2:3a:da:fd:62: b7:0f:d1:ce:8d:ff:39:2b:db:cd:e7:bb:0b:17:53:bb:4d:51: 2b:43:69:2c:a2:18:3d:71:b5:f7:5c:3a:3a:bd:8b:b6:70:8a: 89:3e:32:2f:af:71:3d:a9:0d:48:72:ae:ab:17:7d:a2:8b:a1: 6a:b2:d5:98:fa:8c:5e:b3:d4:39:23:3f:cf:31:4e:d5:53:7c: 1e:a6:5a:1e:81:41:57:01:f4:c4:78:2e:c8:0e:80:5b:e9:ec: 8e:78:11:f5:be:d9:8f:98:c7:d6:e0:4e:2b:da:2f:d9:9b:71: 93:41:b3:3f:20:24:4e:93:2f:86:06:2d:39:75:38:0a:18:64: a8:46:93:6f -----BEGIN CERTIFICATE----- MIIFzTCCBLWgAwIBAgICDMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG NjlDQkE4NDYwHhcNMjUxMjE4MDYxMDU3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD VQQDDA02OTQzOWFmMS1kYTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtAL+ln67hJHkX216VBJ7KN2jo/UKdUiCPfnpnzjSBgnzVF/cg/QMBeV06z8N kpG92CoUC4UAQcimvEbKoINsrqw+6yJInGBgIwofckjgrgW+NidUCONNkp8XmBfc KyBFQ0w9Fiw7FKibvubyHXv78Wok0iU/ymMjs+6VAmDtt0LVuhlrQKnkfRFlkYQ/ nhwIgW9vzFREkkX7wKRELpMRUdQ4BFr2uAtbqOhGx2nzD2bf6IknBRC5Zya2gUA7 LeiS0QYRdQNabA6dwQxyXClPp84pd8PKT0DYKgm1yEylfulGkttSuHhSyunn9r1R bwVmRqw+2B5nwbqNu/fZ+EKVSQIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFO5W/mxg wZnslmencSa3IMhJiCqZMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvNTE2NEYxM0VE QkQ4MTFGMEEwQTg4Q0U3NTY2NDE5NTEucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E bDBqMGgEAgABMGIDBAEr5jQDBAAr9sYDBAAr+fADBAAr+fMwDAMEACv6WQMEAiv6 WAMEACv7uAMEACv7ugMEAC1zIQMEAC1zIwMEAC18PwMEAWcHdgMEAGcNEwMEAGcP IAMEAWcPIgMEAWf4ljANBgkqhkiG9w0BAQsFAAOCAQEAW0beAUwLfEIfrTmBRNlu Wht+5iU3dGpXCkCP9tK/ajxvOihIBDOtBujBsu8OcaGMfs5c4DA5WwCm9r8M/dnn TC66YsdfdPxc60sMheKaM90sxcakIw2kLOLT+X7kMAjwwBvs2czbGLbt5h2g4uFB b4uTQs2rSb8tIqI62v1itw/Rzo3/OSvbzee7CxdTu01RK0NpLKIYPXG191w6Or2L tnCKiT4yL69xPakNSHKuqxd9oouharLVmPqMXrPUOSM/zzFO1VN8HqZaHoFBVwH0 xHguyA6AW+nsjngR9b7Zj5jH1uBOK9ov2Ztxk0GzPyAkTpMvhgYtOXU4ChhkqEaT bw== -----END CERTIFICATE-----Generated at Fri Dec 19 17:27:44 2025 by rpki-client