This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/27F85F401B0811EEA3313C43C4F9AE02.roa File: 27F85F401B0811EEA3313C43C4F9AE02.roa (raw, json) Hash identifier: byPMgbXff457sUSfXnlAKoKIrmpdSVkZ07eO7y9x0lY= Subject key identifier: 8C:74:2D:9A:39:ED:1F:DD:63:98:7D:AA:B1:ED:5B:96:A1:A7:F3:A9 Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8 Certificate serial: 0FB5 Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/27F85F401B0811EEA3313C43C4F9AE02.roa Signing time: Wed 14 Jan 2026 18:15:17 +0000 ROA not before: Wed 14 Jan 2026 18:15:16 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 7468 IP address blocks: 202.64.110.0/24 maxlen: 24 220.232.132.0/24 maxlen: 24 220.232.133.0/24 maxlen: 24 220.232.134.0/24 maxlen: 24 220.232.156.0/24 maxlen: 24 220.232.157.0/24 maxlen: 24 220.232.159.0/24 maxlen: 24 220.232.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 17:34:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4021 (0xfb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0, serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8 Validity Not Before: Jan 14 18:15:16 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=6967dd34-f0ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b6:d1:0c:82:7f:98:7c:4c:96:0f:c2:66:02: 72:6b:d8:07:80:30:96:84:18:0f:73:9e:4f:00:62: dd:83:65:be:21:69:6c:d5:c7:b4:81:21:a6:57:eb: c8:e5:fd:81:96:4f:b2:a1:4c:7b:56:59:a6:09:6b: 22:e9:95:4e:92:c7:ff:76:e7:fe:5f:4c:8c:08:39: 3b:17:09:c3:1b:71:e5:15:7f:bd:7a:fa:f2:bb:b6: e4:74:9e:01:1d:38:52:56:29:77:7a:1d:52:d4:2c: 7d:3b:84:d1:d8:a9:98:5e:b4:c7:a8:35:cd:16:5c: 4b:e7:3a:02:d5:4a:67:d8:99:2f:c3:0a:5b:07:a0: 9c:29:6c:c4:6e:fb:4e:d6:18:bf:56:46:05:12:e1: 85:22:35:b1:82:67:34:5f:7c:ea:76:bc:16:14:cc: 28:70:12:f8:f7:e1:89:73:62:20:fe:c0:bc:8d:e6: 58:ba:36:ed:e7:b2:fa:53:5c:08:04:46:4e:d7:23: 04:a0:f5:22:b5:e3:ea:68:13:e2:f9:fd:05:ed:61: 97:94:ae:24:dc:e9:4c:4b:81:39:90:a5:33:dc:31: fd:e8:57:62:9d:88:61:4f:c0:79:f7:1f:ab:c9:53: 3e:6b:37:ad:e8:6f:7f:69:ec:0a:3b:c8:bb:bf:51: 3b:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:74:2D:9A:39:ED:1F:DD:63:98:7D:AA:B1:ED:5B:96:A1:A7:F3:A9 X509v3 Authority Key Identifier: keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/27F85F401B0811EEA3313C43C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 202.64.110.0/24 220.232.132.0-220.232.134.255 220.232.156.0/23 220.232.159.0/24 220.232.211.0/24 Signature Algorithm: sha256WithRSAEncryption 57:75:2f:c4:11:48:82:59:9e:ac:ec:12:5a:fa:a4:91:35:72: f2:5f:d6:72:36:28:47:56:9d:52:46:4d:c2:4e:a8:eb:87:eb: 84:5a:a5:dd:f8:9f:9b:75:c7:85:52:12:fc:2d:6f:95:dd:eb: 2d:49:b7:a9:19:88:9b:fc:a3:d1:05:35:87:9d:fc:d4:73:05: 60:57:90:95:ea:f6:94:02:e3:b1:4b:74:09:d9:76:12:59:c2: bf:85:43:11:6f:c7:1c:b6:56:1b:77:36:85:5f:25:f5:a5:f3: 0c:b2:87:9d:d0:b1:16:8a:33:75:a9:a1:e5:3f:c0:0d:57:da: b1:86:dc:16:ed:6d:39:84:22:72:48:57:99:48:38:0d:5c:5f: d5:9d:37:d0:0c:31:a1:a0:3d:44:fb:35:7f:b9:c2:59:ee:d4: 7f:5d:7f:fa:65:32:18:3f:90:24:be:6e:14:ef:46:c7:ea:5d: 48:1c:44:2e:2d:cc:92:b5:46:34:76:14:3c:3c:66:ed:52:3b: 6f:d2:cb:f0:d4:60:06:1d:51:30:8e:bb:bc:d3:d4:2b:b6:41: c8:ef:8f:06:a1:ff:2e:ae:ae:ab:46:90:6e:1f:c3:b5:1d:a7: 7d:da:f6:e8:02:da:c8:6e:0f:99:1f:3f:be:5f:6c:05:94:52: 43:a2:b2:21 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgICD7UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB RDNBRUZFQzgwHhcNMjYwMTE0MTgxNTE2WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTY3ZGQzNC1mMGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqLbRDIJ/mHxMlg/CZgJya9gHgDCWhBgPc55PAGLdg2W+IWls1ce0gSGmV+vI 5f2Blk+yoUx7VlmmCWsi6ZVOksf/duf+X0yMCDk7FwnDG3HlFX+9evryu7bkdJ4B HThSVil3eh1S1Cx9O4TR2KmYXrTHqDXNFlxL5zoC1Upn2JkvwwpbB6CcKWzEbvtO 1hi/VkYFEuGFIjWxgmc0X3zqdrwWFMwocBL49+GJc2Ig/sC8jeZYujbt57L6U1wI BEZO1yMEoPUitePqaBPi+f0F7WGXlK4k3OlMS4E5kKUz3DH96FdinYhhT8B59x+r yVM+azet6G9/aewKO8i7v1E7WwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFIx0LZo5 7R/dY5h9qrHtW5ahp/OpMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMjdGODVGNDAx QjA4MTFFRUEzMzEzQzQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E MDAuMCwEAgABMCYDBADKQG4wDAMEAtzohAMEANzohgMEAdzonAMEANzonwMEANzo 0zANBgkqhkiG9w0BAQsFAAOCAQEAV3UvxBFIglmerOwSWvqkkTVy8l/WcjYoR1ad UkZNwk6o64frhFql3fifm3XHhVIS/C1vld3rLUm3qRmIm/yj0QU1h5381HMFYFeQ ler2lALjsUt0Cdl2ElnCv4VDEW/HHLZWG3c2hV8l9aXzDLKHndCxFoozdamh5T/A DVfasYbcFu1tOYQickhXmUg4DVxf1Z030AwxoaA9RPs1f7nCWe7Uf11/+mUyGD+Q JL5uFO9Gx+pdSBxELi3MkrVGNHYUPDxm7VI7b9LL8NRgBh1RMI67vNPUK7ZByO+P BqH/Lq6uq0aQbh/DtR2nfdr26ALayG4PmR8/vl9sBZRSQ6KyIQ== -----END CERTIFICATE-----Generated at Mon Jan 19 18:43:15 2026 by rpki-client