This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/849EBBA60CCA11ED97820077C4F9AE02.roa File: 849EBBA60CCA11ED97820077C4F9AE02.roa (raw, json) Hash identifier: y8CWNkrcoUrfeqLAqFTkkR75Voyg8C7E+lhs1ByBKGE= Subject key identifier: 2A:6A:57:0C:D7:8B:9A:09:33:F0:DE:0D:29:7D:5C:92:7B:DA:FE:0C Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8 Certificate serial: 0FA2 Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/849EBBA60CCA11ED97820077C4F9AE02.roa Signing time: Wed 14 Jan 2026 18:14:58 +0000 ROA not before: Wed 14 Jan 2026 18:14:58 +0000 ROA not after: Wed 31 Mar 2027 00:00:00 +0000 asID: 133772 IP address blocks: 61.14.172.0/24 maxlen: 24 125.252.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 17:35:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4002 (0xfa2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0, serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8 Validity Not Before: Jan 14 18:14:58 2026 GMT Not After : Mar 31 00:00:00 2027 GMT Subject: CN=6967dd22-676d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:00:09:17:af:0a:59:c5:4f:ee:25:7b:b0:07: 81:d8:8c:2c:6f:7a:62:fc:5e:c3:f4:50:89:6f:41: 9c:21:ae:8a:0b:07:b2:2f:7c:03:a3:47:19:61:b7: f9:20:e2:71:c0:73:6c:87:1e:f4:5e:2f:cc:4c:2b: c9:5e:24:2c:3e:8a:00:25:72:fb:6b:3b:26:76:da: f9:7e:ca:a4:d5:46:e3:03:ab:f7:8b:db:ca:a6:b7: 4c:de:33:c2:01:d4:f6:90:43:81:1b:73:53:46:cc: 25:cd:fe:02:ab:de:36:3f:03:af:4d:bd:46:16:b8: 19:4d:7d:5b:45:29:bb:db:2b:6e:14:16:7f:3f:1d: 97:11:82:87:e3:15:82:fc:61:78:f2:4f:bb:a7:ee: ec:a2:fb:32:28:01:05:1d:3a:aa:45:09:2e:54:53: 80:5e:23:13:65:64:38:04:3a:4b:5b:d8:3e:5c:4c: bb:b9:52:1d:d5:9c:16:f9:5d:17:4d:a3:db:43:3f: 87:a0:64:cb:18:8d:59:23:0b:5f:76:42:9b:a7:3f: 41:c1:83:16:e2:3c:74:87:43:43:ed:b5:a2:90:b1: 04:f0:2e:59:b3:2f:14:74:c0:ee:b4:ab:26:3e:18: c9:30:e4:d4:d8:b7:c1:21:56:6c:e9:5e:90:c1:0a: 48:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:6A:57:0C:D7:8B:9A:09:33:F0:DE:0D:29:7D:5C:92:7B:DA:FE:0C X509v3 Authority Key Identifier: keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/849EBBA60CCA11ED97820077C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 61.14.172.0/24 125.252.69.0/24 Signature Algorithm: sha256WithRSAEncryption 2a:00:b5:45:cf:d7:5c:8f:6e:a1:6b:df:86:2b:80:ce:7a:b9: 32:8f:7c:c6:48:92:29:d1:4d:77:41:30:38:22:2b:2b:c3:99: 79:00:31:21:c3:c7:34:d3:72:2e:fb:7c:e3:33:35:58:e0:8a: 6a:a5:05:f8:4b:b3:e6:f8:c7:4e:42:23:aa:be:b8:94:8c:95: ea:49:6a:3a:98:4f:39:61:35:cb:36:69:50:bb:6b:96:17:e0: 43:7e:29:7b:46:80:72:1c:ca:fd:26:33:e9:aa:83:fa:05:75: da:af:32:2f:7f:59:61:98:cc:0a:8b:64:39:08:3e:68:f5:9b: 2e:66:83:3c:40:32:f2:30:14:f4:6f:3b:5c:f3:d8:18:35:fd: db:53:93:c1:19:19:32:9c:c0:0a:fa:cb:44:7a:a7:d3:83:f7: 8e:85:0a:9a:2f:b1:16:ef:bf:dc:ef:07:4b:8d:3e:f6:76:00: 33:10:f8:83:71:ef:8a:f3:0c:ba:b1:7e:aa:53:2d:06:0a:b2: 83:84:47:c6:15:a6:c6:60:57:2d:f2:53:e3:1f:b2:bc:ba:de: db:b1:f5:f2:27:85:95:88:0f:78:01:68:38:1d:ad:ca:71:11: c9:13:e7:04:ca:96:bf:c9:f2:fe:ea:09:3c:4c:76:5f:fc:c6: 7e:b7:4e:51 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgICD6IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB RDNBRUZFQzgwHhcNMjYwMTE0MTgxNDU4WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD VQQDDA02OTY3ZGQyMi02NzZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsgAJF68KWcVP7iV7sAeB2Iwsb3pi/F7D9FCJb0GcIa6KCweyL3wDo0cZYbf5 IOJxwHNshx70Xi/MTCvJXiQsPooAJXL7azsmdtr5fsqk1UbjA6v3i9vKprdM3jPC AdT2kEOBG3NTRswlzf4Cq942PwOvTb1GFrgZTX1bRSm72ytuFBZ/Px2XEYKH4xWC /GF48k+7p+7sovsyKAEFHTqqRQkuVFOAXiMTZWQ4BDpLW9g+XEy7uVId1ZwW+V0X TaPbQz+HoGTLGI1ZIwtfdkKbpz9BwYMW4jx0h0ND7bWikLEE8C5Zsy8UdMDutKsm PhjJMOTU2LfBIVZs6V6QwQpIlwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCpqVwzX i5oJM/DeDSl9XJJ72v4MMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvODQ5RUJCQTYw Q0NBMTFFRDk3ODIwMDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E FjAUMBIEAgABMAwDBAA9DqwDBAB9/EUwDQYJKoZIhvcNAQELBQADggEBACoAtUXP 11yPbqFr34YrgM56uTKPfMZIkinRTXdBMDgiKyvDmXkAMSHDxzTTci77fOMzNVjg imqlBfhLs+b4x05CI6q+uJSMlepJajqYTzlhNcs2aVC7a5YX4EN+KXtGgHIcyv0m M+mqg/oFddqvMi9/WWGYzAqLZDkIPmj1my5mgzxAMvIwFPRvO1zz2Bg1/dtTk8EZ GTKcwAr6y0R6p9OD946FCpovsRbvv9zvB0uNPvZ2ADMQ+INx74rzDLqxfqpTLQYK soOER8YVpsZgVy3yU+Mfsry63tux9fInhZWID3gBaDgdrcpxEckT5wTKlr/J8v7q CTxMdl/8xn63TlE= -----END CERTIFICATE-----Generated at Wed Jan 21 22:26:25 2026 by rpki-client