This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa File: 0f308446-71c0-4da7-9488-837b94b0ca9c.roa (raw, json) Hash identifier: /p8KP0vTD4CYAyOQFqf+irG781kjl4UqQG4ObrQ1wE0= Subject key identifier: A8:C2:A0:05:42:41:3F:25:67:74:02:AA:D8:C8:3E:82:FF:57:2A:03 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 541EEDCA0509067AEA330F8941C0E7BAE1656187 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa Signing time: Tue 02 Dec 2025 00:21:19 +0000 ROA not before: Tue 02 Dec 2025 00:21:19 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:1e:ed:ca:05:09:06:7a:ea:33:0f:89:41:c0:e7:ba:e1:65:61:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:21:19 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=a2a8e3b55c66b29094ac60b2cf5f0517096b39d1e8d8c2c364f0f3074b65cdbc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e5:18:a0:84:18:c5:ce:66:18:dc:68:13:91: 3f:3f:8d:43:ba:36:dc:5f:99:47:0e:35:30:30:f3: 0f:cc:6a:52:fd:4b:b5:8c:7d:62:36:5a:ba:6d:d2: 36:64:27:af:08:d5:c5:77:86:c8:ab:6c:66:72:9d: 94:2e:52:56:9b:57:ae:b3:6d:49:ab:0d:57:10:14: 1a:af:d0:b5:14:fa:bd:18:29:07:53:bb:b4:08:3f: f7:12:14:c7:8f:2f:a5:02:d7:6e:d6:91:c4:41:2f: a4:aa:07:d3:3e:57:7d:16:d3:e1:eb:45:e0:bb:54: 22:2c:35:82:4a:92:01:aa:6e:9d:b8:fb:ae:15:4f: 53:b2:be:09:c8:bb:23:fc:59:14:b0:7d:fa:c6:4f: 24:12:9c:73:9a:b8:dc:ef:91:7e:f5:7c:8f:2d:8c: 44:4d:ed:94:87:c8:b6:b2:ae:e7:b8:47:33:58:2c: e4:4e:6b:f5:84:64:b1:02:d3:74:ff:60:5c:ad:b5: 3a:ef:12:cb:2b:56:02:73:33:ae:05:15:4b:b5:29: cc:ed:a8:24:ab:e6:46:38:0b:10:6b:21:35:72:ea: 7d:7d:9d:03:b3:76:46:47:f7:e3:0c:ac:bc:80:01: f7:0d:79:c9:85:82:f3:43:dc:b6:38:54:03:f7:83: 46:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:C2:A0:05:42:41:3F:25:67:74:02:AA:D8:C8:3E:82:FF:57:2A:03 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:4080::/48 Signature Algorithm: sha256WithRSAEncryption 64:dd:d9:13:f8:46:7f:3e:17:01:cb:ea:1e:3e:cf:46:b3:71: 00:29:08:bc:b8:0d:4c:20:ae:9c:f0:a6:42:e3:53:78:96:fd: ae:b7:e0:77:99:22:ec:93:9e:4d:47:2f:d9:eb:1a:5f:3f:37: f1:85:3a:29:15:af:ac:f2:f0:6a:91:45:0f:63:10:48:ee:7d: ae:cb:52:58:ec:f9:6c:ca:b1:e2:7d:f5:31:cb:5c:3f:39:80: 85:12:3a:fc:e5:39:f8:71:f5:90:e6:e0:96:f0:f9:5e:da:28: 15:5b:31:b0:28:7c:d7:f8:39:4b:ee:26:af:ea:88:3a:d8:89: 69:ae:f8:0f:e1:0a:4c:1e:11:11:07:47:62:14:53:72:95:76: 18:75:08:0a:3d:9d:63:86:9c:51:ee:d1:b8:ac:e1:86:9a:f4: 3d:03:01:d7:0a:10:c4:c3:06:40:45:6b:a8:b9:ac:41:fa:91: 4b:86:56:9c:28:09:00:c5:02:df:d2:d5:be:51:d3:ce:31:c6: 9e:da:0e:77:c8:d1:fb:36:c7:52:8a:75:9c:c4:d9:ce:81:0f: 75:49:75:10:f7:7b:f7:5d:f9:73:c3:47:5a:56:6c:92:0a:c7: f3:e6:f9:1d:7e:0b:80:e1:43:5c:fc:74:5c:e2:0d:09:0f:0f: e5:13:b3:37 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUVB7tygUJBnrqMw+JQcDnuuFlYYcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMjExOVoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAYTJhOGUzYjU1YzY2YjI5MDk0YWM2 MGIyY2Y1ZjA1MTcwOTZiMzlkMWU4ZDhjMmMzNjRmMGYzMDc0YjY1Y2RiYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuUYoIQYxc5mGNxoE5E/P41Dujbc X5lHDjUwMPMPzGpS/Uu1jH1iNlq6bdI2ZCevCNXFd4bIq2xmcp2ULlJWm1eus21J qw1XEBQar9C1FPq9GCkHU7u0CD/3EhTHjy+lAtdu1pHEQS+kqgfTPld9FtPh60Xg u1QiLDWCSpIBqm6duPuuFU9Tsr4JyLsj/FkUsH36xk8kEpxzmrjc75F+9XyPLYxE Te2Uh8i2sq7nuEczWCzkTmv1hGSxAtN0/2BcrbU67xLLK1YCczOuBRVLtSnM7agk q+ZGOAsQayE1cup9fZ0Ds3ZGR/fjDKy8gAH3DXnJhYLzQ9y2OFQD94NG7QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKjCoAVCQT8lZ3QCqtjIPoL/VyoDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBmMzA4NDQ2LTcxYzAtNGRhNy05NDg4LTgzN2I5NGIwY2E5Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8kCAMA0GCSqGSIb3DQEBCwUAA4IBAQBk3dkT+EZ/PhcBy+oe Ps9Gs3EAKQi8uA1MIK6c8KZC41N4lv2ut+B3mSLsk55NRy/Z6xpfPzfxhTopFa+s 8vBqkUUPYxBI7n2uy1JY7PlsyrHiffUxy1w/OYCFEjr85Tn4cfWQ5uCW8Ple2igV WzGwKHzX+DlL7iav6og62IlprvgP4QpMHhERB0diFFNylXYYdQgKPZ1jhpxR7tG4 rOGGmvQ9AwHXChDEwwZARWuouaxB+pFLhlacKAkAxQLf0tW+UdPOMcae2g53yNH7 NsdSinWcxNnOgQ91SXUQ93v3Xflzw0daVmySCsfz5vkdfguA4UNc/HRc4g0JDw/l E7M3 -----END CERTIFICATE-----Generated at Sat Dec 6 11:01:20 2025 by rpki-client