This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/21B96F2E7BC911EBABCF472DC4F9AE02.roa File: 21B96F2E7BC911EBABCF472DC4F9AE02.roa (raw, json) Hash identifier: NqIb0O8e2GCcDz67+/QlLTVfXxW0NeRvUXG1KEKM7SI= Subject key identifier: D1:79:0F:BA:EE:82:C9:7E:B0:4C:F3:1B:81:C7:D3:19:D6:7B:F0:6D Certificate issuer: /CN=A91CB8BA/serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Certificate serial: 0858 Authority key identifier: 83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/21B96F2E7BC911EBABCF472DC4F9AE02.roa Signing time: Mon 12 Jan 2026 20:16:40 +0000 ROA not before: Mon 12 Jan 2026 20:16:40 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 137280 IP address blocks: 213.255.228.0/23 maxlen: 23 213.255.230.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 19:41:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2136 (0x858) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB8BA, serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Validity Not Before: Jan 12 20:16:40 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=696556a8-6921 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c3:7b:1a:b9:f1:d0:7a:fc:79:8f:fc:21:1e: 53:f5:9d:20:50:77:ae:e4:d9:72:12:a1:fe:1e:08: 3b:e7:16:d3:ea:f0:65:22:3f:1c:ff:73:00:12:76: a4:31:45:50:3a:86:cb:3d:fe:e2:b8:ac:86:8a:b6: 0b:3f:a3:c5:20:0b:86:38:6e:9e:5b:be:c1:fa:4a: 75:50:38:52:73:49:83:06:63:0c:9b:bb:7e:ba:a9: ee:c0:38:13:4f:a9:d4:7d:88:b3:a7:cc:85:bc:61: 6e:14:f0:9d:24:cf:0c:b3:4c:eb:21:1f:a7:89:e4: d4:0b:d8:80:1b:47:de:04:79:76:60:79:fa:b9:61: f9:13:5a:64:62:d8:db:fc:a0:ad:08:7e:a0:41:45: 93:11:54:57:77:dc:ab:ce:76:00:2e:bc:e4:29:aa: 36:01:40:26:a2:09:75:43:b0:61:e2:e9:fb:49:bb: 51:21:6b:08:ea:8c:5c:41:62:a3:a3:67:29:cb:2d: 59:36:33:ed:94:d0:6c:86:31:fe:4e:42:17:d6:f8: d8:70:04:9d:4a:2d:ee:e6:19:24:23:56:45:d7:b6: 5c:53:25:6c:0f:b8:28:cb:ed:8f:e7:fe:9c:a9:5b: 81:c0:62:20:74:c0:1c:1c:ca:ba:37:7f:8d:cd:96: ff:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:79:0F:BA:EE:82:C9:7E:B0:4C:F3:1B:81:C7:D3:19:D6:7B:F0:6D X509v3 Authority Key Identifier: keyid:83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/21B96F2E7BC911EBABCF472DC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 213.255.228.0-213.255.230.255 Signature Algorithm: sha256WithRSAEncryption 17:3d:ac:33:d9:4c:c7:e4:3f:43:f3:58:23:37:a1:42:25:c7: 9c:55:32:76:2e:2e:0c:cb:cd:0b:1e:ec:f4:b9:0d:d5:6c:36: b8:3b:26:7e:cb:93:93:c7:4b:d6:93:e4:09:03:46:da:c0:f1: e4:55:1d:78:f5:e6:fd:1d:da:d1:f9:6f:aa:ba:3c:0b:b2:93: 9a:ba:8b:5d:f9:81:d3:a6:7f:f5:b2:c5:1a:7a:fe:db:3a:b3: 29:7e:e9:d5:ea:ba:31:94:16:84:a0:a2:bc:1a:d0:48:15:5b: 1c:f2:43:0c:90:ee:e8:8e:13:ab:80:e4:12:54:1e:f1:34:b7: 3d:fa:59:ab:09:d1:be:39:a1:bb:6f:05:ad:e8:24:4a:30:b3: e8:58:31:9c:c5:ed:dc:39:39:a7:bc:16:c2:06:38:04:e0:48: 3d:49:bc:b1:c9:37:a7:19:b0:c1:30:29:d8:99:07:bd:a3:b0: f3:3f:6d:d0:04:85:39:ba:21:eb:02:11:1b:e5:2c:d8:20:ac: 47:6a:92:98:1c:31:41:e4:fc:84:b3:16:98:d0:f9:bb:b6:87: e6:23:08:f7:6d:33:2b:4e:ba:95:f4:38:9d:44:31:43:96:ef: 25:ac:30:a3:3c:27:12:ed:a5:97:e3:81:80:9f:98:ae:88:09: d8:b7:74:56 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgICCFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx Q0I4QkExMTAvBgNVBAUTKDgzODJGNjE4OEM0QTZERDY2OTU0RDU3MThBM0Q5Q0NG OUI4QkY4OTUwHhcNMjYwMTEyMjAxNjQwWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTY1NTZhOC02OTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv8N7Grnx0Hr8eY/8IR5T9Z0gUHeu5NlyEqH+Hgg75xbT6vBlIj8c/3MAEnak MUVQOobLPf7iuKyGirYLP6PFIAuGOG6eW77B+kp1UDhSc0mDBmMMm7t+uqnuwDgT T6nUfYizp8yFvGFuFPCdJM8Ms0zrIR+nieTUC9iAG0feBHl2YHn6uWH5E1pkYtjb /KCtCH6gQUWTEVRXd9yrznYALrzkKao2AUAmogl1Q7Bh4un7SbtRIWsI6oxcQWKj o2cpyy1ZNjPtlNBshjH+TkIX1vjYcASdSi3u5hkkI1ZF17ZcUyVsD7goy+2P5/6c qVuBwGIgdMAcHMq6N3+NzZb/DQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFNF5D7ru gsl+sEzzG4HH0xnWe/BtMB8GA1UdIwQYMBaAFIOC9hiMSm3WaVTVcYo9nM+bi/iV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjhCQS8yNTEwQjRFNkYw RkMxMUVBQjk4NUZBNUZDNEY5QUUwMi9nNEwyR0l4S2JkWnBWTlZ4aWoyY3o1dUwt SlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2c0TDJHSXhLYmRacFZOVnhpajJjejV1TC1KVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0I4QkEvMjUxMEI0RTZGMEZDMTFFQUI5ODVGQTVGQzRGOUFFMDIvMjFCOTZGMkU3 QkM5MTFFQkFCQ0Y0NzJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E GDAWMBQEAgABMA4wDAMEAtX/5AMEANX/5jANBgkqhkiG9w0BAQsFAAOCAQEAFz2s M9lMx+Q/Q/NYIzehQiXHnFUydi4uDMvNCx7s9LkN1Ww2uDsmfsuTk8dL1pPkCQNG 2sDx5FUdePXm/R3a0flvqro8C7KTmrqLXfmB06Z/9bLFGnr+2zqzKX7p1eq6MZQW hKCivBrQSBVbHPJDDJDu6I4Tq4DkElQe8TS3PfpZqwnRvjmhu28FregkSjCz6Fgx nMXt3Dk5p7wWwgY4BOBIPUm8sck3pxmwwTAp2JkHvaOw8z9t0ASFOboh6wIRG+Us 2CCsR2qSmBwxQeT8hLMWmND5u7aH5iMI920zK066lfQ4nUQxQ5bvJawwozwnEu2l l+OBgJ+YrogJ2Ld0Vg== -----END CERTIFICATE-----Generated at Wed Jan 21 09:25:37 2026 by rpki-client