This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/B3F95F9A24C411F0A4C45287C4F9AE02.roa File: B3F95F9A24C411F0A4C45287C4F9AE02.roa (raw, json) Hash identifier: xB68FJMR3JM3Cs61xN748kWOuQa0imSlnpLBddD+vsM= Subject key identifier: 23:38:0D:6F:8E:03:01:41:B2:2D:47:FC:AD:D4:E2:1A:56:D5:62:E4 Certificate issuer: /CN=A91B6B4B/serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Certificate serial: 6F Authority key identifier: 2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/B3F95F9A24C411F0A4C45287C4F9AE02.roa Signing time: Tue 02 Dec 2025 05:37:11 +0000 ROA not before: Tue 02 Dec 2025 05:37:11 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 139698 IP address blocks: 161.248.58.0/23 maxlen: 23 161.248.58.0/24 maxlen: 24 161.248.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 05:08:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 111 (0x6f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6B4B, serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Validity Not Before: Dec 2 05:37:11 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=692e7b07-d645 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:e0:e7:62:eb:48:f7:7b:f8:92:87:bc:3a:d9: 23:80:47:07:eb:23:16:71:92:b3:7e:fd:03:7d:d2: ad:9e:26:27:25:eb:35:d7:c4:7f:76:b7:33:fe:ae: 6d:ea:98:8b:33:c6:0c:51:b1:14:88:a4:79:85:8b: 5f:a9:db:a3:a5:4e:8a:5d:36:fd:44:8b:f4:f5:39: 08:eb:35:08:c1:ee:51:f5:11:fa:02:3e:73:01:35: ee:a0:87:20:c9:28:86:72:99:18:03:fa:fa:19:1c: 0a:3c:1a:d5:08:ac:30:3c:bb:7b:b5:89:3d:da:50: 99:04:96:d8:9a:e8:50:62:78:dc:26:e8:c7:58:0f: 55:10:8f:34:6a:40:bb:70:8d:f6:78:83:11:81:98: 0f:0a:98:b5:7e:2b:b0:af:82:92:f2:d2:f4:dd:f0: 01:66:7b:67:23:ee:c2:ba:cc:93:da:ff:52:78:52: f9:f8:62:59:ed:b0:a1:b5:c7:b8:26:2b:6f:04:cd: b9:dd:d4:21:7a:1e:82:14:f7:09:74:aa:59:d8:b8: 14:14:0a:7e:10:97:65:44:38:d0:cd:60:ae:85:69: ae:89:c4:ac:8e:19:a7:d1:ca:84:43:10:be:ef:7e: 2e:a7:03:59:84:f8:0f:a3:ea:ba:07:cb:b9:56:77: a9:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:38:0D:6F:8E:03:01:41:B2:2D:47:FC:AD:D4:E2:1A:56:D5:62:E4 X509v3 Authority Key Identifier: keyid:2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/B3F95F9A24C411F0A4C45287C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 161.248.58.0/23 Signature Algorithm: sha256WithRSAEncryption 48:50:dd:f3:f5:06:21:34:d9:3c:e0:93:83:7f:e3:6d:f9:50: 75:b6:4a:04:29:67:32:13:4a:6e:eb:c0:ba:fa:d2:8f:b0:66: 4f:4f:7e:53:93:be:60:60:02:73:7d:3c:01:41:21:2e:c4:b4: 81:d4:f5:e7:ac:65:b3:0b:d6:f5:a7:83:f2:14:7b:61:e6:8f: 36:f2:bb:70:8a:07:13:e5:ac:d8:88:76:06:a2:fc:40:d0:f5: 5b:86:4b:9b:4a:cf:25:81:44:02:40:0e:03:c0:6c:4e:4f:dc: 34:61:29:33:cd:58:fc:39:f2:0d:8a:7e:2c:0e:da:cf:75:c7: b4:71:b7:02:0c:47:66:c9:33:1c:3d:bf:b6:97:40:ed:82:93: 1b:67:be:7d:80:4a:bb:54:49:d1:7d:20:28:38:d5:f6:fa:b8: a9:23:03:ca:8c:1b:3c:8d:0f:01:77:2f:b8:10:4b:30:01:be: 18:0c:b3:50:45:21:55:0f:03:c4:de:5f:08:17:48:ad:ab:32: 6c:67:93:b0:c0:88:db:70:64:26:a1:59:f3:17:83:10:16:22: f6:67:bc:8b:91:0d:70:49:4c:bd:04:7b:79:29:f6:93:56:b5: 75:c5:76:ca:e5:ac:e7:86:35:77:8f:84:7c:03:39:dd:36:7d: 32:52:c5:8d -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBbzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NkI0QjExMC8GA1UEBRMoMkEwMEZENUQ1RUFFRjgxRjMyQjAwQjJFNUM4MkM1RUNE QUMxMjY5MzAeFw0yNTEyMDIwNTM3MTFaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MmU3YjA3LWQ2NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDh4Odi60j3e/iSh7w62SOARwfrIxZxkrN+/QN90q2eJicl6zXXxH92tzP+rm3q mIszxgxRsRSIpHmFi1+p26OlTopdNv1Ei/T1OQjrNQjB7lH1EfoCPnMBNe6ghyDJ KIZymRgD+voZHAo8GtUIrDA8u3u1iT3aUJkEltia6FBieNwm6MdYD1UQjzRqQLtw jfZ4gxGBmA8KmLV+K7CvgpLy0vTd8AFme2cj7sK6zJPa/1J4Uvn4YlntsKG1x7gm K28Ezbnd1CF6HoIU9wl0qlnYuBQUCn4Ql2VEONDNYK6Faa6JxKyOGafRyoRDEL7v fi6nA1mE+A+j6roHy7lWd6nTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUIzgNb44D AUGyLUf8rdTiGlbVYuQwHwYDVR0jBBgwFoAUKgD9XV6u+B8ysAsuXILF7NrBJpMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2QjRCL0JCNDJDMURFMjRD MzExRjA5NkM2ODQ4MUM0RjlBRTAyL0tnRDlYVjZ1LUI4eXNBc3VYSUxGN05yQkpw TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS2dEOVhWNnUtQjh5c0FzdVhJTEY3TnJCSnBNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NkI0Qi9CQjQyQzFERTI0QzMxMUYwOTZDNjg0ODFDNEY5QUUwMi9CM0Y5NUY5QTI0 QzQxMUYwQTRDNDUyODdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAaH4OjANBgkqhkiG9w0BAQsFAAOCAQEASFDd8/UGITTZPOCT g3/jbflQdbZKBClnMhNKbuvAuvrSj7BmT09+U5O+YGACc308AUEhLsS0gdT156xl swvW9aeD8hR7YeaPNvK7cIoHE+Ws2Ih2BqL8QND1W4ZLm0rPJYFEAkAOA8BsTk/c NGEpM81Y/DnyDYp+LA7az3XHtHG3AgxHZskzHD2/tpdA7YKTG2e+fYBKu1RJ0X0g KDjV9vq4qSMDyowbPI0PAXcvuBBLMAG+GAyzUEUhVQ8DxN5fCBdIrasybGeTsMCI 23BkJqFZ8xeDEBYi9me8i5ENcElMvQR7eSn2k1a1dcV2yuWs54Y1d4+EfAM53TZ9 MlLFjQ== -----END CERTIFICATE-----Generated at Wed Dec 3 15:50:51 2025 by rpki-client