This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/86CD7C2E72B011EB9FC4FE4EC4F9AE02.roa File: 86CD7C2E72B011EB9FC4FE4EC4F9AE02.roa (raw, json) Hash identifier: TFKRxnOklHqBqHXkm8eeXU3NFE2mAwrypGYRlqO2PKA= Subject key identifier: 08:96:78:29:DA:3C:A6:86:F3:1D:8E:0B:3E:05:4C:92:EE:7A:AA:E9 Certificate issuer: /CN=A91B625F/serialNumber=E155B82A87D28E877602F994F8FFD3E744AAF480 Certificate serial: 0869 Authority key identifier: E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/86CD7C2E72B011EB9FC4FE4EC4F9AE02.roa Signing time: Tue 16 Dec 2025 21:17:30 +0000 ROA not before: Tue 16 Dec 2025 21:17:30 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 38173 IP address blocks: 2406:9dc0:1000::/44 maxlen: 48 2406:9dc0:6660::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 20:31:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2153 (0x869) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B625F, serialNumber=E155B82A87D28E877602F994F8FFD3E744AAF480 Validity Not Before: Dec 16 21:17:30 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=6941cc6a-5906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:28:e4:2f:29:1b:7a:d3:ad:2e:4f:a7:e3:8f: 89:44:51:b5:1c:f2:f9:b0:83:c8:d1:de:1a:f5:22: c1:0e:77:b8:7e:4c:9f:f1:fb:7f:b6:af:0a:0e:ca: ca:d3:0c:8b:57:5b:5c:e3:b3:0c:7c:59:65:5d:b2: 56:27:3e:97:3f:96:42:1f:a6:98:3e:e6:6e:48:30: 77:8e:06:94:c1:a3:61:7f:1e:4f:a3:8e:be:1d:8b: 2a:88:b4:08:70:c0:f5:a4:44:6f:4c:af:d4:81:29: 4d:13:c5:0a:f2:6d:e0:8a:50:79:67:08:da:11:83: 95:63:00:8a:3d:48:ff:2f:e4:c7:b3:62:f0:62:22: 23:b6:6d:d1:74:dd:53:0c:69:0e:de:ce:4a:20:98: 44:06:66:47:54:61:72:ac:0b:38:f8:b7:18:f2:2c: e7:4f:75:87:75:d3:31:61:7b:9c:81:2a:c0:b2:74: 13:e1:2c:c1:5d:f1:2e:a1:a8:c0:8e:f8:10:89:5b: 02:f2:e8:e6:7c:c6:6c:9e:0f:38:e4:98:9c:0f:06: a5:2a:b8:22:99:29:99:fa:64:7e:cd:16:4e:50:76: f4:11:31:0a:28:21:4f:c7:c3:03:d7:a9:c1:a9:0a: 43:ef:f8:cd:03:7b:cc:12:28:fc:99:4d:4e:72:31: 49:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:96:78:29:DA:3C:A6:86:F3:1D:8E:0B:3E:05:4C:92:EE:7A:AA:E9 X509v3 Authority Key Identifier: keyid:E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/86CD7C2E72B011EB9FC4FE4EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2406:9dc0:1000::/44 2406:9dc0:6660::/44 Signature Algorithm: sha256WithRSAEncryption 06:a3:dc:df:82:43:bb:3c:d3:6b:3c:fd:ae:89:06:65:60:fe: d2:15:18:70:86:eb:79:71:74:f1:54:b5:84:f3:54:ee:a3:7d: c7:d4:d4:6f:b5:60:68:37:87:4b:1f:95:1b:e0:e6:61:36:a8: d1:1e:07:de:27:9c:82:52:ae:71:66:2b:93:08:95:5c:1a:a4: 3c:9d:cc:e5:84:f7:69:7f:b8:f6:90:0d:ec:a0:80:5e:df:d4: 3d:97:6a:89:04:4a:62:c4:34:aa:26:55:ea:57:89:61:20:41: fb:99:4a:3c:30:25:0a:70:cd:90:c9:48:96:b3:92:9a:f3:9c: 1a:94:43:a4:e4:8a:a1:15:0a:bc:8c:29:45:e1:48:64:c2:02: 32:c4:58:17:a7:dd:1f:14:6a:c9:fa:f4:20:6f:16:74:f3:40: 59:36:37:32:ef:63:95:95:a8:f2:2a:bb:ef:6a:ea:ca:0a:00: cd:93:ed:7b:82:92:f2:20:0d:96:4f:34:e3:33:41:53:ee:c3: c9:8d:bd:3c:b9:51:4b:31:c1:3a:33:a9:3a:cc:0c:76:38:3c: 79:40:b9:6d:94:a8:34:7c:2b:77:87:c7:73:45:d4:0c:15:17: 4b:df:f4:68:bc:57:c3:59:45:83:35:7f:8c:c6:ef:9c:2a:7e: 78:bb:ec:a6 -----BEGIN CERTIFICATE----- MIIFfTCCBGWgAwIBAgICCGkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjYyNUYxMTAvBgNVBAUTKEUxNTVCODJBODdEMjhFODc3NjAyRjk5NEY4RkZEM0U3 NDRBQUY0ODAwHhcNMjUxMjE2MjExNzMwWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTQxY2M2YS01OTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9yjkLykbetOtLk+n44+JRFG1HPL5sIPI0d4a9SLBDne4fkyf8ft/tq8KDsrK 0wyLV1tc47MMfFllXbJWJz6XP5ZCH6aYPuZuSDB3jgaUwaNhfx5Po46+HYsqiLQI cMD1pERvTK/UgSlNE8UK8m3gilB5ZwjaEYOVYwCKPUj/L+THs2LwYiIjtm3RdN1T DGkO3s5KIJhEBmZHVGFyrAs4+LcY8iznT3WHddMxYXucgSrAsnQT4SzBXfEuoajA jvgQiVsC8ujmfMZsng845JicDwalKrgimSmZ+mR+zRZOUHb0ETEKKCFPx8MD16nB qQpD7/jNA3vMEij8mU1OcjFJxwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAiWeCna PKaG8x2OCz4FTJLueqrpMB8GA1UdIwQYMBaAFOFVuCqH0o6HdgL5lPj/0+dEqvSA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjI1Ri8yMkQ5MUY3MjEx Q0UxMUVCOEFEMDVBMkJDNEY5QUUwMi80Vlc0S29mU2pvZDJBdm1VLVBfVDUwU3E5 SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRWVzRLb2ZTam9kMkF2bVUtUF9UNTBTcTlJQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjYyNUYvMjJEOTFGNzIxMUNFMTFFQjhBRDA1QTJCQzRGOUFFMDIvODZDRDdDMkU3 MkIwMTFFQjlGQzRGRTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E HDAaMBgEAgACMBIDBwQkBp3AEAADBwQkBp3AZmAwDQYJKoZIhvcNAQELBQADggEB AAaj3N+CQ7s802s8/a6JBmVg/tIVGHCG63lxdPFUtYTzVO6jfcfU1G+1YGg3h0sf lRvg5mE2qNEeB94nnIJSrnFmK5MIlVwapDydzOWE92l/uPaQDeyggF7f1D2XaokE SmLENKomVepXiWEgQfuZSjwwJQpwzZDJSJazkprznBqUQ6TkiqEVCryMKUXhSGTC AjLEWBen3R8Uasn69CBvFnTzQFk2NzLvY5WVqPIqu+9q6soKAM2T7XuCkvIgDZZP NOMzQVPuw8mNvTy5UUsxwTozqTrMDHY4PHlAuW2UqDR8K3eHx3NF1AwVF0vf9Gi8 V8NZRYM1f4zG75wqfni77KY= -----END CERTIFICATE-----Generated at Sun Dec 21 02:36:44 2025 by rpki-client