This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa File: 2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa (raw, json) Hash identifier: xgLxrQU7DorLHlcd7hEaNwShaYzS6gXCpS5EZ+v/sYM= Subject key identifier: 9E:8B:E0:44:8A:2A:D8:04:54:61:72:A8:7F:C7:5B:22:30:5D:88:24 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E7FF95E48BBE4B91001653F142D0DC396005FB6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa Signing time: Wed 26 Nov 2025 00:00:35 +0000 ROA not before: Wed 26 Nov 2025 00:00:35 +0000 ROA not after: Tue 24 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:7f:f9:5e:48:bb:e4:b9:10:01:65:3f:14:2d:0d:c3:96:00:5f:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 26 00:00:35 2025 GMT Not After : Feb 24 23:59:59 2026 GMT Subject: serialNumber=3a8659e6ddb38187b696eafbe32ebec9e8e4d44ea7349613c2ffa6432880a055, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:63:93:65:3f:7d:68:68:a2:d1:94:16:d4:7c: 59:45:7b:c1:20:61:7f:7c:e3:4c:7c:52:94:3a:b0: 10:48:11:4c:b9:38:0b:f2:f2:74:b0:75:db:01:6c: ad:38:2f:f2:3d:4b:82:e5:3b:68:63:ec:2f:e9:5e: 89:e1:54:fa:8a:d4:6d:24:51:9a:24:96:4d:26:b0: b4:02:2d:60:92:24:54:29:77:a8:fe:b7:6c:ac:de: 3c:5c:d0:45:11:45:a0:32:4f:e1:9f:16:e9:c1:0f: 70:96:d8:2f:31:97:de:01:d4:99:aa:6d:15:f1:ba: db:28:0b:a2:d9:d4:14:be:89:6a:7f:b7:0a:3e:be: a3:b4:6f:e7:5f:33:ab:bc:1f:6f:1d:61:b4:b9:a6: 37:69:be:94:90:26:50:47:08:19:0b:82:7a:e8:4b: ea:b6:10:fb:4f:00:fd:3d:2d:89:2c:ae:30:8e:1a: ff:45:ce:df:6d:72:3c:fe:58:7f:fb:1c:68:48:82: a6:de:30:f9:3f:dd:9b:4b:5a:16:50:4d:02:7f:1d: 73:eb:2b:68:a0:2c:52:50:36:66:f0:b4:e1:66:d1: 73:d0:5e:be:07:4b:05:e9:30:d4:54:46:59:39:97: 42:ff:bf:fc:4d:68:5a:69:c8:7a:f2:d1:4d:02:49: a0:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:8B:E0:44:8A:2A:D8:04:54:61:72:A8:7F:C7:5B:22:30:5D:88:24 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9::/32 Signature Algorithm: sha256WithRSAEncryption 49:18:9e:39:ed:e7:1b:da:dc:bb:01:bf:68:09:d7:02:4b:02: 65:46:16:b5:e6:ac:a3:f9:c9:19:00:87:0a:47:40:0e:b0:47: 92:69:4d:09:06:bd:12:5f:8d:87:ec:73:c4:da:7f:d8:ea:d2: 93:0e:fe:8f:20:32:3b:44:3a:32:25:8e:78:05:c6:8e:04:2f: 78:9e:bc:8e:9e:23:e2:7d:9f:1b:43:e8:40:72:ba:6c:c9:e2: 24:81:07:e8:f0:3d:42:d9:c6:54:34:28:72:58:46:50:9f:7e: 53:81:a4:16:87:68:89:e9:94:8f:2e:38:dd:d7:79:2b:02:ca: ac:5e:14:36:ae:07:df:16:02:83:31:8f:69:c9:56:65:0a:41: 1d:4c:e4:42:78:37:44:d0:a5:71:72:60:24:20:b6:1f:61:c5: ce:49:3a:b0:51:7b:d4:d2:d4:fc:13:16:f5:db:58:15:a4:c7: 2c:85:1d:1f:cb:b1:ac:74:99:3f:35:11:6f:ff:b1:d1:06:5a: 08:e4:5e:2a:21:72:ce:fe:95:42:02:ac:e0:d7:48:ea:bc:b1: 25:81:8b:ba:a7:24:d3:98:28:9c:d1:ea:18:c5:c4:7d:9f:6f: ad:18:58:af:5d:33:8c:8c:88:cb:e0:2d:6a:69:cf:45:91:c7: 3d:9c:d5:fb -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUPn/5Xki75LkQAWU/FC0Nw5YAX7YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyNjAwMDAzNVoX DTI2MDIyNDIzNTk1OVowejFJMEcGA1UEBRNAM2E4NjU5ZTZkZGIzODE4N2I2OTZl YWZiZTMyZWJlYzllOGU0ZDQ0ZWE3MzQ5NjEzYzJmZmE2NDMyODgwYTA1NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGOTZT99aGii0ZQW1HxZRXvBIGF/ fONMfFKUOrAQSBFMuTgL8vJ0sHXbAWytOC/yPUuC5TtoY+wv6V6J4VT6itRtJFGa JJZNJrC0Ai1gkiRUKXeo/rdsrN48XNBFEUWgMk/hnxbpwQ9wltgvMZfeAdSZqm0V 8brbKAui2dQUvolqf7cKPr6jtG/nXzOrvB9vHWG0uaY3ab6UkCZQRwgZC4J66Evq thD7TwD9PS2JLK4wjhr/Rc7fbXI8/lh/+xxoSIKm3jD5P92bS1oWUE0Cfx1z6yto oCxSUDZm8LThZtFz0F6+B0sF6TDUVEZZOZdC/7/8TWhaach68tFNAkmgwQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFJ6L4ESKKtgEVGFyqH/HWyIwXYgkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkODJkNjhjLWI2NjAtNDAxOC05ZmIxLWE5NmM5ZmRkNzc5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba+TANBgkqhkiG9w0BAQsFAAOCAQEASRieOe3nG9rcuwG/aAnX AksCZUYWteaso/nJGQCHCkdADrBHkmlNCQa9El+Nh+xzxNp/2OrSkw7+jyAyO0Q6 MiWOeAXGjgQveJ68jp4j4n2fG0PoQHK6bMniJIEH6PA9QtnGVDQoclhGUJ9+U4Gk FodoiemUjy443dd5KwLKrF4UNq4H3xYCgzGPaclWZQpBHUzkQng3RNClcXJgJCC2 H2HFzkk6sFF71NLU/BMW9dtYFaTHLIUdH8uxrHSZPzURb/+x0QZaCOReKiFyzv6V QgKs4NdI6ryxJYGLuqck05gonNHqGMXEfZ9vrRhYr10zjIyIy+AtamnPRZHHPZzV +w== -----END CERTIFICATE-----Generated at Sat Dec 6 10:55:20 2025 by rpki-client