This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/228a5e29-7426-476c-b778-2d402b2ed541.roa File: 228a5e29-7426-476c-b778-2d402b2ed541.roa (raw, json) Hash identifier: YlG+OYTiVVoTbWDn7mQ036ZVXZ4k65cfM1J8S8Vz8RA= Subject key identifier: F6:31:CA:40:48:A3:CD:09:C8:40:7F:EC:00:FF:41:A9:CD:30:B4:A7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 45D588874860087D7C6390053EE574CCE7300156 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/228a5e29-7426-476c-b778-2d402b2ed541.roa Signing time: Thu 27 Nov 2025 00:00:34 +0000 ROA not before: Thu 27 Nov 2025 00:00:34 +0000 ROA not after: Wed 25 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 17:36:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:d5:88:87:48:60:08:7d:7c:63:90:05:3e:e5:74:cc:e7:30:01:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 27 00:00:34 2025 GMT Not After : Feb 25 23:59:59 2026 GMT Subject: serialNumber=737ffab5c1882bcbf7d6ca953805fba0e7a2f784c62c61acff437b38067e8e0d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2e:63:5c:31:89:7f:34:91:08:d5:ce:89:6c: 99:0c:1d:be:d5:5c:43:35:9b:a4:fe:92:17:56:ca: 43:8f:04:17:a3:2f:4a:0b:53:81:3d:98:e6:1f:36: 7f:5e:53:9d:ef:14:4d:84:af:6a:c9:4c:2f:01:37: 48:e4:0c:23:a7:b5:89:7a:39:fb:cb:9a:6e:8a:2d: fa:02:a2:04:ab:cf:61:72:56:61:76:15:2c:ec:e3: f1:8c:20:b1:74:86:54:c9:ff:50:6d:61:cc:ce:7a: a1:92:bb:28:b3:13:0c:39:74:12:63:4c:46:6a:3c: b9:c0:10:cf:d0:f1:cf:db:b5:5e:73:da:25:cb:ee: 61:3d:d0:d6:c4:74:2f:2f:11:b1:6a:31:94:4c:ba: a0:63:65:7b:8e:7c:47:7b:4e:57:a8:aa:87:b8:5d: 2c:3a:d1:8c:19:ed:2b:91:ea:45:99:64:05:fe:25: a7:b5:dc:6f:cd:2b:26:b9:64:a1:98:d5:4a:96:0d: 65:e0:43:d2:6a:05:5d:de:5b:7d:ab:f4:87:5d:c4: 26:be:75:d9:1a:da:c1:25:26:de:d6:c5:b0:a0:33: 02:b1:73:c3:92:d0:2e:a2:a8:a3:78:e0:de:99:c0: a6:89:45:f6:16:a4:a8:df:c0:84:f9:57:76:03:0e: a8:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:31:CA:40:48:A3:CD:09:C8:40:7F:EC:00:FF:41:A9:CD:30:B4:A7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/228a5e29-7426-476c-b778-2d402b2ed541.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:800::/40 Signature Algorithm: sha256WithRSAEncryption 2e:5a:41:57:18:e4:af:6b:e4:69:a2:80:59:c4:68:00:4b:e5: 0f:e3:9d:65:f8:ce:93:a3:48:5a:6a:71:a9:c7:4f:7a:db:c9: f9:87:7b:4a:e4:5b:a3:01:07:20:9d:b1:92:7e:21:dc:d5:0b: 01:05:ae:fe:2c:78:e6:24:44:f5:58:e5:2a:3a:3f:66:5c:07: 73:b7:af:56:48:5c:9d:2a:02:36:16:af:27:93:c0:c1:1c:54: 8f:a8:08:4e:d0:f4:ae:db:4a:da:28:ad:27:79:32:a4:0f:6b: 07:eb:7b:bd:dc:69:da:88:dd:9e:a4:0e:08:28:1d:a4:c5:1d: 11:50:f7:54:dd:dc:9c:f7:e4:ca:61:8b:83:fe:7d:da:ee:87: ec:8d:72:d9:e1:05:31:1c:80:36:d8:3e:04:71:98:bd:95:73: 91:df:f8:bc:76:b3:22:03:10:2b:c1:85:67:0e:8c:de:7a:51: a4:4c:0b:6c:d6:79:a6:57:8c:ef:f3:96:96:e2:46:94:20:d3: 2e:31:a5:1e:ce:1c:0b:92:25:41:c5:b2:80:94:3a:a8:ba:23: 6f:9b:0d:21:81:67:76:46:8a:5d:fa:a9:21:0a:7b:4c:2b:e1: 35:61:d9:de:49:ef:73:d5:73:3e:06:b1:01:00:bf:47:da:17: a7:8c:e5:bb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURdWIh0hgCH18Y5AFPuV0zOcwAVYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyNzAwMDAzNFoX DTI2MDIyNTIzNTk1OVowejFJMEcGA1UEBRNANzM3ZmZhYjVjMTg4MmJjYmY3ZDZj YTk1MzgwNWZiYTBlN2EyZjc4NGM2MmM2MWFjZmY0MzdiMzgwNjdlOGUwZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC5jXDGJfzSRCNXOiWyZDB2+1VxD NZuk/pIXVspDjwQXoy9KC1OBPZjmHzZ/XlOd7xRNhK9qyUwvATdI5Awjp7WJejn7 y5puii36AqIEq89hclZhdhUs7OPxjCCxdIZUyf9QbWHMznqhkrsosxMMOXQSY0xG ajy5wBDP0PHP27Vec9oly+5hPdDWxHQvLxGxajGUTLqgY2V7jnxHe05XqKqHuF0s OtGMGe0rkepFmWQF/iWntdxvzSsmuWShmNVKlg1l4EPSagVd3lt9q/SHXcQmvnXZ GtrBJSbe1sWwoDMCsXPDktAuoqijeODemcCmiUX2FqSo38CE+Vd2Aw6oUQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPYxykBIo80JyEB/7AD/QanNMLSnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIyOGE1ZTI5LTc0MjYtNDc2Yy1iNzc4LTJkNDAyYjJlZDU0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYAgwDQYJKoZIhvcNAQELBQADggEBAC5aQVcY5K9r5GmigFnE aABL5Q/jnWX4zpOjSFpqcanHT3rbyfmHe0rkW6MBByCdsZJ+IdzVCwEFrv4seOYk RPVY5So6P2ZcB3O3r1ZIXJ0qAjYWryeTwMEcVI+oCE7Q9K7bStoorSd5MqQPawfr e73cadqI3Z6kDggoHaTFHRFQ91Td3Jz35Mphi4P+fdruh+yNctnhBTEcgDbYPgRx mL2Vc5Hf+Lx2syIDECvBhWcOjN56UaRMC2zWeaZXjO/zlpbiRpQg0y4xpR7OHAuS JUHFsoCUOqi6I2+bDSGBZ3ZGil36qSEKe0wr4TVh2d5J73PVcz4GsQEAv0faF6eM 5bs= -----END CERTIFICATE-----Generated at Thu Dec 18 12:45:39 2025 by rpki-client