This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C78A7/FAE96C4AB62011F0A749211FC4F9AE02/886DFB52BE4711F0A5FBDC5FC4F9AE02.roa File: 886DFB52BE4711F0A5FBDC5FC4F9AE02.roa (raw, json) Hash identifier: ypcepGzARLWbouWGE3k73Jk0jJnQAUjY1dbnZc9nuLY= Subject key identifier: AB:D7:39:DF:EE:90:56:B2:7E:B2:03:B3:54:78:D7:8D:77:24:A9:A1 Certificate issuer: /CN=A91C78A7/serialNumber=1C5968586CB4C7E283F1419F5850468EDA559682 Certificate serial: 13 Authority key identifier: 1C:59:68:58:6C:B4:C7:E2:83:F1:41:9F:58:50:46:8E:DA:55:96:82 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HFloWGy0x-KD8UGfWFBGjtpVloI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C78A7/FAE96C4AB62011F0A749211FC4F9AE02/886DFB52BE4711F0A5FBDC5FC4F9AE02.roa Signing time: Mon 10 Nov 2025 15:11:29 +0000 ROA not before: Mon 10 Nov 2025 15:11:29 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 154332 IP address blocks: 138.252.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C78A7/FAE96C4AB62011F0A749211FC4F9AE02/HFloWGy0x-KD8UGfWFBGjtpVloI.crl rsync://rpki.apnic.net/member_repository/A91C78A7/FAE96C4AB62011F0A749211FC4F9AE02/HFloWGy0x-KD8UGfWFBGjtpVloI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HFloWGy0x-KD8UGfWFBGjtpVloI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 06:04:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19 (0x13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C78A7, serialNumber=1C5968586CB4C7E283F1419F5850468EDA559682 Validity Not Before: Nov 10 15:11:29 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=691200a1-4bff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:bb:04:34:39:60:c5:f2:7b:34:6d:e1:9d:df: aa:5c:c8:72:2f:91:14:b0:7b:5e:3e:ad:7a:5c:e8: 33:92:95:4d:5f:2f:f3:f0:e6:3c:d3:e2:d4:39:14: 36:94:09:01:89:8f:a1:9f:5e:2e:75:de:1f:1c:a2: 71:ef:cf:7e:b3:26:83:0b:c4:30:7a:64:61:4f:62: bb:fe:7e:6d:9c:7a:20:c5:b4:74:ff:3c:97:54:30: c4:d2:5b:11:ef:3d:63:6a:7a:3b:15:27:a1:f7:08: b6:f5:74:ec:7a:68:5f:3d:a7:5a:d8:53:87:71:f1: 2e:31:a3:e7:96:c7:5f:44:83:d7:ea:ff:29:62:bb: 9f:b4:51:e7:6d:55:a6:c7:a0:ae:e3:3b:bd:ac:d1: 3b:68:7b:a6:b4:2c:58:d2:3c:8c:7a:ac:12:44:79: f6:6a:e4:24:df:f6:a8:4d:08:ac:fd:b3:f3:0e:fb: 76:92:ae:b4:60:ec:63:a5:a2:c4:c0:8d:a9:2f:2c: 5f:1b:86:cc:84:00:13:59:60:44:2e:9a:58:83:27: 10:9d:e9:a2:73:56:0f:53:34:d6:e5:ae:d8:0e:f6: cd:64:bf:f7:15:49:e5:ec:30:2c:5d:3b:56:00:0c: e8:35:32:6c:ba:94:41:b6:2b:6e:fb:65:42:dd:02: 14:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:D7:39:DF:EE:90:56:B2:7E:B2:03:B3:54:78:D7:8D:77:24:A9:A1 X509v3 Authority Key Identifier: keyid:1C:59:68:58:6C:B4:C7:E2:83:F1:41:9F:58:50:46:8E:DA:55:96:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C78A7/FAE96C4AB62011F0A749211FC4F9AE02/HFloWGy0x-KD8UGfWFBGjtpVloI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HFloWGy0x-KD8UGfWFBGjtpVloI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C78A7/FAE96C4AB62011F0A749211FC4F9AE02/886DFB52BE4711F0A5FBDC5FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 138.252.120.0/24 Signature Algorithm: sha256WithRSAEncryption b4:f0:7a:44:ae:05:58:6c:0a:2e:fa:e4:8a:1d:ed:3c:17:f7: 7c:36:38:8c:87:5c:55:ed:db:6d:fe:e8:3a:bc:c3:ba:08:a5: 9f:05:59:47:79:3b:1e:6b:db:7d:e3:be:6a:3f:83:20:1b:33: 28:08:4c:35:2a:25:52:e8:dd:d2:79:e3:86:c8:13:8c:a0:88: ef:05:ff:d0:35:50:14:5f:b1:71:99:12:31:1a:0d:04:23:65: 6e:d6:14:48:b9:27:d3:d9:28:1b:f2:5e:5d:1f:b8:a0:16:60: 41:18:e9:d5:74:4c:88:24:01:1e:12:b1:04:f7:46:6c:be:97: 03:47:b0:97:28:e3:f3:d1:25:f0:b1:6a:64:51:3c:dd:13:a6: bd:86:85:82:43:03:6a:91:e3:db:28:e9:d0:6c:79:96:9a:12: ac:30:9e:ed:9e:44:94:d8:61:72:6f:00:16:89:99:66:cf:95: 81:dc:17:ca:bf:de:ef:90:fa:a0:0b:d4:bd:7a:76:f8:9d:f3: b4:20:bf:88:b5:be:6a:44:2b:59:d6:4c:51:de:b3:59:2f:e7: b7:3b:f0:6d:ec:06:89:79:2f:72:eb:da:30:50:ab:a7:bb:6e: 26:2a:e9:47:38:72:7b:e1:da:fa:5d:34:f0:84:44:35:54:b8: bf:4e:04:c7 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NzhBNzExMC8GA1UEBRMoMUM1OTY4NTg2Q0I0QzdFMjgzRjE0MTlGNTg1MDQ2OEVE QTU1OTY4MjAeFw0yNTExMTAxNTExMjlaFw0yNzAxMzEwMDAwMDBaMBgxFjAUBgNV BAMTDTY5MTIwMGExLTRiZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDPuwQ0OWDF8ns0beGd36pcyHIvkRSwe14+rXpc6DOSlU1fL/Pw5jzT4tQ5FDaU CQGJj6GfXi513h8conHvz36zJoMLxDB6ZGFPYrv+fm2ceiDFtHT/PJdUMMTSWxHv PWNqejsVJ6H3CLb1dOx6aF89p1rYU4dx8S4xo+eWx19Eg9fq/yliu5+0UedtVabH oK7jO72s0Ttoe6a0LFjSPIx6rBJEefZq5CTf9qhNCKz9s/MO+3aSrrRg7GOlosTA jakvLF8bhsyEABNZYEQumliDJxCd6aJzVg9TNNblrtgO9s1kv/cVSeXsMCxdO1YA DOg1Mmy6lEG2K277ZULdAhQLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUq9c53+6Q VrJ+sgOzVHjXjXckqaEwHwYDVR0jBBgwFoAUHFloWGy0x+KD8UGfWFBGjtpVloIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3OEE3L0ZBRTk2QzRBQjYy MDExRjBBNzQ5MjExRkM0RjlBRTAyL0hGbG9XR3kweC1LRDhVR2ZXRkJHanRwVmxv SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSEZsb1dHeTB4LUtEOFVHZldGQkdqdHBWbG9JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NzhBNy9GQUU5NkM0QUI2MjAxMUYwQTc0OTIxMUZDNEY5QUUwMi84ODZERkI1MkJF NDcxMUYwQTVGQkRDNUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAIr8eDANBgkqhkiG9w0BAQsFAAOCAQEAtPB6RK4FWGwKLvrk ih3tPBf3fDY4jIdcVe3bbf7oOrzDugilnwVZR3k7HmvbfeO+aj+DIBszKAhMNSol Uujd0nnjhsgTjKCI7wX/0DVQFF+xcZkSMRoNBCNlbtYUSLkn09koG/JeXR+4oBZg QRjp1XRMiCQBHhKxBPdGbL6XA0ewlyjj89El8LFqZFE83ROmvYaFgkMDapHj2yjp 0Gx5lpoSrDCe7Z5ElNhhcm8AFomZZs+VgdwXyr/e75D6oAvUvXp2+J3ztCC/iLW+ akQrWdZMUd6zWS/ntzvwbewGiXkvcuvaMFCrp7tuJirpRzhye+Ha+l008IRENVS4 v04Exw== -----END CERTIFICATE-----Generated at Wed Dec 3 14:53:46 2025 by rpki-client