This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8AC8/E12D1052B13C11EFAAF9D731C4F9AE02/8FFA61D4B13D11EF9EFDE433C4F9AE02.roa File: 8FFA61D4B13D11EF9EFDE433C4F9AE02.roa (raw, json) Hash identifier: mPI5ywgBpJVHp6qMyDhLPQTq5BHSRgSzfIFhq7PDKqw= Subject key identifier: 94:9E:C5:55:7B:BB:3E:37:80:DD:54:FD:2E:57:B7:F9:63:EE:EC:15 Certificate issuer: /CN=A91B8AC8/serialNumber=E4C589B893D27289CF846DF05ADFB596036428FD Certificate serial: CA Authority key identifier: E4:C5:89:B8:93:D2:72:89:CF:84:6D:F0:5A:DF:B5:96:03:64:28:FD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5MWJuJPSconPhG3wWt-1lgNkKP0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B8AC8/E12D1052B13C11EFAAF9D731C4F9AE02/8FFA61D4B13D11EF9EFDE433C4F9AE02.roa Signing time: Mon 15 Dec 2025 05:25:15 +0000 ROA not before: Mon 15 Dec 2025 05:25:15 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 9433 IP address blocks: 130.123.0.0/16 maxlen: 16 130.123.96.0/22 maxlen: 22 130.123.104.0/23 maxlen: 23 130.123.108.0/23 maxlen: 23 130.123.128.0/18 maxlen: 18 130.123.128.0/23 maxlen: 23 130.123.192.0/19 maxlen: 19 130.123.224.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B8AC8/E12D1052B13C11EFAAF9D731C4F9AE02/5MWJuJPSconPhG3wWt-1lgNkKP0.crl rsync://rpki.apnic.net/member_repository/A91B8AC8/E12D1052B13C11EFAAF9D731C4F9AE02/5MWJuJPSconPhG3wWt-1lgNkKP0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5MWJuJPSconPhG3wWt-1lgNkKP0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 04:49:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 202 (0xca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B8AC8, serialNumber=E4C589B893D27289CF846DF05ADFB596036428FD Validity Not Before: Dec 15 05:25:15 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=693f9bbb-15ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:32:dd:39:0c:c8:7b:38:48:e5:7a:04:41:8d: 27:53:01:92:86:9d:a2:eb:15:de:76:83:5a:12:26: 59:b6:45:12:93:b2:94:77:70:1b:91:a2:cd:e8:0b: ab:55:f4:7c:8a:66:b6:ec:ab:7e:b6:2c:e7:41:bc: 50:d5:be:fb:19:b9:35:85:8c:77:ff:29:5f:26:0a: 20:ba:5e:11:95:bc:b3:21:a3:32:fc:4b:50:3d:2b: 2e:0e:5c:e6:b2:d7:06:7d:d1:20:29:b9:b0:84:a6: 9e:0c:bb:77:62:66:2f:67:be:bb:45:07:63:9b:8f: df:6b:5e:0a:80:5e:6a:10:f7:80:f6:e5:b2:5e:5e: 97:18:c9:8e:92:cb:8f:65:a5:52:67:1e:60:94:57: 26:16:c2:fe:66:bc:ee:df:48:8b:47:82:19:46:d5: 4e:8a:40:1c:88:c0:d3:d0:2c:89:a2:1c:f2:c3:44: 79:80:05:e4:58:4b:cc:35:b0:ab:dc:11:1f:eb:fc: b5:05:7d:41:51:30:4d:f0:f2:77:df:f5:29:2a:c0: 91:ab:e4:96:50:5d:ab:43:46:58:51:75:5f:f0:5b: b5:6e:60:d6:eb:a1:c2:32:60:fe:b9:c2:49:40:01: b8:b2:82:6d:87:97:0c:ef:c3:ba:2b:93:cf:04:6c: 39:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:9E:C5:55:7B:BB:3E:37:80:DD:54:FD:2E:57:B7:F9:63:EE:EC:15 X509v3 Authority Key Identifier: keyid:E4:C5:89:B8:93:D2:72:89:CF:84:6D:F0:5A:DF:B5:96:03:64:28:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B8AC8/E12D1052B13C11EFAAF9D731C4F9AE02/5MWJuJPSconPhG3wWt-1lgNkKP0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5MWJuJPSconPhG3wWt-1lgNkKP0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8AC8/E12D1052B13C11EFAAF9D731C4F9AE02/8FFA61D4B13D11EF9EFDE433C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 130.123.0.0/16 Signature Algorithm: sha256WithRSAEncryption 9d:ef:b1:16:4e:f8:60:4e:9d:b5:46:5b:99:fb:64:1e:13:fe: 62:67:a0:50:75:21:fd:dd:fd:f9:6a:68:d0:fc:e7:06:ca:e2: 46:78:02:41:fd:4f:fa:02:89:d1:04:c2:82:b1:d7:52:5f:78: f2:97:d8:e9:98:51:80:c7:44:3e:ce:6c:99:76:3e:d5:14:24: 20:55:ac:2f:dd:3c:27:e3:a2:a7:9b:81:36:1a:19:4c:51:7a: 3e:8a:46:7b:0d:dd:61:11:68:b1:d2:9e:f1:56:40:c1:80:17: ce:67:af:79:43:e7:f2:91:1e:83:3f:2a:ef:57:2d:3e:c0:54: ee:b5:19:be:b1:44:b3:3e:46:ed:51:6f:9f:2f:4a:63:7f:72: b9:ba:46:43:93:3c:1a:6f:5e:f4:c9:25:a1:58:b6:a5:f1:57: e3:bc:5c:8d:ce:3c:42:e0:18:c3:8a:a8:5e:de:84:62:ec:08: a8:0e:69:b6:a1:7b:22:00:c0:ea:51:d8:2e:72:3e:b6:fc:f1: c2:c7:71:2b:31:e1:e1:7f:fc:2e:12:30:00:a7:c7:03:44:c8: da:26:b6:23:de:30:21:fd:fb:d8:0c:09:48:34:5a:53:ad:48: 81:a6:7f:31:23:b8:09:ef:51:2a:e4:03:d4:f3:b6:ff:26:78: 20:65:40:88 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjhBQzgxMTAvBgNVBAUTKEU0QzU4OUI4OTNEMjcyODlDRjg0NkRGMDVBREZCNTk2 MDM2NDI4RkQwHhcNMjUxMjE1MDUyNTE1WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDDA02OTNmOWJiYi0xNWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyDLdOQzIezhI5XoEQY0nUwGShp2i6xXedoNaEiZZtkUSk7KUd3AbkaLN6Aur VfR8ima27Kt+tiznQbxQ1b77Gbk1hYx3/ylfJgogul4RlbyzIaMy/EtQPSsuDlzm stcGfdEgKbmwhKaeDLt3YmYvZ767RQdjm4/fa14KgF5qEPeA9uWyXl6XGMmOksuP ZaVSZx5glFcmFsL+Zrzu30iLR4IZRtVOikAciMDT0CyJohzyw0R5gAXkWEvMNbCr 3BEf6/y1BX1BUTBN8PJ33/UpKsCRq+SWUF2rQ0ZYUXVf8Fu1bmDW66HCMmD+ucJJ QAG4soJth5cM78O6K5PPBGw5OQIDAQABo4IClDCCApAwHQYDVR0OBBYEFJSexVV7 uz43gN1U/S5Xt/lj7uwVMB8GA1UdIwQYMBaAFOTFibiT0nKJz4Rt8FrftZYDZCj9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOEFDOC9FMTJEMTA1MkIx M0MxMUVGQUFGOUQ3MzFDNEY5QUUwMi81TVdKdUpQU2NvblBoRzN3V3QtMWxnTmtL UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVNV0p1SlBTY29uUGhHM3dXdC0xbGdOa0tQMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QjhBQzgvRTEyRDEwNTJCMTNDMTFFRkFBRjlENzMxQzRGOUFFMDIvOEZGQTYxRDRC MTNEMTFFRjlFRkRFNDMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E DzANMAsEAgABMAUDAwCCezANBgkqhkiG9w0BAQsFAAOCAQEAne+xFk74YE6dtUZb mftkHhP+YmegUHUh/d39+Wpo0PznBsriRngCQf1P+gKJ0QTCgrHXUl948pfY6ZhR gMdEPs5smXY+1RQkIFWsL908J+Oip5uBNhoZTFF6PopGew3dYRFosdKe8VZAwYAX zmeveUPn8pEegz8q71ctPsBU7rUZvrFEsz5G7VFvny9KY39yubpGQ5M8Gm9e9Mkl oVi2pfFX47xcjc48QuAYw4qoXt6EYuwIqA5ptqF7IgDA6lHYLnI+tvzxwsdxKzHh 4X/8LhIwAKfHA0TI2ia2I94wIf372AwJSDRaU61IgaZ/MSO4Ce9RKuQD1PO2/yZ4 IGVAiA== -----END CERTIFICATE-----Generated at Tue Dec 23 12:56:57 2025 by rpki-client