This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/01BB1B8E7C0411EFB0D29158C4F9AE02.roa File: 01BB1B8E7C0411EFB0D29158C4F9AE02.roa (raw, json) Hash identifier: FiqF5lwF73ZepGDz+0VT2/MHM+l0dOc9bLdhROFcL9g= Subject key identifier: 70:81:CD:12:27:4A:B8:57:75:8B:E5:C9:29:6D:79:C1:0A:F4:B6:28 Certificate issuer: /CN=A91D298D/serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF Certificate serial: 08D0 Authority key identifier: FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/01BB1B8E7C0411EFB0D29158C4F9AE02.roa Signing time: Mon 15 Dec 2025 10:08:02 +0000 ROA not before: Mon 15 Dec 2025 10:08:02 +0000 ROA not after: Mon 02 Mar 2026 00:00:00 +0000 asID: 138423 IP address blocks: 111.119.175.0/24 maxlen: 24 115.42.72.0/21 maxlen: 24 121.91.56.0/23 maxlen: 24 121.91.60.0/23 maxlen: 24 121.91.62.0/23 maxlen: 24 144.48.0.0/22 maxlen: 24 223.123.0.0/24 maxlen: 24 223.123.32.0/24 maxlen: 24 223.123.33.0/24 maxlen: 24 223.123.34.0/24 maxlen: 24 223.123.35.0/24 maxlen: 24 223.123.36.0/24 maxlen: 24 223.123.37.0/24 maxlen: 24 223.123.38.0/24 maxlen: 24 223.123.39.0/24 maxlen: 24 223.123.40.0/24 maxlen: 24 223.123.41.0/24 maxlen: 24 223.123.42.0/24 maxlen: 24 223.123.43.0/24 maxlen: 24 223.123.44.0/24 maxlen: 24 223.123.45.0/24 maxlen: 24 223.123.46.0/24 maxlen: 24 223.123.47.0/24 maxlen: 24 223.123.48.0/24 maxlen: 24 223.123.49.0/24 maxlen: 24 223.123.66.0/24 maxlen: 24 223.123.67.0/24 maxlen: 24 223.123.76.0/24 maxlen: 24 223.123.77.0/24 maxlen: 24 223.123.100.0/23 maxlen: 24 223.123.102.0/23 maxlen: 24 223.123.122.0/23 maxlen: 24 223.123.124.0/23 maxlen: 24 223.123.126.0/23 maxlen: 24 2402:ad80:c0::/44 maxlen: 48 2402:ad80:d0::/44 maxlen: 48 2402:ad80:e0::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 20:17:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2256 (0x8d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D298D, serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF Validity Not Before: Dec 15 10:08:02 2025 GMT Not After : Mar 2 00:00:00 2026 GMT Subject: CN=693fde02-8b58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:5c:70:85:7d:6d:c2:df:7a:58:bb:99:13:71: b2:5e:3c:43:6c:88:4e:75:66:08:74:0c:b9:77:a0: 2f:80:63:ca:bd:eb:8f:49:05:3f:53:74:95:df:96: d8:48:65:99:a2:65:a4:15:09:b4:94:d0:d8:ba:74: e4:cf:b3:03:01:d4:12:45:96:84:2d:f9:49:d6:bf: 20:df:16:60:52:2a:bd:d5:ea:70:2e:1b:06:22:ec: 1c:bd:b9:43:ff:0c:70:f5:5b:55:8f:b1:0e:e4:50: 04:f7:f9:21:9a:de:59:d7:6e:9a:45:b9:0a:a8:4e: d1:6d:34:8c:b3:d1:50:4f:4a:35:d4:24:f8:14:9c: c5:2d:c1:82:b4:d3:da:ec:23:f3:03:26:f7:be:cc: 46:c6:1d:f9:b7:2b:77:65:be:37:8b:d5:fe:a3:7f: 7d:64:8e:cc:0f:83:e7:2c:2b:68:d3:44:e6:64:7a: f9:d9:c0:41:0a:3f:e5:18:25:62:cf:5e:90:e0:3a: 78:68:08:8a:f4:c3:6a:69:5e:5b:82:84:5d:1e:81: 06:64:e0:9e:39:81:16:ac:f6:86:73:6e:d9:b6:38: e8:40:22:c9:fb:34:a0:54:2b:19:90:d2:71:90:52: ed:cb:37:3c:17:04:cb:9d:ab:91:d3:17:58:d2:b9: 50:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:81:CD:12:27:4A:B8:57:75:8B:E5:C9:29:6D:79:C1:0A:F4:B6:28 X509v3 Authority Key Identifier: keyid:FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/01BB1B8E7C0411EFB0D29158C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 111.119.175.0/24 115.42.72.0/21 121.91.56.0/23 121.91.60.0/22 144.48.0.0/22 223.123.0.0/24 223.123.32.0-223.123.49.255 223.123.66.0/23 223.123.76.0/23 223.123.100.0/22 223.123.122.0-223.123.127.255 IPv6: 2402:ad80:c0::-2402:ad80:ef:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 8a:7c:b9:74:6f:62:9d:8a:ae:12:da:aa:4a:45:23:f8:41:16: f8:22:58:b9:f4:4f:f8:c0:86:6a:b4:2a:a4:40:73:7a:ba:64: ae:21:0e:36:9f:93:ad:27:e1:be:d8:1c:5f:13:dc:02:70:67: 60:a5:14:5a:45:bc:83:86:7c:ec:0d:70:49:0e:1a:77:4e:a4: bf:3d:7f:d3:64:3c:d7:fd:08:85:2d:4d:70:04:56:26:97:da: dc:68:33:cd:70:20:30:06:26:10:33:51:2b:f9:8a:94:2a:eb: e1:11:de:74:b9:ea:6d:37:45:65:20:0a:d9:eb:6e:1a:ec:c6: f6:2a:cf:9b:73:3f:de:af:70:22:83:46:a9:13:5e:c6:24:d3: b9:20:8d:c4:0b:8b:cb:d5:9c:13:90:c1:ef:82:ae:6d:9d:3a: 61:08:19:72:c4:b2:38:78:75:31:62:30:5d:7a:7a:67:90:3f: ed:e9:27:3d:a7:72:33:0b:2a:76:71:c7:cb:dc:d7:d9:c3:2b: f4:f7:cb:21:14:50:cf:96:a1:11:8f:7f:3c:ec:97:d9:58:af: 1c:81:fa:4d:d0:a7:cd:a0:a9:5a:28:93:50:29:60:74:5b:1f: b3:df:15:02:9a:ff:69:0c:b9:06:63:bf:55:0a:2f:91:6a:7a: f4:1d:e7:bb -----BEGIN CERTIFICATE----- MIIF2jCCBMKgAwIBAgICCNAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDI5OEQxMTAvBgNVBAUTKEZFRjJDMUM0RUEwOTY0NDc3NTE0QzFBQTk0NkU2QzQx Nzc4RDA2QkYwHhcNMjUxMjE1MTAwODAyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD VQQDDA02OTNmZGUwMi04YjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2FxwhX1twt96WLuZE3GyXjxDbIhOdWYIdAy5d6AvgGPKveuPSQU/U3SV35bY SGWZomWkFQm0lNDYunTkz7MDAdQSRZaELflJ1r8g3xZgUiq91epwLhsGIuwcvblD /wxw9VtVj7EO5FAE9/khmt5Z126aRbkKqE7RbTSMs9FQT0o11CT4FJzFLcGCtNPa 7CPzAyb3vsxGxh35tyt3Zb43i9X+o399ZI7MD4PnLCto00TmZHr52cBBCj/lGCVi z16Q4Dp4aAiK9MNqaV5bgoRdHoEGZOCeOYEWrPaGc27ZtjjoQCLJ+zSgVCsZkNJx kFLtyzc8FwTLnauR0xdY0rlQmwIDAQABo4IC/jCCAvowHQYDVR0OBBYEFHCBzRIn SrhXdYvlySltecEK9LYoMB8GA1UdIwQYMBaAFP7ywcTqCWRHdRTBqpRubEF3jQa/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjk4RC8zMzdBNjQzMkYx QTYxMUVBQjk1QzBFMkZDNEY5QUUwMi9fdkxCeE9vSlpFZDFGTUdxbEc1c1FYZU5C cjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL192TEJ4T29KWkVkMUZNR3FsRzVzUVhlTkJyOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDI5OEQvMzM3QTY0MzJGMUE2MTFFQUI5NUMwRTJGQzRGOUFFMDIvMDFCQjFCOEU3 QzA0MTFFRkIwRDI5MTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYcGCCsGAQUFBwEHAQH/ BHgwdjBYBAIAATBSAwQAb3evAwQDcypIAwQBeVs4AwQCeVs8AwQCkDAAAwQA33sA MAwDBAXfeyADBAHfezADBAHfe0IDBAHfe0wDBALfe2QwDAMEAd97egMEB997ADAa BAIAAjAUMBIDBwYkAq2AAMADBwQkAq2AAOAwDQYJKoZIhvcNAQELBQADggEBAIp8 uXRvYp2KrhLaqkpFI/hBFvgiWLn0T/jAhmq0KqRAc3q6ZK4hDjafk60n4b7YHF8T 3AJwZ2ClFFpFvIOGfOwNcEkOGndOpL89f9NkPNf9CIUtTXAEViaX2txoM81wIDAG JhAzUSv5ipQq6+ER3nS56m03RWUgCtnrbhrsxvYqz5tzP96vcCKDRqkTXsYk07kg jcQLi8vVnBOQwe+Crm2dOmEIGXLEsjh4dTFiMF16emeQP+3pJz2ncjMLKnZxx8vc 19nDK/T3yyEUUM+WoRGPfzzsl9lYrxyB+k3Qp82gqVook1ApYHRbH7PfFQKa/2kM uQZjv1UKL5FqevQd57s= -----END CERTIFICATE-----Generated at Sat Dec 20 03:23:40 2025 by rpki-client