This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa File: 1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa (raw, json) Hash identifier: 0efpf0pbW3eK5Ufv3S1dJSPCxy+GwY/E2hL6cRdEI/E= Subject key identifier: 99:C5:F4:E2:75:27:90:14:B3:88:D9:B9:D6:BE:AB:05:82:A3:E8:93 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 39A32E3082391A6B718189C831CC99438F00A2CF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa Signing time: Tue 02 Dec 2025 00:00:08 +0000 ROA not before: Tue 02 Dec 2025 00:00:08 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:a3:2e:30:82:39:1a:6b:71:81:89:c8:31:cc:99:43:8f:00:a2:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:00:08 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=88409ff943cbc170a335dc00ae4e4a60fc99381609d6e955aa4506b5b355407c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:dd:d9:01:c3:d5:ca:2d:e9:3e:7a:95:72:a6: 39:7b:22:17:ef:d7:5f:0e:40:d1:cf:1b:bf:b0:57: 6a:81:f9:07:de:02:a2:00:a0:56:f5:1b:fd:8e:4d: d7:45:61:e3:c9:95:5d:6f:7d:ca:6c:ec:a9:eb:77: 6e:39:32:1c:cf:6b:f9:5c:e9:14:a5:33:44:12:eb: aa:db:51:41:e6:02:52:dd:d0:95:33:76:56:87:86: f5:51:cb:dd:7a:01:fb:c2:74:c7:ad:7e:3a:8b:0d: b7:02:44:69:7b:37:af:0e:21:a5:13:a1:9f:57:17: 11:f2:c6:cf:c5:56:a1:f7:c2:4e:54:ad:a4:3b:c4: 26:de:63:24:34:e6:d7:eb:a2:38:95:20:85:44:8c: 8d:f9:51:35:6c:5b:6f:00:ed:1f:c7:4d:c1:d1:87: 6d:5c:4a:ea:c7:27:85:05:cf:9a:86:ef:15:ef:b4: 83:46:86:dd:d1:af:de:25:43:58:0a:e2:66:3e:4c: 7e:9f:49:7f:25:ee:41:88:62:c1:bc:9b:2f:30:58: 75:fc:74:13:37:9a:32:6e:06:1b:f8:97:d7:43:5f: 5a:f1:2a:4f:f5:11:1f:e8:31:a0:ef:2d:5d:cc:69: 0b:9e:c8:ad:71:9e:09:a9:4d:8b:d8:c0:57:d9:28: 79:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:C5:F4:E2:75:27:90:14:B3:88:D9:B9:D6:BE:AB:05:82:A3:E8:93 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4020::/48 Signature Algorithm: sha256WithRSAEncryption 44:b1:39:5e:5e:22:4b:77:13:7c:cf:4a:0c:46:d2:c5:3f:33: 8d:0e:6b:5a:93:98:e0:cd:af:84:b9:94:a5:1c:d9:91:42:db: fe:a9:2e:c3:0c:03:0c:95:e2:5b:65:14:c9:71:21:91:75:28: 00:c2:c7:50:cd:76:ab:1c:0b:28:fb:02:b5:03:64:18:f3:d5: 58:81:0c:27:88:57:63:bf:49:6a:75:a1:d5:33:4a:c8:44:2d: 0d:43:cf:68:b0:f6:3f:94:0b:64:4b:c0:b2:1d:dc:91:8e:e3: b4:65:e7:43:f3:a8:7c:61:ae:4a:d0:cb:70:99:af:3e:f9:0d: a3:8f:0a:53:59:5f:27:32:92:f0:e9:f0:26:cc:8e:4a:d4:f5: f4:bc:dc:98:34:14:c7:b1:e3:4c:77:6b:d1:e2:56:f2:f4:53: a4:ba:e9:fd:4c:0f:af:d0:00:52:e8:50:46:05:a9:f2:87:e2: 6d:b3:55:89:f6:8f:af:91:2d:1f:b8:53:7a:d8:ab:2a:86:19: 24:1a:93:0b:ee:f6:42:62:b3:0d:f3:24:73:61:01:8c:eb:91: 39:7b:d4:94:75:7c:3b:53:a4:f9:20:7a:5c:77:d0:75:1c:b6: 8a:2c:59:1e:0b:fc:a5:d5:40:bb:f2:47:c2:89:9f:de:19:f1: 5c:64:0d:1b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOaMuMII5GmtxgYnIMcyZQ48Aos8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMDAwOFoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAODg0MDlmZjk0M2NiYzE3MGEzMzVk YzAwYWU0ZTRhNjBmYzk5MzgxNjA5ZDZlOTU1YWE0NTA2YjViMzU1NDA3YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1t3ZAcPVyi3pPnqVcqY5eyIX79df DkDRzxu/sFdqgfkH3gKiAKBW9Rv9jk3XRWHjyZVdb33KbOyp63duOTIcz2v5XOkU pTNEEuuq21FB5gJS3dCVM3ZWh4b1UcvdegH7wnTHrX46iw23AkRpezevDiGlE6Gf VxcR8sbPxVah98JOVK2kO8Qm3mMkNObX66I4lSCFRIyN+VE1bFtvAO0fx03B0Ydt XErqxyeFBc+ahu8V77SDRobd0a/eJUNYCuJmPkx+n0l/Je5BiGLBvJsvMFh1/HQT N5oybgYb+JfXQ19a8SpP9REf6DGg7y1dzGkLnsitcZ4JqU2L2MBX2Sh5wQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJnF9OJ1J5AUs4jZuda+qwWCo+iTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiNWRhOTg3LTY5ZjMtNGYxMi1hYTNiLTBkNmY5YWU0YzA2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEAgMA0GCSqGSIb3DQEBCwUAA4IBAQBEsTleXiJLdxN8z0oM RtLFPzONDmtak5jgza+EuZSlHNmRQtv+qS7DDAMMleJbZRTJcSGRdSgAwsdQzXar HAso+wK1A2QY89VYgQwniFdjv0lqdaHVM0rIRC0NQ89osPY/lAtkS8CyHdyRjuO0 ZedD86h8Ya5K0Mtwma8++Q2jjwpTWV8nMpLw6fAmzI5K1PX0vNyYNBTHseNMd2vR 4lby9FOkuun9TA+v0ABS6FBGBanyh+Jts1WJ9o+vkS0fuFN62KsqhhkkGpML7vZC YrMN8yRzYQGM65E5e9SUdXw7U6T5IHpcd9B1HLaKLFkeC/yl1UC78kfCiZ/eGfFc ZA0b -----END CERTIFICATE-----Generated at Sat Dec 6 10:55:42 2025 by rpki-client