This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CDFFB/27E506E6D4EF11EA9A61724AC4F9AE02/CA42E5689FA411EBBC1FFB40C4F9AE02.roa File: CA42E5689FA411EBBC1FFB40C4F9AE02.roa (raw, json) Hash identifier: VQq/UvoPY3PzVTNf+ElhyuCuI9ySZEIWpztRGxnf5R4= Subject key identifier: 00:B6:87:7F:2D:23:21:5F:C3:11:78:02:F2:9D:ED:FC:A3:64:7D:93 Certificate issuer: /CN=A91CDFFB/serialNumber=DEB5639F5847C70DE0FC44BE78424118F8A206C6 Certificate serial: 088E Authority key identifier: DE:B5:63:9F:58:47:C7:0D:E0:FC:44:BE:78:42:41:18:F8:A2:06:C6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3rVjn1hHxw3g_ES-eEJBGPiiBsY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CDFFB/27E506E6D4EF11EA9A61724AC4F9AE02/CA42E5689FA411EBBC1FFB40C4F9AE02.roa Signing time: Fri 12 Dec 2025 17:15:06 +0000 ROA not before: Fri 12 Dec 2025 17:15:06 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 140957 IP address blocks: 103.153.198.0/23 maxlen: 23 103.153.198.0/24 maxlen: 24 103.153.199.0/24 maxlen: 24 2001:df4:5880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CDFFB/27E506E6D4EF11EA9A61724AC4F9AE02/3rVjn1hHxw3g_ES-eEJBGPiiBsY.crl rsync://rpki.apnic.net/member_repository/A91CDFFB/27E506E6D4EF11EA9A61724AC4F9AE02/3rVjn1hHxw3g_ES-eEJBGPiiBsY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3rVjn1hHxw3g_ES-eEJBGPiiBsY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 19:57:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2190 (0x88e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CDFFB, serialNumber=DEB5639F5847C70DE0FC44BE78424118F8A206C6 Validity Not Before: Dec 12 17:15:06 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=693c4d99-c6e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e2:09:b7:42:b9:7d:4f:8d:14:8d:1d:a9:48: 9e:38:88:4b:f2:fe:91:af:9b:80:b6:7e:b7:d0:67: c6:f6:bf:6f:27:29:4d:0f:29:4e:46:41:de:ad:df: f3:39:06:e5:95:bd:c7:86:51:f5:56:ba:32:e7:6a: 2c:f3:97:0b:08:a9:e2:a5:43:24:fc:36:75:67:6e: 78:0b:52:b9:f7:1b:a9:2f:24:6a:21:b9:19:5c:00: 0d:10:21:12:ee:59:77:ec:af:99:4a:87:5f:13:1b: 1a:ef:3b:83:61:63:4b:29:3b:c3:35:6b:37:1e:22: 64:26:81:62:0f:8c:d2:ba:2b:e8:20:04:e9:98:ac: c4:58:28:ed:1b:c2:76:19:3b:c6:9f:83:c5:c9:12: 68:6b:ee:e8:3e:ed:64:94:1a:7b:92:48:51:74:39: 68:20:d2:d9:a2:33:f8:d6:be:87:d4:4e:bd:42:27: 60:64:74:32:1a:d8:7e:d1:b5:4c:e7:94:60:3e:7b: c7:32:ec:f5:41:0a:36:a9:2e:36:0b:e6:f2:65:af: 3c:72:74:38:eb:d0:7c:cc:b6:3a:24:0b:6c:ae:a0: 69:1c:d0:29:de:e6:54:e6:81:64:3b:52:50:c5:49: 82:5d:05:01:6c:28:be:06:7f:f3:62:b8:3b:99:0e: de:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:B6:87:7F:2D:23:21:5F:C3:11:78:02:F2:9D:ED:FC:A3:64:7D:93 X509v3 Authority Key Identifier: keyid:DE:B5:63:9F:58:47:C7:0D:E0:FC:44:BE:78:42:41:18:F8:A2:06:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CDFFB/27E506E6D4EF11EA9A61724AC4F9AE02/3rVjn1hHxw3g_ES-eEJBGPiiBsY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3rVjn1hHxw3g_ES-eEJBGPiiBsY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CDFFB/27E506E6D4EF11EA9A61724AC4F9AE02/CA42E5689FA411EBBC1FFB40C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.153.198.0/23 IPv6: 2001:df4:5880::/48 Signature Algorithm: sha256WithRSAEncryption 7a:9c:86:bb:46:95:b9:36:dd:b4:f3:29:4d:ae:e3:5b:85:4d: e2:81:18:d7:77:38:9b:a9:3e:a5:1c:df:a6:d9:3c:b7:6b:6e: 39:c4:f6:c5:3e:f6:26:a9:36:a3:b6:bb:09:19:b0:06:59:f9: 4c:3d:43:5d:83:73:5f:39:28:30:e6:fc:fb:dc:a8:c8:cc:5a: 39:98:cb:bd:ae:fb:8b:75:f5:90:2a:16:f4:e0:2a:eb:3e:e9: 53:a3:d5:4c:f9:03:0f:14:d8:a6:80:5b:68:9d:46:0a:6c:c0: 0a:f7:72:d6:b6:0d:88:9e:eb:90:8f:e2:28:5a:48:88:de:19: 70:65:d6:a0:f1:0e:89:a7:e3:40:6c:bc:88:5b:eb:92:a3:6b: 15:54:4a:c7:39:15:f4:b3:2a:89:bb:a6:4a:d3:e4:98:ad:b5: fa:1e:ab:41:75:60:f2:90:fd:e1:e3:bb:3d:68:4e:ec:ba:b5: f1:81:0a:ac:f4:a5:56:b9:33:ab:fb:1e:54:0c:66:e8:83:f9: 33:6c:51:11:cd:bd:de:01:70:6c:f5:bc:f1:63:d8:a4:e2:03: 4b:dd:69:1e:99:0e:9f:49:dd:e3:f3:bf:c3:a4:60:07:c6:90: 36:87:d8:51:9f:79:46:22:10:8c:28:df:9b:07:90:74:b3:f6: 51:e2:02:be -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICCI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0RGRkIxMTAvBgNVBAUTKERFQjU2MzlGNTg0N0M3MERFMEZDNDRCRTc4NDI0MTE4 RjhBMjA2QzYwHhcNMjUxMjEyMTcxNTA2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTNjNGQ5OS1jNmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqOIJt0K5fU+NFI0dqUieOIhL8v6Rr5uAtn630GfG9r9vJylNDylORkHerd/z OQbllb3HhlH1Vroy52os85cLCKnipUMk/DZ1Z254C1K59xupLyRqIbkZXAANECES 7ll37K+ZSodfExsa7zuDYWNLKTvDNWs3HiJkJoFiD4zSuivoIATpmKzEWCjtG8J2 GTvGn4PFyRJoa+7oPu1klBp7kkhRdDloINLZojP41r6H1E69QidgZHQyGth+0bVM 55RgPnvHMuz1QQo2qS42C+byZa88cnQ469B8zLY6JAtsrqBpHNAp3uZU5oFkO1JQ xUmCXQUBbCi+Bn/zYrg7mQ7ezQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFAC2h38t IyFfwxF4AvKd7fyjZH2TMB8GA1UdIwQYMBaAFN61Y59YR8cN4PxEvnhCQRj4ogbG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDREZGQi8yN0U1MDZFNkQ0 RUYxMUVBOUE2MTcyNEFDNEY5QUUwMi8zclZqbjFoSHh3M2dfRVMtZUVKQkdQaWlC c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNyVmpuMWhIeHczZ19FUy1lRUpCR1BpaUJzWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0RGRkIvMjdFNTA2RTZENEVGMTFFQTlBNjE3MjRBQzRGOUFFMDIvQ0E0MkU1Njg5 RkE0MTFFQkJDMUZGQjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnmcYwDwQCAAIwCQMHACABDfRYgDANBgkqhkiG9w0BAQsF AAOCAQEAepyGu0aVuTbdtPMpTa7jW4VN4oEY13c4m6k+pRzfptk8t2tuOcT2xT72 Jqk2o7a7CRmwBln5TD1DXYNzXzkoMOb8+9yoyMxaOZjLva77i3X1kCoW9OAq6z7p U6PVTPkDDxTYpoBbaJ1GCmzACvdy1rYNiJ7rkI/iKFpIiN4ZcGXWoPEOiafjQGy8 iFvrkqNrFVRKxzkV9LMqibumStPkmK21+h6rQXVg8pD94eO7PWhO7Lq18YEKrPSl Vrkzq/seVAxm6IP5M2xREc293gFwbPW88WPYpOIDS91pHpkOn0nd4/O/w6RgB8aQ NofYUZ95RiIQjCjfmweQdLP2UeICvg== -----END CERTIFICATE-----Generated at Sun Dec 21 23:02:32 2025 by rpki-client