This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c876588-8996-4239-b85a-95e0cd1f9f7d.roa File: 2c876588-8996-4239-b85a-95e0cd1f9f7d.roa (raw, json) Hash identifier: PYzd54+qfEslRyDQIEnzUYLY0axxqS+DouBODNjYn30= Subject key identifier: 70:7E:16:7B:E2:03:C5:E7:BD:16:B3:43:B0:2D:FF:C1:0C:7B:BA:33 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 28060E356612BBAF2CD3FE0EF550D60D0164CE84 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c876588-8996-4239-b85a-95e0cd1f9f7d.roa Signing time: Thu 04 Dec 2025 00:00:38 +0000 ROA not before: Thu 04 Dec 2025 00:00:38 +0000 ROA not after: Wed 04 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1b:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:06:0e:35:66:12:bb:af:2c:d3:fe:0e:f5:50:d6:0d:01:64:ce:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 4 00:00:38 2025 GMT Not After : Mar 4 23:59:59 2026 GMT Subject: serialNumber=3c61c47051b0d5316781136fde490a29bbca2b76a206a1dfbe89efb19941b15a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:10:ac:b5:e8:c2:dc:5a:28:7b:a4:9d:30:f0: 56:cc:a9:a8:b0:0c:96:ac:41:39:59:91:ec:9a:a9: 76:fb:4c:14:eb:f7:23:58:ca:0f:88:f3:c9:03:15: ac:2a:8f:40:b4:26:2d:b8:27:b0:96:66:1f:19:1e: ec:62:3a:dd:76:5e:1b:84:db:0f:cf:96:aa:65:af: 4e:f4:82:9f:b2:d4:81:66:62:1b:fc:71:d9:bf:ce: a3:96:e6:cd:1c:f4:14:2d:42:65:3e:4f:2c:eb:21: 48:c5:0d:1a:8f:15:41:7c:e3:1d:1c:ad:ec:86:4b: e2:da:a6:86:58:01:b3:05:5c:3d:72:ce:bc:a7:85: cf:bd:06:74:96:da:c4:be:a6:fb:ba:ac:0e:7d:74: 82:2f:88:28:2e:3b:2c:e4:d5:95:7f:6e:a0:ef:1a: e7:1f:dc:d2:04:1d:f1:2f:2a:a9:e3:9a:ce:31:a1: 9b:0c:bc:90:28:28:6e:d9:d7:d2:0f:c5:dc:ab:9f: 63:21:94:da:e1:fb:77:6c:79:f7:83:df:e0:6f:b2: aa:21:f0:ae:ed:ef:e1:66:8f:e0:f2:b1:0e:b1:5a: ce:ba:99:d8:3d:59:8b:a4:ab:fb:59:c6:23:70:2a: 3f:e2:8e:34:a0:d0:cf:4a:71:b8:d7:de:7e:bd:f7: 22:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:7E:16:7B:E2:03:C5:E7:BD:16:B3:43:B0:2D:FF:C1:0C:7B:BA:33 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c876588-8996-4239-b85a-95e0cd1f9f7d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1b:800::/38 Signature Algorithm: sha256WithRSAEncryption 91:f6:20:14:9b:47:61:ab:bc:2b:18:3a:80:f9:de:6e:84:8c: 64:21:63:b4:3f:64:63:43:60:f6:58:47:69:7a:90:19:cf:cb: 44:03:8f:c7:c5:e6:d8:5e:c4:5c:e7:37:94:85:53:d7:7b:f7: 2e:5e:db:09:41:fc:c6:ad:49:c6:15:90:37:1c:fe:be:55:c7: 65:76:6e:af:42:b2:14:73:22:35:b1:ea:ba:b4:66:0e:bf:c3: c9:83:c0:46:89:16:e1:25:52:12:4c:4c:ad:2b:63:e5:a9:4a: d9:56:36:40:20:fd:6b:50:aa:cf:95:9a:bb:25:e9:bf:59:8f: f5:98:bd:71:0b:0f:ee:c4:df:ae:e6:59:f5:91:dd:fd:61:95: 71:63:4c:91:1f:fc:fa:85:ff:b5:24:f8:7a:c6:69:dc:f6:f4: 99:7e:bc:4a:f1:f3:85:cc:aa:9e:5a:e3:47:42:bd:9b:34:c9: 71:1a:84:53:fe:2c:ce:db:82:43:c6:61:10:15:64:75:4b:2f: a3:4d:a2:7d:00:41:11:0f:98:b0:b5:0c:b9:95:58:bd:7c:d4: a1:1c:61:56:8e:4d:f0:31:35:1c:04:3d:89:87:ad:ef:35:8d: 8f:a1:c2:55:57:20:3e:ec:d6:95:85:08:7e:51:41:16:92:43: 1c:6b:c5:44 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKAYONWYSu68s0/4O9VDWDQFkzoQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwNDAwMDAzOFoX DTI2MDMwNDIzNTk1OVowejFJMEcGA1UEBRNAM2M2MWM0NzA1MWIwZDUzMTY3ODEx MzZmZGU0OTBhMjliYmNhMmI3NmEyMDZhMWRmYmU4OWVmYjE5OTQxYjE1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhCstejC3Fooe6SdMPBWzKmosAyW rEE5WZHsmql2+0wU6/cjWMoPiPPJAxWsKo9AtCYtuCewlmYfGR7sYjrddl4bhNsP z5aqZa9O9IKfstSBZmIb/HHZv86jlubNHPQULUJlPk8s6yFIxQ0ajxVBfOMdHK3s hkvi2qaGWAGzBVw9cs68p4XPvQZ0ltrEvqb7uqwOfXSCL4goLjss5NWVf26g7xrn H9zSBB3xLyqp45rOMaGbDLyQKChu2dfSD8Xcq59jIZTa4ft3bHn3g9/gb7KqIfCu 7e/hZo/g8rEOsVrOupnYPVmLpKv7WcYjcCo/4o40oNDPSnG4195+vfcivQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHB+FnviA8XnvRazQ7At/8EMe7ozMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJjODc2NTg4LTg5OTYtNDIzOS1iODVhLTk1ZTBjZDFmOWY3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGwgwDQYJKoZIhvcNAQELBQADggEBAJH2IBSbR2GrvCsYOoD5 3m6EjGQhY7Q/ZGNDYPZYR2l6kBnPy0QDj8fF5thexFznN5SFU9d79y5e2wlB/Mat ScYVkDcc/r5Vx2V2bq9CshRzIjWx6rq0Zg6/w8mDwEaJFuElUhJMTK0rY+WpStlW NkAg/WtQqs+Vmrsl6b9Zj/WYvXELD+7E367mWfWR3f1hlXFjTJEf/PqF/7Uk+HrG adz29Jl+vErx84XMqp5a40dCvZs0yXEahFP+LM7bgkPGYRAVZHVLL6NNon0AQREP mLC1DLmVWL181KEcYVaOTfAxNRwEPYmHre81jY+hwlVXID7s1pWFCH5RQRaSQxxr xUQ= -----END CERTIFICATE-----Generated at Sat Dec 6 20:19:09 2025 by rpki-client