This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa File: 0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa (raw, json) Hash identifier: F5LpOHboi8QV43lnC+4nxoETjXQ6aU1VuY94OD0W/24= Subject key identifier: 79:9A:6C:D2:B5:6C:1C:25:16:85:01:D4:7B:D0:10:57:9C:CF:F6:D0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4626A3FEA96A7E573109AC1B0A5DF050B5B3C5C2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa Signing time: Wed 26 Nov 2025 00:00:36 +0000 ROA not before: Wed 26 Nov 2025 00:00:36 +0000 ROA not after: Tue 24 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:26:a3:fe:a9:6a:7e:57:31:09:ac:1b:0a:5d:f0:50:b5:b3:c5:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 26 00:00:36 2025 GMT Not After : Feb 24 23:59:59 2026 GMT Subject: serialNumber=a6e032feab6e8869bb7cec4cdf46593097e2e7bd9ab4b07763330982e1f1739b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:f5:0c:b9:51:7e:75:4e:94:9d:b1:06:2c:8d: 30:ae:10:8f:12:16:c2:82:b6:64:24:ca:36:04:dc: 15:f3:40:b9:d6:cd:32:a4:bb:40:02:b5:02:e2:65: 17:48:a5:91:b7:12:90:06:7f:38:10:7e:5e:e7:44: 04:40:7b:c4:f2:12:d3:f0:e5:48:38:a6:4e:c0:cf: e4:d4:7b:0d:a6:36:b7:0f:46:60:46:1b:c5:50:7b: c1:df:23:bc:54:f2:0f:af:68:79:52:97:29:5f:9d: 09:72:b2:77:f2:cb:bb:65:a8:47:96:f0:7e:75:bc: 30:e4:67:d8:af:a5:ff:d4:7a:62:32:bd:6b:ff:6e: f6:c8:74:c0:23:ab:f6:e0:ce:ba:3b:a6:29:e4:da: ab:96:09:9f:68:bb:e5:45:a9:15:66:d0:95:0a:e0: 99:57:fa:36:fe:94:5e:91:8d:d7:09:d9:a7:5c:6f: bf:56:e6:97:ce:17:71:f4:64:05:06:e6:bd:a8:9a: 78:76:f4:67:99:ce:9e:12:ef:25:6c:1c:3a:c8:08: df:68:74:45:0e:37:09:5d:78:c9:86:b1:a4:51:b1: d6:10:ef:55:97:88:b6:83:69:1c:eb:4b:b0:5d:ef: a6:6b:e0:52:4e:28:8a:b8:8f:ec:72:57:95:33:18: d4:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:9A:6C:D2:B5:6C:1C:25:16:85:01:D4:7B:D0:10:57:9C:CF:F6:D0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.66.0/24 Signature Algorithm: sha256WithRSAEncryption ac:2d:e4:71:11:ed:3e:65:2a:51:5d:23:2f:fe:33:8e:6b:9c: ec:f6:54:c8:21:7a:ee:e5:9f:f3:3e:1c:f4:03:b6:6b:db:e7: ad:8e:b6:e3:21:42:cb:3f:3f:a1:df:d4:82:58:26:df:af:7a: 51:47:36:f5:17:ea:32:4e:04:f9:7b:bf:67:48:6e:d9:67:b7: 8f:c6:a5:69:01:81:8a:5e:24:3a:51:c2:41:25:f0:78:b9:d6: ad:f5:db:70:44:5f:01:d2:3b:fd:4a:d3:4f:11:d0:89:07:cc: b2:fe:1a:cb:5b:81:eb:3e:09:52:79:8f:bc:3d:a8:3d:9a:20: bc:15:92:52:91:7d:3b:44:d5:8d:b1:89:0e:ed:4e:c7:0a:f6: a4:5e:98:94:4e:3e:70:7b:53:42:09:83:d4:c5:d1:e1:bb:46: 87:1e:69:62:29:78:1a:5e:49:32:3d:27:a2:84:b7:80:4e:26: fb:fd:b8:b8:e5:f2:d6:6a:5e:41:b1:a2:4e:e2:b0:98:9b:51: e7:8a:dc:d3:81:10:6e:85:e1:fd:32:8c:ef:92:ff:e2:ec:77: 17:5a:ad:1e:26:ff:d5:a4:72:27:a5:58:e8:ca:83:0d:98:6c: bf:c0:1d:4e:ad:69:2c:5d:7d:22:75:99:f7:9d:68:ce:57:91: 74:da:92:0c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIURiaj/qlqflcxCawbCl3wULWzxcIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyNjAwMDAzNloX DTI2MDIyNDIzNTk1OVowejFJMEcGA1UEBRNAYTZlMDMyZmVhYjZlODg2OWJiN2Nl YzRjZGY0NjU5MzA5N2UyZTdiZDlhYjRiMDc3NjMzMzA5ODJlMWYxNzM5YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPUMuVF+dU6UnbEGLI0wrhCPEhbC grZkJMo2BNwV80C51s0ypLtAArUC4mUXSKWRtxKQBn84EH5e50QEQHvE8hLT8OVI OKZOwM/k1HsNpja3D0ZgRhvFUHvB3yO8VPIPr2h5UpcpX50JcrJ38su7ZahHlvB+ dbww5GfYr6X/1HpiMr1r/272yHTAI6v24M66O6Yp5NqrlgmfaLvlRakVZtCVCuCZ V/o2/pRekY3XCdmnXG+/VuaXzhdx9GQFBua9qJp4dvRnmc6eEu8lbBw6yAjfaHRF DjcJXXjJhrGkUbHWEO9Vl4i2g2kc60uwXe+ma+BSTiiKuI/scleVMxjUlQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHmabNK1bBwlFoUB1HvQEFecz/bQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBlMTlkYzdmLTdhNDktNGQyZS04NDBiLTlmMzE2MmE0YWYyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9RCMA0GCSqGSIb3DQEBCwUAA4IBAQCsLeRxEe0+ZSpRXSMv/jOO a5zs9lTIIXru5Z/zPhz0A7Zr2+etjrbjIULLPz+h39SCWCbfr3pRRzb1F+oyTgT5 e79nSG7ZZ7ePxqVpAYGKXiQ6UcJBJfB4udat9dtwRF8B0jv9StNPEdCJB8yy/hrL W4HrPglSeY+8Pag9miC8FZJSkX07RNWNsYkO7U7HCvakXpiUTj5we1NCCYPUxdHh u0aHHmliKXgaXkkyPSeihLeATib7/bi45fLWal5BsaJO4rCYm1HnitzTgRBuheH9 Mozvkv/i7HcXWq0eJv/VpHInpVjoyoMNmGy/wB1OrWksXX0idZn3nWjOV5F02pIM -----END CERTIFICATE-----Generated at Sat Dec 6 10:59:26 2025 by rpki-client