This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB6AC/D7E98A6E15D011EA93CA0E19C4F9AE02/12D352766D2911F0B26CB33BC4F9AE02.roa File: 12D352766D2911F0B26CB33BC4F9AE02.roa (raw, json) Hash identifier: kCzsbEF39NBIXCfKWCP2b6ON/1+GtsTI4dW3uYXN/og= Subject key identifier: 96:8D:AE:4C:B6:C0:5C:10:79:2D:12:20:4A:2D:65:7F:38:8F:7B:42 Certificate issuer: /CN=A91EB6AC/serialNumber=CB52054E3D7768EA16B6B0A894C773A27DEA921A Certificate serial: 0C71 Authority key identifier: CB:52:05:4E:3D:77:68:EA:16:B6:B0:A8:94:C7:73:A2:7D:EA:92:1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1IFTj13aOoWtrColMdzon3qkho.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB6AC/D7E98A6E15D011EA93CA0E19C4F9AE02/12D352766D2911F0B26CB33BC4F9AE02.roa Signing time: Mon 12 Jan 2026 18:15:36 +0000 ROA not before: Mon 12 Jan 2026 18:15:36 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 134971 IP address blocks: 103.252.224.0/22 maxlen: 24 123.253.220.0/22 maxlen: 23 123.253.220.0/23 maxlen: 24 123.253.222.0/24 maxlen: 24 2401:7940::/32 maxlen: 36 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB6AC/D7E98A6E15D011EA93CA0E19C4F9AE02/y1IFTj13aOoWtrColMdzon3qkho.crl rsync://rpki.apnic.net/member_repository/A91EB6AC/D7E98A6E15D011EA93CA0E19C4F9AE02/y1IFTj13aOoWtrColMdzon3qkho.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1IFTj13aOoWtrColMdzon3qkho.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Feb 2026 18:19:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3185 (0xc71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB6AC, serialNumber=CB52054E3D7768EA16B6B0A894C773A27DEA921A Validity Not Before: Jan 12 18:15:36 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69653a48-9c2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:d6:0c:f2:99:a3:c6:cc:3c:b8:69:9e:48:93: fc:62:14:cf:10:b8:ab:dc:df:2e:ef:3f:ef:13:46: 1e:a2:82:41:1a:d0:bc:fb:e8:c0:06:15:66:0b:89: 06:56:8a:61:37:65:6a:f0:f9:0f:09:15:9d:64:34: 4e:e6:84:e2:45:7f:81:3b:59:a4:90:fa:9d:db:6b: 95:43:c2:62:0e:be:9a:04:e5:25:64:7e:20:d3:f0: db:51:1f:23:86:b9:53:0e:b2:0a:1e:59:3f:1c:98: 44:50:17:c5:c2:6f:1b:bc:73:36:e0:f9:a2:9f:f0: fe:6d:1e:1c:17:14:41:bd:4e:7f:e4:cb:3e:73:6b: 79:a1:8c:8b:fa:4a:69:78:2b:c6:e4:a8:18:a4:8b: ce:56:b0:bc:98:83:5b:42:28:e0:b7:c5:cc:64:cc: b2:73:43:cf:dc:a9:dd:ac:3c:ad:06:d3:bb:e4:d8: 2c:a7:99:64:c8:f4:76:0f:03:6a:b0:21:73:d0:c5: 48:3c:cd:40:83:61:34:a4:cc:40:2a:d7:0f:b4:25: 58:ea:ee:1e:2e:94:4c:0a:c4:ad:23:a9:2a:6b:de: c5:32:66:c6:2c:61:6b:90:bc:dd:26:c4:17:ab:2a: ac:12:96:b3:5e:b5:c5:c1:72:41:78:d4:23:6a:02: 62:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:8D:AE:4C:B6:C0:5C:10:79:2D:12:20:4A:2D:65:7F:38:8F:7B:42 X509v3 Authority Key Identifier: keyid:CB:52:05:4E:3D:77:68:EA:16:B6:B0:A8:94:C7:73:A2:7D:EA:92:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB6AC/D7E98A6E15D011EA93CA0E19C4F9AE02/y1IFTj13aOoWtrColMdzon3qkho.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y1IFTj13aOoWtrColMdzon3qkho.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB6AC/D7E98A6E15D011EA93CA0E19C4F9AE02/12D352766D2911F0B26CB33BC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.252.224.0/22 123.253.220.0/22 IPv6: 2401:7940::/32 Signature Algorithm: sha256WithRSAEncryption cc:63:9c:2a:7f:82:04:5b:fe:9f:9b:42:2a:ed:09:97:e9:17: 80:80:6e:ae:2f:fd:8d:b6:9d:58:40:c7:7a:6f:cb:7a:0c:6d: f9:1d:32:82:bb:53:ac:f6:76:7f:78:2c:5c:94:be:31:01:ef: 71:bc:63:0e:a0:b5:b3:4a:53:ed:00:11:de:63:26:8f:58:3b: 43:7b:18:e8:45:4f:63:bf:e9:ab:5f:7f:92:21:9b:e8:0c:0c: 6c:8b:5a:20:cb:ad:25:53:45:c3:aa:8c:e7:bf:2f:76:ea:93: 8f:14:20:e0:0d:74:2a:9e:92:98:12:5c:c9:6c:f0:54:7f:17: d0:51:3c:9e:a8:a0:30:c3:55:d4:a4:2d:5d:1a:cd:68:ac:3d: 2a:f1:46:b3:5e:16:39:97:f1:8a:23:c0:b0:0f:ef:0f:61:be: 88:ea:1c:bc:2a:9c:e9:00:a0:33:f6:ab:91:d6:e4:ca:7c:28: cc:35:e7:84:c2:64:dd:32:06:87:d8:34:a1:0f:bb:65:2b:5f: c5:bb:b5:33:99:d5:38:8f:a2:68:87:ce:d3:38:52:bf:5d:d4: cb:ed:27:22:26:24:23:f7:88:2d:39:38:50:17:eb:8a:d5:17: d4:6b:5c:d4:1a:c5:8c:5a:d5:1f:b6:52:81:4c:ca:10:09:c8: 33:c1:ba:93 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICDHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx RUI2QUMxMTAvBgNVBAUTKENCNTIwNTRFM0Q3NzY4RUExNkI2QjBBODk0Qzc3M0Ey N0RFQTkyMUEwHhcNMjYwMTEyMTgxNTM2WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDDA02OTY1M2E0OC05YzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyNYM8pmjxsw8uGmeSJP8YhTPELir3N8u7z/vE0YeooJBGtC8++jABhVmC4kG VophN2Vq8PkPCRWdZDRO5oTiRX+BO1mkkPqd22uVQ8JiDr6aBOUlZH4g0/DbUR8j hrlTDrIKHlk/HJhEUBfFwm8bvHM24Pmin/D+bR4cFxRBvU5/5Ms+c2t5oYyL+kpp eCvG5KgYpIvOVrC8mINbQijgt8XMZMyyc0PP3KndrDytBtO75Ngsp5lkyPR2DwNq sCFz0MVIPM1Ag2E0pMxAKtcPtCVY6u4eLpRMCsStI6kqa97FMmbGLGFrkLzdJsQX qyqsEpazXrXFwXJBeNQjagJiQwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJaNrky2 wFwQeS0SIEotZX84j3tCMB8GA1UdIwQYMBaAFMtSBU49d2jqFrawqJTHc6J96pIa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjZBQy9EN0U5OEE2RTE1 RDAxMUVBOTNDQTBFMTlDNEY5QUUwMi95MUlGVGoxM2FPb1d0ckNvbE1kem9uM3Fr aG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3kxSUZUajEzYU9vV3RyQ29sTWR6b24zcWtoby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RUI2QUMvRDdFOThBNkUxNUQwMTFFQTkzQ0EwRTE5QzRGOUFFMDIvMTJEMzUyNzY2 RDI5MTFGMEIyNkNCMzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJn/OADBAJ7/dwwDQQCAAIwBwMFACQBeUAwDQYJKoZIhvcN AQELBQADggEBAMxjnCp/ggRb/p+bQirtCZfpF4CAbq4v/Y22nVhAx3pvy3oMbfkd MoK7U6z2dn94LFyUvjEB73G8Yw6gtbNKU+0AEd5jJo9YO0N7GOhFT2O/6atff5Ih m+gMDGyLWiDLrSVTRcOqjOe/L3bqk48UIOANdCqekpgSXMls8FR/F9BRPJ6ooDDD VdSkLV0azWisPSrxRrNeFjmX8YojwLAP7w9hvojqHLwqnOkAoDP2q5HW5Mp8KMw1 54TCZN0yBofYNKEPu2UrX8W7tTOZ1TiPomiHztM4Ur9d1MvtJyImJCP3iC05OFAX 64rVF9RrXNQaxYxa1R+2UoFMyhAJyDPBupM= -----END CERTIFICATE-----Generated at Wed Feb 11 08:04:29 2026 by rpki-client