This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/943D15902D1011EFBBEBA67BC4F9AE02.roa File: 943D15902D1011EFBBEBA67BC4F9AE02.roa (raw, json) Hash identifier: bpDflyeDea4iA77MAsR1yqXpb72az5BwoapOKhJMn4E= Subject key identifier: 50:C5:B1:CF:38:1B:67:E7:BA:C1:70:B4:98:80:4E:56:44:55:44:93 Certificate issuer: /CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002 Certificate serial: 0423 Authority key identifier: 6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/943D15902D1011EFBBEBA67BC4F9AE02.roa Signing time: Wed 10 Dec 2025 23:08:28 +0000 ROA not before: Wed 10 Dec 2025 23:08:28 +0000 ROA not after: Sun 31 Jan 2027 00:00:00 +0000 asID: 17551 IP address blocks: 123.50.128.0/20 maxlen: 20 123.50.128.0/21 maxlen: 21 123.50.136.0/22 maxlen: 22 123.50.140.0/22 maxlen: 22 123.50.148.0/22 maxlen: 22 125.254.108.0/23 maxlen: 23 125.254.110.0/23 maxlen: 23 125.254.116.0/23 maxlen: 23 125.254.118.0/23 maxlen: 23 125.254.120.0/21 maxlen: 21 125.254.120.0/22 maxlen: 22 125.254.124.0/22 maxlen: 22 202.169.22.0/24 maxlen: 24 210.56.224.0/22 maxlen: 22 210.56.228.0/23 maxlen: 23 210.56.237.0/24 maxlen: 24 210.56.241.0/24 maxlen: 24 210.56.243.0/24 maxlen: 24 210.56.254.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 23:54:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1059 (0x423) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1216, serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002 Validity Not Before: Dec 10 23:08:28 2025 GMT Not After : Jan 31 00:00:00 2027 GMT Subject: CN=6939fd6c-1fc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ce:52:35:0d:21:82:6a:c8:38:ab:0a:bd:17: df:2d:19:6d:b3:3b:2e:75:67:0f:bc:1b:4b:eb:61: 04:eb:e3:52:14:0d:ad:a2:51:91:b0:9c:93:d0:93: 84:50:bd:89:13:43:0a:55:96:6f:e7:8c:f4:ac:ee: 06:5a:6d:87:18:56:79:ee:3b:8f:e1:f1:81:32:b0: 31:9f:35:7d:dc:fb:8c:a6:1d:63:3b:f0:a6:d7:7c: 4e:60:e0:74:0c:b0:ae:82:c6:9a:9b:68:4d:6c:bb: 12:92:82:e6:48:3c:d8:d5:28:8c:86:a7:21:d1:da: 19:12:ce:db:87:1e:f5:95:fb:7c:95:b1:bd:c7:56: 76:9e:81:76:6f:30:09:9d:81:4a:ab:b4:7f:bb:d2: 9b:6a:1e:e6:96:69:a5:5c:d8:13:0d:3c:e8:c0:4c: 0f:6f:f8:1d:56:a0:9d:7a:0c:82:3c:78:b4:27:e0: 04:4d:ec:9e:05:0d:03:7f:02:1c:f0:47:ca:94:38: fa:81:80:74:1e:5b:ff:ef:e4:c6:12:76:49:58:e4: 3a:9c:6a:3d:45:2d:e5:fc:95:b6:66:03:b2:98:b7: ef:98:2e:48:65:2d:b6:da:51:ee:0d:c0:e2:6c:00: c8:99:0d:18:8f:b7:c5:97:e4:a8:e3:70:c6:2b:d8: f5:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:C5:B1:CF:38:1B:67:E7:BA:C1:70:B4:98:80:4E:56:44:55:44:93 X509v3 Authority Key Identifier: keyid:6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/943D15902D1011EFBBEBA67BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 123.50.128.0/20 123.50.148.0/22 125.254.108.0/22 125.254.116.0-125.254.127.255 202.169.22.0/24 210.56.224.0-210.56.229.255 210.56.237.0/24 210.56.241.0/24 210.56.243.0/24 210.56.254.0/23 Signature Algorithm: sha256WithRSAEncryption 81:3a:ad:ea:00:d9:4f:10:de:7b:84:7f:c3:27:85:51:de:ac: 67:8c:2f:48:19:d5:2c:dc:d7:cd:9e:d8:85:52:b7:b3:68:5d: 2c:ce:5c:6e:22:97:86:af:91:e7:49:02:be:44:d4:11:07:76: c7:9b:1d:70:1f:3f:49:b5:46:f7:5c:54:ad:72:a3:56:3f:14: a0:12:df:2d:16:3f:c7:3b:f5:ce:a4:c3:71:5f:34:00:fe:f7: 21:44:4a:12:60:04:9f:e4:ce:34:94:db:33:25:0d:0e:d7:e3: f9:30:29:f7:6e:26:07:9e:c1:bb:03:8c:30:d8:a7:40:7f:0c: 13:52:4a:0b:c1:83:d8:30:08:e4:87:be:79:63:65:ea:7d:8a: 3a:0a:b6:f1:3a:9a:ee:2b:d5:e7:af:9c:a6:9a:42:5f:fd:cf: 47:2f:43:a7:78:ec:bc:0c:54:96:e5:b5:c2:f2:42:c2:91:44: 5c:60:47:6e:c6:0d:f6:c9:26:74:da:80:27:f0:40:c9:08:90: 75:35:98:12:42:32:52:23:dc:fa:a9:98:42:ce:72:da:2e:6b: 02:83:bd:04:ca:62:5b:d9:d3:e8:88:93:78:83:90:5f:a7:6e: 4a:10:fd:4b:7d:92:a1:43:25:cc:39:4c:c6:a6:39:6c:84:c1: d8:65:d1:c8 -----BEGIN CERTIFICATE----- MIIFtzCCBJ+gAwIBAgICBCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEyMTYxMTAvBgNVBAUTKDZEQkQ1QzREMDEyMUZDQjMxOEU3OEM0NTFCNkY1Njcz MjA5ODYwMDIwHhcNMjUxMjEwMjMwODI4WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02OTM5ZmQ2Yy0xZmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoc5SNQ0hgmrIOKsKvRffLRltszsudWcPvBtL62EE6+NSFA2tolGRsJyT0JOE UL2JE0MKVZZv54z0rO4GWm2HGFZ57juP4fGBMrAxnzV93PuMph1jO/Cm13xOYOB0 DLCugsaam2hNbLsSkoLmSDzY1SiMhqch0doZEs7bhx71lft8lbG9x1Z2noF2bzAJ nYFKq7R/u9Kbah7mlmmlXNgTDTzowEwPb/gdVqCdegyCPHi0J+AETeyeBQ0DfwIc 8EfKlDj6gYB0Hlv/7+TGEnZJWOQ6nGo9RS3l/JW2ZgOymLfvmC5IZS222lHuDcDi bADImQ0Yj7fFl+So43DGK9j1WQIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFFDFsc84 G2fnusFwtJiATlZEVUSTMB8GA1UdIwQYMBaAFG29XE0BIfyzGOeMRRtvVnMgmGAC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTIxNi9EQzc4MjY4Q0I5 NEIxMUVDODMyQjc0MTlDNEY5QUUwMi9iYjFjVFFFaF9MTVk1NHhGRzI5V2N5Q1lZ QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JiMWNUUUVoX0xNWTU0eEZHMjlXY3lDWVlBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RDEyMTYvREM3ODI2OENCOTRCMTFFQzgzMkI3NDE5QzRGOUFFMDIvOTQzRDE1OTAy RDEwMTFFRkJCRUJBNjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZQYIKwYBBQUHAQcBAf8E VjBUMFIEAgABMEwDBAR7MoADBAJ7MpQDBAJ9/mwwDAMEAn3+dAMEB33+AAMEAMqp FjAMAwQF0jjgAwQB0jjkAwQA0jjtAwQA0jjxAwQA0jjzAwQB0jj+MA0GCSqGSIb3 DQEBCwUAA4IBAQCBOq3qANlPEN57hH/DJ4VR3qxnjC9IGdUs3NfNntiFUrezaF0s zlxuIpeGr5HnSQK+RNQRB3bHmx1wHz9JtUb3XFStcqNWPxSgEt8tFj/HO/XOpMNx XzQA/vchREoSYASf5M40lNszJQ0O1+P5MCn3biYHnsG7A4ww2KdAfwwTUkoLwYPY MAjkh755Y2XqfYo6CrbxOpruK9Xnr5ymmkJf/c9HL0OneOy8DFSW5bXC8kLCkURc YEduxg32ySZ02oAn8EDJCJB1NZgSQjJSI9z6qZhCznLaLmsCg70EymJb2dPoiJN4 g5Bfp25KEP1LfZKhQyXMOUzGpjlshMHYZdHI -----END CERTIFICATE-----Generated at Sun Dec 21 06:59:14 2025 by rpki-client