This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/10DAE05EB04811EABB4AEF61C4F9AE02.roa File: 10DAE05EB04811EABB4AEF61C4F9AE02.roa (raw, json) Hash identifier: X7IQZ58omWK+gIrKdat0h/5c8or0W6ntGEo9z6naCo8= Subject key identifier: 3A:72:BE:2F:B5:F1:14:F5:CF:B4:98:F7:2E:00:0F:2F:B5:84:1F:0E Certificate issuer: /CN=A91CF4FE/serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8 Certificate serial: 35A8 Authority key identifier: 16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/10DAE05EB04811EABB4AEF61C4F9AE02.roa Signing time: Tue 09 Dec 2025 07:25:44 +0000 ROA not before: Tue 09 Dec 2025 07:25:44 +0000 ROA not after: Sat 31 Oct 2026 00:00:00 +0000 asID: 38040 IP address blocks: 45.64.76.0/24 maxlen: 24 45.64.77.0/24 maxlen: 24 45.64.78.0/24 maxlen: 24 45.64.79.0/24 maxlen: 24 103.21.24.0/24 maxlen: 24 103.21.25.0/24 maxlen: 24 103.21.26.0/24 maxlen: 24 103.21.27.0/24 maxlen: 24 180.180.248.0/24 maxlen: 24 180.180.249.0/24 maxlen: 24 180.180.251.0/24 maxlen: 24 180.180.252.0/24 maxlen: 24 180.180.253.0/24 maxlen: 24 180.180.254.0/24 maxlen: 24 180.180.255.0/24 maxlen: 24 203.113.63.0/24 maxlen: 24 203.153.50.0/23 maxlen: 24 203.190.250.0/24 maxlen: 24 203.190.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Dec 2025 14:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13736 (0x35a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF4FE, serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8 Validity Not Before: Dec 9 07:25:44 2025 GMT Not After : Oct 31 00:00:00 2026 GMT Subject: CN=6937cef8-91be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:7b:cb:bb:7d:85:db:a6:7f:6b:8b:49:0c:d3: f2:aa:09:23:8c:d1:fb:7b:22:4d:f7:16:73:d9:69: fc:3d:65:cc:fe:00:17:29:da:27:6f:ef:a9:5a:f6: fe:40:18:ad:e0:9c:1d:d0:cf:e0:94:d8:0c:9e:97: 43:58:32:1e:d6:61:c0:72:f7:c2:90:46:21:52:51: 8f:59:5b:6f:9c:2f:7b:a8:0c:db:e2:bf:e6:47:ec: c9:8b:4c:e5:31:cb:de:e0:f9:b9:b4:0b:20:e8:ed: 27:ef:31:0b:eb:f4:78:75:0c:93:44:67:fc:a2:ec: 56:8a:7e:bc:66:0b:b3:8f:49:c4:b8:03:bd:44:f5: f9:ee:40:c9:7b:54:cc:3e:83:28:41:d0:c0:49:08: 80:1b:e6:1d:96:e8:77:ea:7f:3e:36:66:ae:16:03: e6:47:ee:b5:2b:25:f1:c4:35:0b:32:47:1d:65:f7: 41:9c:37:25:ef:50:e0:c7:99:35:40:a3:56:f0:6c: 4d:dc:51:eb:b0:fb:8f:27:a1:e8:a8:82:d3:31:e5: 7e:ec:2d:bc:27:1f:95:47:ae:df:46:2c:2a:04:35: 43:88:78:d6:75:92:c0:2e:33:90:57:5d:fc:33:5d: 07:5f:01:53:11:71:ca:32:8f:26:f3:d9:07:a2:08: 25:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:72:BE:2F:B5:F1:14:F5:CF:B4:98:F7:2E:00:0F:2F:B5:84:1F:0E X509v3 Authority Key Identifier: keyid:16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/10DAE05EB04811EABB4AEF61C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 45.64.76.0/22 103.21.24.0/22 180.180.248.0/23 180.180.251.0-180.180.255.255 203.113.63.0/24 203.153.50.0/23 203.190.250.0/23 Signature Algorithm: sha256WithRSAEncryption 97:2d:51:37:03:bf:14:d5:10:f2:27:a4:66:bb:12:81:9f:53: a5:9c:08:71:19:92:30:d2:27:4c:b8:d7:72:62:4d:60:fe:c5: ce:55:d2:e8:24:3c:70:9d:de:c7:d1:8c:8b:9a:10:4a:da:98: 51:fe:8d:25:7a:6a:99:54:a3:4a:64:c0:27:7b:9d:4a:ad:23: 38:b6:6c:7f:fb:8b:34:cc:29:29:c8:7c:d3:7f:d8:3f:34:7b: ef:c4:ad:5a:84:d9:d4:da:e2:37:1b:92:30:be:89:ed:47:58: db:59:a1:31:d1:36:ba:ee:d9:b9:e6:32:49:a4:4d:d0:97:e8: ea:13:6e:ad:95:46:80:28:53:25:95:40:e0:c4:f9:7c:f9:af: ba:60:46:d5:fb:e0:07:49:6f:fc:91:8e:7a:5f:25:38:3d:ad: 16:5f:db:c8:76:d4:30:ac:ce:07:1e:cf:bc:e9:47:44:66:3b: 67:9d:f0:f6:0b:5a:cb:89:25:20:7b:5d:8d:10:7c:f1:f4:e0: b7:6d:a0:a2:bf:a2:91:31:41:b2:50:14:66:36:bf:5d:30:34: 1f:8f:30:8b:10:4a:63:00:47:ef:a6:d2:cb:22:bd:bf:10:d6: 2b:6a:bc:b6:a2:83:0e:8b:a0:a6:71:40:ca:a6:ac:83:64:59: d5:fc:88:28 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgICNagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y0RkUxMTAvBgNVBAUTKDE2QjU2NEI3NThERkNENTJDNUNFODkxMTkyRTMxQjcx NUIxQ0JGRTgwHhcNMjUxMjA5MDcyNTQ0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTM3Y2VmOC05MWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvXvLu32F26Z/a4tJDNPyqgkjjNH7eyJN9xZz2Wn8PWXM/gAXKdonb++pWvb+ QBit4Jwd0M/glNgMnpdDWDIe1mHAcvfCkEYhUlGPWVtvnC97qAzb4r/mR+zJi0zl Mcve4Pm5tAsg6O0n7zEL6/R4dQyTRGf8ouxWin68Zguzj0nEuAO9RPX57kDJe1TM PoMoQdDASQiAG+Ydluh36n8+NmauFgPmR+61KyXxxDULMkcdZfdBnDcl71Dgx5k1 QKNW8GxN3FHrsPuPJ6HoqILTMeV+7C28Jx+VR67fRiwqBDVDiHjWdZLALjOQV138 M10HXwFTEXHKMo8m89kHogglNQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFDpyvi+1 8RT1z7SY9y4ADy+1hB8OMB8GA1UdIwQYMBaAFBa1ZLdY381Sxc6JEZLjG3FbHL/o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjRGRS9CQTEzMTI0RTFE ODUxMUUyQTc3OTk5REMwOEIwMkNEMi9GclZrdDFqZnpWTEZ6b2tSa3VNYmNWc2N2 LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZyVmt0MWpmelZMRnpva1JrdU1iY1ZzY3YtZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0Y0RkUvQkExMzEyNEUxRDg1MTFFMkE3Nzk5OURDMDhCMDJDRDIvMTBEQUUwNUVC MDQ4MTFFQUJCNEFFRjYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E OzA5MDcEAgABMDEDBAItQEwDBAJnFRgDBAG0tPgwCwMEALS0+wMDALS0AwQAy3E/ AwQBy5kyAwQBy776MA0GCSqGSIb3DQEBCwUAA4IBAQCXLVE3A78U1RDyJ6RmuxKB n1OlnAhxGZIw0idMuNdyYk1g/sXOVdLoJDxwnd7H0YyLmhBK2phR/o0lemqZVKNK ZMAne51KrSM4tmx/+4s0zCkpyHzTf9g/NHvvxK1ahNnU2uI3G5IwvontR1jbWaEx 0Ta67tm55jJJpE3Ql+jqE26tlUaAKFMllUDgxPl8+a+6YEbV++AHSW/8kY56XyU4 Pa0WX9vIdtQwrM4HHs+86UdEZjtnnfD2C1rLiSUge12NEHzx9OC3baCiv6KRMUGy UBRmNr9dMDQfjzCLEEpjAEfvptLLIr2/ENYrary2ooMOi6CmcUDKpqyDZFnV/Igo -----END CERTIFICATE-----Generated at Fri Dec 12 15:47:09 2025 by rpki-client