This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/834D7D565BAA11EFBAF22B7FC4F9AE02.roa File: 834D7D565BAA11EFBAF22B7FC4F9AE02.roa (raw, json) Hash identifier: XFoQeK6SSjWrzVsAtPvGLrCpLMOkqODiTlHQxylfsFI= Subject key identifier: 76:C5:06:68:43:B9:07:0D:16:B0:D6:84:47:47:74:22:07:6F:6C:83 Certificate issuer: /CN=A91DF863/serialNumber=39CE15DB36739A22CAEE64E0CF8BA31F5A6B9348 Certificate serial: 3388 Authority key identifier: 39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/834D7D565BAA11EFBAF22B7FC4F9AE02.roa Signing time: Wed 24 Dec 2025 16:12:47 +0000 ROA not before: Wed 24 Dec 2025 16:12:47 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 135437 IP address blocks: 203.175.160.0/20 maxlen: 23 203.175.160.0/21 maxlen: 24 203.175.168.0/22 maxlen: 24 203.175.172.0/23 maxlen: 24 203.175.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 31 Dec 2025 16:12:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13192 (0x3388) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF863, serialNumber=39CE15DB36739A22CAEE64E0CF8BA31F5A6B9348 Validity Not Before: Dec 24 16:12:47 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=694c10ff-ae68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:99:1f:6f:b6:4c:3d:47:2f:7a:18:e7:f7:9e: 10:39:aa:e6:ea:28:97:b1:fc:16:a8:3f:8a:a0:76: 1f:81:0f:1a:8e:a9:97:d2:a4:60:7f:18:d5:aa:5f: 4f:54:6b:4b:17:f9:bd:a7:54:01:79:42:f7:9d:4a: 8f:47:56:d3:6d:9f:1c:18:da:57:30:d8:c9:17:9a: 30:af:5c:f6:5f:00:4b:37:4c:f6:36:ec:45:fc:44: 0e:67:46:6d:e6:c1:29:2a:7e:ae:a7:64:33:40:e4: 6a:70:cc:96:98:14:d4:1d:4d:d0:4d:d6:99:b1:73: e8:21:e2:b9:6a:ed:a5:7f:38:d1:dd:1b:20:b2:11: 3d:2a:ac:b2:ee:ef:c7:c0:02:e7:d2:5b:ec:a4:f4: 8b:89:57:fa:96:8b:f7:c2:dd:96:7b:11:e6:09:ba: 47:f0:8b:41:45:25:fb:6c:23:5b:c8:b4:0f:a1:f9: 32:84:5d:f4:ad:d7:0f:f7:75:9c:bb:c0:d3:ca:5a: 2d:9d:71:f1:a0:67:53:9d:7a:41:96:9d:65:a3:21: 6f:54:59:fd:fe:8d:ff:ed:90:76:f4:6c:af:b1:d5: 35:6d:dc:11:d6:06:34:44:1e:97:83:2a:ee:a2:47: 96:d5:9b:2f:15:1c:72:09:5f:05:3d:63:86:a4:ab: 50:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:C5:06:68:43:B9:07:0D:16:B0:D6:84:47:47:74:22:07:6F:6C:83 X509v3 Authority Key Identifier: keyid:39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/834D7D565BAA11EFBAF22B7FC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 203.175.160.0/20 Signature Algorithm: sha256WithRSAEncryption b8:5d:09:64:21:dc:1d:bc:de:75:5a:e7:40:d3:1b:1d:7f:06: 94:ef:61:52:7b:10:04:59:a6:6b:db:89:3b:67:2f:6a:bc:70: 80:25:67:3d:37:28:99:cc:73:c9:b1:ba:e1:ed:a0:ab:80:ba: 0d:c7:69:02:40:ba:26:d6:ac:a8:8f:6a:23:1f:f4:3b:a6:fa: d3:eb:89:02:17:17:73:0a:0c:b0:cd:1c:15:6d:0a:3e:3a:e6: 52:9c:ff:96:c1:d6:c7:de:df:fc:f8:4f:cd:2e:40:a1:69:01: 0a:6f:09:1a:df:e7:4f:20:cf:2c:35:45:b2:0f:d5:87:90:f9: 0e:b1:0b:b1:e0:c0:54:30:60:22:7c:29:87:f5:ea:1e:34:fd: 12:61:d1:17:02:17:90:30:3f:9a:4f:36:d3:95:30:b9:a6:3d: 8c:9a:12:0e:ca:c8:62:f5:9b:fa:3c:ee:78:6d:89:ee:1b:f7: 65:1f:c5:63:2d:2b:68:6a:80:ce:ab:e4:74:d5:0c:ad:db:ef: a8:59:e4:fe:6c:4f:f7:8d:ff:1b:f5:d2:ed:5c:a3:81:d0:c4: cb:3f:65:67:61:c5:86:af:ea:25:64:ad:2a:ac:8f:78:bc:cf: 11:f1:a8:8a:43:74:6b:a0:b7:19:1d:99:d5:8b:f0:b3:48:4e: 5b:36:c9:10 -----BEGIN CERTIFICATE----- MIIFcTCCBFmgAwIBAgICM4gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx REY4NjMxMTAvBgNVBAUTKDM5Q0UxNURCMzY3MzlBMjJDQUVFNjRFMENGOEJBMzFG NUE2QjkzNDgwHhcNMjUxMjI0MTYxMjQ3WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDDA02OTRjMTBmZi1hZTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyJkfb7ZMPUcvehjn954QOarm6iiXsfwWqD+KoHYfgQ8ajqmX0qRgfxjVql9P VGtLF/m9p1QBeUL3nUqPR1bTbZ8cGNpXMNjJF5owr1z2XwBLN0z2NuxF/EQOZ0Zt 5sEpKn6up2QzQORqcMyWmBTUHU3QTdaZsXPoIeK5au2lfzjR3RsgshE9Kqyy7u/H wALn0lvspPSLiVf6lov3wt2WexHmCbpH8ItBRSX7bCNbyLQPofkyhF30rdcP93Wc u8DTylotnXHxoGdTnXpBlp1loyFvVFn9/o3/7ZB29GyvsdU1bdwR1gY0RB6Xgyru okeW1ZsvFRxyCV8FPWOGpKtQAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHbFBmhD uQcNFrDWhEdHdCIHb2yDMB8GA1UdIwQYMBaAFDnOFds2c5oiyu5k4M+Lox9aa5NI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjg2My9CRkU1NEE2ODgx NUIxMUUyOUI1OEE3M0IzMjkyQjVFOC9PYzRWMnpaem1pTEs3bVRnejR1akgxcHJr MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09jNFYyelp6bWlMSzdtVGd6NHVqSDFwcmswZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx REY4NjMvQkZFNTRBNjg4MTVCMTFFMjlCNThBNzNCMzI5MkI1RTgvODM0RDdENTY1 QkFBMTFFRkJBRjIyQjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E EDAOMAwEAgABMAYDBATLr6AwDQYJKoZIhvcNAQELBQADggEBALhdCWQh3B283nVa 50DTGx1/BpTvYVJ7EARZpmvbiTtnL2q8cIAlZz03KJnMc8mxuuHtoKuAug3HaQJA uibWrKiPaiMf9Dum+tPriQIXF3MKDLDNHBVtCj465lKc/5bB1sfe3/z4T80uQKFp AQpvCRrf508gzyw1RbIP1YeQ+Q6xC7HgwFQwYCJ8KYf16h40/RJh0RcCF5AwP5pP NtOVMLmmPYyaEg7KyGL1m/o87nhtie4b92UfxWMtK2hqgM6r5HTVDK3b76hZ5P5s T/eN/xv10u1co4HQxMs/ZWdhxYav6iVkrSqsj3i8zxHxqIpDdGugtxkdmdWL8LNI Tls2yRA= -----END CERTIFICATE-----Generated at Wed Dec 24 19:29:27 2025 by rpki-client