This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa File: 10BBF6CEB2E711EB8A61B44EC4F9AE02.roa (raw, json) Hash identifier: 60Txo6gAZcJLQXsyFOEwAUgH1sTvvk2S/lm7zu2sz3U= Subject key identifier: A9:E5:3E:30:1A:99:68:4B:86:1F:B5:46:F6:B7:C7:DD:44:02:02:33 Certificate issuer: /CN=A91B777C/serialNumber=7EBB3B41C97F3313FAE781EF63323C4AF62B8FB7 Certificate serial: 0655 Authority key identifier: 7E:BB:3B:41:C9:7F:33:13:FA:E7:81:EF:63:32:3C:4A:F6:2B:8F:B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa Signing time: Sat 06 Dec 2025 21:35:26 +0000 ROA not before: Sat 06 Dec 2025 21:35:26 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 133847 IP address blocks: 43.224.88.0/22 maxlen: 24 43.242.108.0/22 maxlen: 24 103.12.60.0/22 maxlen: 24 103.38.20.0/22 maxlen: 24 103.43.108.0/22 maxlen: 24 103.199.148.0/22 maxlen: 24 103.207.72.0/22 maxlen: 24 137.59.80.0/22 maxlen: 24 210.16.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.crl rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Dec 2025 21:50:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1621 (0x655) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B777C, serialNumber=7EBB3B41C97F3313FAE781EF63323C4AF62B8FB7 Validity Not Before: Dec 6 21:35:26 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=6934a19e-11d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ca:ee:87:4f:e8:2f:20:48:ef:80:c8:7d:51: 8f:16:4d:f4:f4:d1:6f:80:ca:79:32:5f:de:d7:78: 9f:a0:3e:50:58:77:88:ab:4f:a0:85:b9:05:f4:2d: a6:da:f6:0f:af:be:6a:de:6b:73:54:81:5b:72:dd: 57:70:be:7c:6a:c0:10:b9:b9:cc:a3:cb:1a:cc:28: e4:45:fe:dc:3d:fc:d4:43:c3:20:26:1f:56:26:a9: c8:89:49:b2:d4:2b:e9:d0:38:ed:e5:56:20:56:5b: de:07:30:00:1e:f7:c4:76:ba:db:55:e3:ff:77:52: ca:78:9a:41:9d:fd:15:69:a0:5c:48:67:94:e8:19: 2c:13:29:9a:60:ea:2f:66:ad:d8:15:a4:53:80:7c: 5c:d8:b6:1c:0e:6b:64:da:fa:06:43:d1:6b:fd:5d: d4:bd:dd:9e:9c:2d:01:2a:49:5f:24:71:56:e6:f7: 54:df:88:d3:c5:de:fb:19:24:64:18:e5:ab:4b:ee: 49:f3:d8:8b:6e:ca:1e:2c:96:77:86:d8:22:5f:07: df:b9:35:2a:c8:63:3d:2e:cd:68:b5:f8:3f:19:c0: ea:b5:76:2e:7c:2c:e7:f8:bb:f3:22:9e:b1:f3:f4: 8c:23:9e:b8:b0:70:67:a3:3c:a7:ea:b3:49:b1:be: a0:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:E5:3E:30:1A:99:68:4B:86:1F:B5:46:F6:B7:C7:DD:44:02:02:33 X509v3 Authority Key Identifier: keyid:7E:BB:3B:41:C9:7F:33:13:FA:E7:81:EF:63:32:3C:4A:F6:2B:8F:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/frs7Qcl_MxP654HvYzI8SvYrj7c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/frs7Qcl_MxP654HvYzI8SvYrj7c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B777C/6CD8133CB2DA11EB8B384A60C4F9AE02/10BBF6CEB2E711EB8A61B44EC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 43.224.88.0/22 43.242.108.0/22 103.12.60.0/22 103.38.20.0/22 103.43.108.0/22 103.199.148.0/22 103.207.72.0/22 137.59.80.0/22 210.16.124.0/22 Signature Algorithm: sha256WithRSAEncryption 07:5e:3d:e8:77:03:f3:51:96:02:94:40:64:ba:cd:a1:ee:49: 98:0b:2c:5f:7f:d5:2e:c4:82:cc:f0:6c:3d:06:03:25:7d:69: 34:16:c6:5a:d6:aa:8b:d4:f6:46:e0:c2:e5:85:51:dc:e1:60: e6:c6:0c:2c:d8:b7:df:1a:69:65:6f:e8:77:2e:3c:71:99:55: dd:f4:a0:53:02:29:f5:18:66:99:a3:dc:f4:fd:05:01:c4:02: 6e:c1:da:7b:d7:3e:fe:c4:f3:d5:9b:59:39:38:cd:5f:ce:7e: 7c:bd:14:e3:a5:53:d2:f2:90:2d:94:ff:3d:62:76:df:d9:61: 15:0b:6b:cc:5d:de:47:6c:1c:59:41:69:99:82:e5:14:b5:40: 4b:4a:9d:83:43:36:f6:ce:90:bf:46:ac:ba:4b:8b:bf:0d:30: 32:ba:a9:9b:18:fe:5e:4b:7f:28:dd:cd:99:43:88:57:aa:7b: a1:56:25:26:74:e0:3a:89:fb:ba:62:f1:74:18:c2:f1:1a:d5: 04:00:45:6f:eb:8a:29:89:a8:84:ed:e9:d3:52:1f:7b:a0:01: 93:fa:be:f3:7f:4c:c0:c3:4e:ee:74:8b:3d:2c:16:55:39:65: c5:63:16:6d:50:0d:7b:2c:c0:6e:1f:0a:3c:ed:09:51:ee:4a: 33:fb:c4:07 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgICBlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc3N0MxMTAvBgNVBAUTKDdFQkIzQjQxQzk3RjMzMTNGQUU3ODFFRjYzMzIzQzRB RjYyQjhGQjcwHhcNMjUxMjA2MjEzNTI2WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OTM0YTE5ZS0xMWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArsruh0/oLyBI74DIfVGPFk309NFvgMp5Ml/e13ifoD5QWHeIq0+ghbkF9C2m 2vYPr75q3mtzVIFbct1XcL58asAQubnMo8sazCjkRf7cPfzUQ8MgJh9WJqnIiUmy 1Cvp0Djt5VYgVlveBzAAHvfEdrrbVeP/d1LKeJpBnf0VaaBcSGeU6BksEymaYOov Zq3YFaRTgHxc2LYcDmtk2voGQ9Fr/V3Uvd2enC0BKklfJHFW5vdU34jTxd77GSRk GOWrS+5J89iLbsoeLJZ3htgiXwffuTUqyGM9Ls1otfg/GcDqtXYufCzn+LvzIp6x 8/SMI564sHBnozyn6rNJsb6gRQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFKnlPjAa mWhLhh+1Rva3x91EAgIzMB8GA1UdIwQYMBaAFH67O0HJfzMT+ueB72MyPEr2K4+3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3Qy82Q0Q4MTMzQ0Iy REExMUVCOEIzODRBNjBDNEY5QUUwMi9mcnM3UWNsX014UDY1NEh2WXpJOFN2WXJq N2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZyczdRY2xfTXhQNjU0SHZZekk4U3ZZcmo3Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qjc3N0MvNkNEODEzM0NCMkRBMTFFQjhCMzg0QTYwQzRGOUFFMDIvMTBCQkY2Q0VC MkU3MTFFQjhBNjFCNDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E QDA+MDwEAgABMDYDBAIr4FgDBAIr8mwDBAJnDDwDBAJnJhQDBAJnK2wDBAJnx5QD BAJnz0gDBAKJO1ADBALSEHwwDQYJKoZIhvcNAQELBQADggEBAAdePeh3A/NRlgKU QGS6zaHuSZgLLF9/1S7EgszwbD0GAyV9aTQWxlrWqovU9kbgwuWFUdzhYObGDCzY t98aaWVv6HcuPHGZVd30oFMCKfUYZpmj3PT9BQHEAm7B2nvXPv7E89WbWTk4zV/O fny9FOOlU9LykC2U/z1idt/ZYRULa8xd3kdsHFlBaZmC5RS1QEtKnYNDNvbOkL9G rLpLi78NMDK6qZsY/l5LfyjdzZlDiFeqe6FWJSZ04DqJ+7pi8XQYwvEa1QQARW/r iimJqITt6dNSH3ugAZP6vvN/TMDDTu50iz0sFlU5ZcVjFm1QDXsswG4fCjztCVHu SjP7xAc= -----END CERTIFICATE-----Generated at Wed Dec 24 15:41:53 2025 by rpki-client