This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08c68094-5359-4e76-9230-1465cd68f373.roa File: 08c68094-5359-4e76-9230-1465cd68f373.roa (raw, json) Hash identifier: iOUgme6iAWzPGDG9As1UFQpBpNwseHsBdOiOUge5e1w= Subject key identifier: D7:B2:07:EB:4B:DF:2E:EC:CD:DA:B7:DB:EF:AF:CE:88:1E:BF:4F:4E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6DEA857FE9EC031D9EA2A34F1088CFFA9BAC740D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08c68094-5359-4e76-9230-1465cd68f373.roa Signing time: Thu 27 Nov 2025 00:00:38 +0000 ROA not before: Thu 27 Nov 2025 00:00:38 +0000 ROA not after: Wed 25 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:ea:85:7f:e9:ec:03:1d:9e:a2:a3:4f:10:88:cf:fa:9b:ac:74:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 27 00:00:38 2025 GMT Not After : Feb 25 23:59:59 2026 GMT Subject: serialNumber=734967258ed79144e2365506490d65b43fae7037b9464141ec4afb782c2b1f5c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:06:bc:04:47:5f:af:bf:c1:40:33:6b:7c:69: d3:b0:5d:aa:f6:23:00:82:b6:e1:ca:33:79:9f:dd: 8d:4f:11:74:f1:71:29:71:17:ca:56:70:11:91:e7: 41:d7:2a:8c:25:80:a3:ac:be:61:f0:7a:f2:f4:f8: ed:15:56:f7:d1:e5:75:c5:34:f0:f8:f8:43:c3:ec: 0f:e5:3b:24:f0:76:b9:01:51:c0:67:6f:d8:bd:c6: 71:ea:23:64:37:44:00:3c:a8:ba:60:34:cd:d7:1e: 6a:b0:8f:c0:32:5c:4d:9e:cc:c5:73:2b:85:5c:99: 61:6c:06:32:a5:25:41:33:c9:3b:21:fe:aa:06:c4: bf:42:b3:97:62:f5:d9:60:a1:e5:10:d1:a3:de:e1: 03:50:c9:ea:42:c3:85:d4:30:09:4f:b9:c8:e7:67: 88:8f:23:bf:f5:66:d7:59:ce:fa:6e:55:2f:35:d3: 7a:a8:85:ee:5a:0d:90:d5:9a:5e:e9:64:e1:99:7e: dd:9e:bd:49:76:3c:c8:50:e8:a5:27:6a:e8:19:f1: c6:6b:4e:9e:b7:26:60:6f:e0:8b:7e:f5:93:99:ad: cd:e9:0e:f8:51:5b:3b:9b:ea:17:a5:2a:bb:fc:11: a3:2f:d5:3c:0f:c9:e5:54:04:1e:e6:e2:00:bf:5f: da:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:B2:07:EB:4B:DF:2E:EC:CD:DA:B7:DB:EF:AF:CE:88:1E:BF:4F:4E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08c68094-5359-4e76-9230-1465cd68f373.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:c000::/40 Signature Algorithm: sha256WithRSAEncryption 90:e2:f3:3c:6c:95:2e:2c:6c:84:cd:2f:74:a7:08:58:a5:56: 6c:ee:f1:db:5c:64:3b:0f:19:c1:31:dc:73:f8:64:dc:b1:d9: f6:7b:70:dd:a7:e8:d5:d8:02:b7:f7:52:09:32:b9:f8:56:e0: 61:27:a9:98:a2:bb:71:d1:7f:5e:d2:53:13:1a:c5:b8:9f:f1: 63:75:cd:bd:c3:ae:63:6b:3f:45:0a:b1:63:64:ee:02:58:b8: c9:ee:d8:18:2c:7d:3f:da:41:0d:c6:48:4b:e3:62:93:df:bb: 59:c8:dd:b3:3d:2a:51:62:46:49:7b:c9:be:ae:cb:24:61:5f: 72:d1:ca:be:44:31:3a:9a:4a:a2:94:a0:09:9b:7b:bb:30:5e: 1b:fc:0c:38:90:87:45:e7:31:db:2c:73:71:1b:48:14:5a:78: 9e:df:1f:90:83:39:c9:5d:03:85:7c:64:20:f4:ee:be:16:0e: df:84:d1:70:00:61:53:d8:a5:9e:e8:0f:b5:61:f2:b3:b2:23: ad:1a:39:43:62:69:e3:58:88:65:be:bd:7a:79:4f:9a:6b:eb: 17:5f:63:3b:e3:e4:8d:85:f9:45:5a:95:b7:1c:19:fb:7c:61: 3d:98:44:63:4c:30:2e:1c:31:92:d1:e2:ee:aa:01:35:4d:cc: 59:f1:a9:7f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbeqFf+nsAx2eoqNPEIjP+pusdA0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyNzAwMDAzOFoX DTI2MDIyNTIzNTk1OVowejFJMEcGA1UEBRNANzM0OTY3MjU4ZWQ3OTE0NGUyMzY1 NTA2NDkwZDY1YjQzZmFlNzAzN2I5NDY0MTQxZWM0YWZiNzgyYzJiMWY1YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Aa8BEdfr7/BQDNrfGnTsF2q9iMA grbhyjN5n92NTxF08XEpcRfKVnARkedB1yqMJYCjrL5h8Hry9PjtFVb30eV1xTTw +PhDw+wP5Tsk8Ha5AVHAZ2/YvcZx6iNkN0QAPKi6YDTN1x5qsI/AMlxNnszFcyuF XJlhbAYypSVBM8k7If6qBsS/QrOXYvXZYKHlENGj3uEDUMnqQsOF1DAJT7nI52eI jyO/9WbXWc76blUvNdN6qIXuWg2Q1Zpe6WThmX7dnr1JdjzIUOilJ2roGfHGa06e tyZgb+CLfvWTma3N6Q74UVs7m+oXpSq7/BGjL9U8D8nlVAQe5uIAv1/aHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNeyB+tL3y7szdq32++vzogev09OMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4YzY4MDk0LTUzNTktNGU3Ni05MjMwLTE0NjVjZDY4ZjM3My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYMAwDQYJKoZIhvcNAQELBQADggEBAJDi8zxslS4sbITNL3Sn CFilVmzu8dtcZDsPGcEx3HP4ZNyx2fZ7cN2n6NXYArf3UgkyufhW4GEnqZiiu3HR f17SUxMaxbif8WN1zb3DrmNrP0UKsWNk7gJYuMnu2BgsfT/aQQ3GSEvjYpPfu1nI 3bM9KlFiRkl7yb6uyyRhX3LRyr5EMTqaSqKUoAmbe7swXhv8DDiQh0XnMdssc3Eb SBRaeJ7fH5CDOcldA4V8ZCD07r4WDt+E0XAAYVPYpZ7oD7Vh8rOyI60aOUNiaeNY iGW+vXp5T5pr6xdfYzvj5I2F+UValbccGft8YT2YRGNMMC4cMZLR4u6qATVNzFnx qX8= -----END CERTIFICATE-----Generated at Sat Dec 6 14:14:54 2025 by rpki-client