This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa File: CEF8E22E711711EDB49CE11AC4F9AE02.roa (raw, json) Hash identifier: vlCfRwuEXWpklGTw9mykTEtjyJtV17L++aLuE6IkKdM= Subject key identifier: 9A:F1:D3:BB:39:7A:3A:6B:F6:DE:4C:49:A6:8C:0F:3B:C0:D4:8F:23 Certificate issuer: /CN=A91F277D/serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE Certificate serial: 06C5 Authority key identifier: BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa Signing time: Wed 26 Nov 2025 21:13:20 +0000 ROA not before: Wed 26 Nov 2025 21:13:20 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 135348 IP address blocks: 139.163.0.0/17 maxlen: 17 139.163.30.0/24 maxlen: 24 139.163.128.0/23 maxlen: 23 139.163.130.0/24 maxlen: 24 139.163.131.0/24 maxlen: 24 139.163.132.0/22 maxlen: 22 139.163.132.0/24 maxlen: 24 139.163.136.0/23 maxlen: 23 139.163.138.0/24 maxlen: 24 139.163.139.0/24 maxlen: 24 139.163.140.0/22 maxlen: 22 139.163.144.0/20 maxlen: 20 139.163.160.0/19 maxlen: 19 139.163.192.0/19 maxlen: 19 139.163.224.0/20 maxlen: 20 139.163.240.0/22 maxlen: 22 139.163.244.0/23 maxlen: 23 139.163.246.0/24 maxlen: 24 139.163.247.0/24 maxlen: 24 139.163.248.0/21 maxlen: 21 139.163.250.0/24 maxlen: 24 168.134.0.0/17 maxlen: 17 168.134.128.0/21 maxlen: 21 168.134.136.0/24 maxlen: 24 168.134.137.0/24 maxlen: 24 168.134.138.0/24 maxlen: 24 168.134.139.0/24 maxlen: 24 168.134.140.0/22 maxlen: 22 168.134.144.0/20 maxlen: 20 168.134.160.0/19 maxlen: 19 168.134.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 21:09:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1733 (0x6c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F277D, serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE Validity Not Before: Nov 26 21:13:20 2025 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69276d6f-993f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e5:5f:a7:b4:d0:29:35:f9:9f:87:ba:a8:4b: 9c:eb:9d:f3:3a:82:7d:e1:1f:21:ce:9e:c3:49:6f: 4e:4f:b5:0a:2b:5f:c5:56:50:f5:c3:4f:53:35:92: 22:86:e6:40:b7:e6:46:5e:e7:ae:1e:c1:de:36:a1: d0:85:08:cf:8d:3b:08:f5:36:1c:3f:b1:13:52:68: e3:f2:f6:16:f1:e5:c8:5a:4d:d0:d1:07:31:ff:60: 65:72:a1:15:b3:70:2b:9d:b0:82:c1:f0:fc:04:f5: c6:38:bf:15:09:11:79:25:52:65:76:b8:8c:45:e8: 98:75:a2:72:c9:f8:ef:82:a8:d0:b0:e6:77:ae:8f: 8e:8b:ef:39:54:6e:e8:c2:80:80:91:75:9c:05:a0: df:3e:11:26:a1:91:cf:25:7d:b5:7c:de:65:93:56: 7b:b6:0a:9e:a3:df:60:b2:74:7d:35:63:8c:5f:e5: b6:e6:27:da:55:aa:62:fa:48:60:7e:e7:4d:8e:1b: dd:69:8c:5b:f9:14:4b:da:e6:ea:57:78:9a:37:6c: b5:16:4e:d9:72:e3:40:a3:7c:73:40:cc:d5:71:c3: b1:e9:58:20:36:93:de:49:a9:79:f9:8a:bf:2e:3a: ef:d0:0a:bc:83:2c:64:c3:ed:54:d0:3b:55:48:8a: 45:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:F1:D3:BB:39:7A:3A:6B:F6:DE:4C:49:A6:8C:0F:3B:C0:D4:8F:23 X509v3 Authority Key Identifier: keyid:BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/CEF8E22E711711EDB49CE11AC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 139.163.0.0/16 168.134.0.0/16 Signature Algorithm: sha256WithRSAEncryption 95:08:4a:8e:b5:4c:5b:4e:04:a8:75:97:5a:17:7c:f3:8e:ce: 4d:7d:7a:80:3d:ba:9f:7b:4b:0e:bd:0f:ef:b6:67:85:52:05: c2:20:90:ae:10:2a:be:a5:73:06:4f:e3:ee:0b:28:4b:17:33: 29:55:64:a5:4f:cb:7d:91:40:9f:60:4a:69:e2:62:07:64:ed: 4c:38:e0:9f:45:b7:36:8b:cc:f9:8c:74:ec:65:14:4b:5c:ce: 95:71:62:9a:10:56:7d:e8:f2:87:0c:3e:0e:6f:81:96:e0:35: db:d0:d1:12:c4:a2:d9:43:ec:6c:df:4d:2e:64:90:9b:63:cf: 0d:38:6a:18:12:75:31:13:c2:56:9b:f0:aa:3c:93:1a:54:c9: 9c:41:1b:5f:9d:e4:ea:1f:47:18:d3:69:f3:ad:f3:80:de:cf: ee:ad:21:69:ac:2f:53:61:6e:a2:b6:65:0b:8f:e8:cd:63:ca: bc:f6:83:53:cb:88:a5:96:94:f6:e4:02:35:71:4f:b3:2e:81: 58:3a:33:6b:5b:79:a3:7f:57:b2:b6:9e:a7:a3:2d:3b:c8:8f: 77:cf:4b:4f:79:a3:ec:09:28:ff:ad:1b:67:02:84:8b:8a:8b: c8:24:cf:f4:27:10:63:eb:b8:5e:9c:af:d0:45:b7:b3:91:43: 2a:e8:8f:b3 -----BEGIN CERTIFICATE----- MIIFdTCCBF2gAwIBAgICBsUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjI3N0QxMTAvBgNVBAUTKEJCQzEwMzU2MUFGRDdBOTMwMzZEMUM3MkRENEMwQTdD MkE0RTI5Q0UwHhcNMjUxMTI2MjExMzIwWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OTI3NmQ2Zi05OTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqOVfp7TQKTX5n4e6qEuc653zOoJ94R8hzp7DSW9OT7UKK1/FVlD1w09TNZIi huZAt+ZGXueuHsHeNqHQhQjPjTsI9TYcP7ETUmjj8vYW8eXIWk3Q0Qcx/2BlcqEV s3ArnbCCwfD8BPXGOL8VCRF5JVJldriMReiYdaJyyfjvgqjQsOZ3ro+Oi+85VG7o woCAkXWcBaDfPhEmoZHPJX21fN5lk1Z7tgqeo99gsnR9NWOMX+W25ifaVapi+khg fudNjhvdaYxb+RRL2ubqV3iaN2y1Fk7ZcuNAo3xzQMzVccOx6VggNpPeSal5+Yq/ Ljrv0Aq8gyxkw+1U0DtVSIpFjwIDAQABo4ICmTCCApUwHQYDVR0OBBYEFJrx07s5 ejpr9t5MSaaMDzvA1I8jMB8GA1UdIwQYMBaAFLvBA1Ya/XqTA20cct1MCnwqTinO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjc3RC83OEExRDA4RThE NkIxMUVCOTg0MEUwNUZDNEY5QUUwMi91OEVEVmhyOWVwTURiUnh5M1V3S2ZDcE9L YzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3U4RURWaHI5ZXBNRGJSeHkzVXdLZkNwT0tjNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RjI3N0QvNzhBMUQwOEU4RDZCMTFFQjk4NDBFMDVGQzRGOUFFMDIvQ0VGOEUyMkU3 MTE3MTFFREI0OUNFMTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQcBAf8E FDASMBAEAgABMAoDAwCLowMDAKiGMA0GCSqGSIb3DQEBCwUAA4IBAQCVCEqOtUxb TgSodZdaF3zzjs5NfXqAPbqfe0sOvQ/vtmeFUgXCIJCuECq+pXMGT+PuCyhLFzMp VWSlT8t9kUCfYEpp4mIHZO1MOOCfRbc2i8z5jHTsZRRLXM6VcWKaEFZ96PKHDD4O b4GW4DXb0NESxKLZQ+xs300uZJCbY88NOGoYEnUxE8JWm/CqPJMaVMmcQRtfneTq H0cY02nzrfOA3s/urSFprC9TYW6itmULj+jNY8q89oNTy4illpT25AI1cU+zLoFY OjNrW3mjf1eytp6noy07yI93z0tPeaPsCSj/rRtnAoSLiovIJM/0JxBj67henK/Q RbezkUMq6I+z -----END CERTIFICATE-----Generated at Wed Dec 3 14:46:52 2025 by rpki-client