This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa File: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (raw, json) Hash identifier: qLO88qp7c2s4Z3DM/v7ca2RqAiy3+QgoqShI6F87ae4= Subject key identifier: D2:E8:6D:36:18:70:BA:1A:2D:4C:06:D6:F5:D4:AC:14:A1:84:1F:CF Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 61FC9602A25EAAAC3DC63BCCDE4EBE9BB9DF804C Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa Signing time: Wed 12 Nov 2025 00:01:05 +0000 ROA not before: Wed 12 Nov 2025 00:01:05 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:fc:96:02:a2:5e:aa:ac:3d:c6:3b:cc:de:4e:be:9b:b9:df:80:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Nov 12 00:01:05 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=88c725a638fb1062747b7f2793c4a1e79e13433f460c08e55f3315b11d1caccd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d3:6a:47:26:b5:9f:3e:d3:13:dc:32:a7:78: b0:28:de:f1:f0:04:b8:10:0b:34:ba:97:69:33:4b: ae:bf:14:24:d9:1a:f1:b6:ed:9d:c0:31:fe:4a:a2: ea:7d:d7:8f:33:4d:e5:34:fb:63:ff:05:6d:b6:61: 37:29:83:61:cf:90:e0:29:b8:e1:25:22:07:ce:e9: 24:17:7d:88:25:fb:e5:25:b3:6d:af:32:d1:c6:5b: 58:7f:d1:2e:d9:2c:fa:77:2c:ea:c9:51:16:b8:65: 42:be:4d:ab:9e:9a:9a:cd:87:ff:6b:c3:eb:b5:e7: f7:4b:ce:29:b3:c5:43:2f:8c:d7:fc:15:02:8d:67: 4f:5d:12:3c:66:1c:6f:84:61:2d:76:17:bc:69:ac: 99:72:cc:05:38:0f:71:9c:a3:1c:77:c3:cb:d5:0e: 80:91:b4:ec:d4:55:82:2a:f1:e5:25:2d:ac:39:f6: 57:79:7d:2a:fa:fd:de:2d:7f:d1:2f:eb:27:10:f0: ee:65:a6:d8:fe:15:c3:7d:2b:dc:de:1f:aa:25:13: e2:33:3e:f4:c2:82:fe:5d:1a:e9:cd:fc:aa:bc:4c: f3:0c:46:44:9b:e5:f9:fb:e8:9a:3b:7b:e1:9b:42: 14:ba:a9:11:a4:34:61:78:81:6b:10:0d:83:c2:0e: 82:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:E8:6D:36:18:70:BA:1A:2D:4C:06:D6:F5:D4:AC:14:A1:84:1F:CF X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 14:8d:d3:50:36:dd:f8:64:dc:ba:8b:2e:e7:74:4f:ba:aa:5b: 0c:6b:7c:34:12:00:49:60:96:57:c0:94:f9:dd:1a:2c:12:a4: e5:1a:9d:9b:4d:40:51:b6:d3:1d:62:5b:55:1c:e6:61:6f:bf: f3:80:b4:71:92:ec:20:ae:96:4a:72:f4:34:33:87:9a:33:af: fd:c0:27:cb:64:8f:f5:88:d5:b9:78:1d:0e:00:45:b2:f8:65: a9:72:18:88:57:32:f7:3f:aa:a6:9a:00:9e:5a:a2:34:03:0e: c9:1a:3b:23:c7:ef:75:b5:2b:4c:06:77:40:74:01:8a:d8:af: ff:74:ac:9f:b7:d4:9c:14:08:8b:c5:58:19:b4:14:9e:0c:23: c0:fe:ca:fb:c8:c8:72:14:db:4e:c3:99:a4:f6:e6:3c:77:c9: 7d:68:fd:fe:44:a9:63:89:19:78:9f:04:de:2b:73:6f:db:c2: d3:40:9e:8f:b3:45:52:df:60:97:cb:2b:70:87:6c:14:1d:79: 27:73:1d:c6:20:d7:86:dc:91:08:ad:fa:5e:c6:d0:e4:95:1d: 5b:13:dc:d2:51:5f:a4:82:22:59:41:e8:d0:f2:09:57:b3:35: 01:64:0d:13:59:89:64:e9:42:5a:cf:af:42:4f:b4:15:12:d9: 57:ac:47:3c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYfyWAqJeqqw9xjvM3k6+m7nfgEwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTExMjAwMDEwNVoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAODhjNzI1YTYzOGZiMTA2Mjc0N2I3 ZjI3OTNjNGExZTc5ZTEzNDMzZjQ2MGMwOGU1NWYzMzE1YjExZDFjYWNjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9NqRya1nz7TE9wyp3iwKN7x8AS4 EAs0updpM0uuvxQk2Rrxtu2dwDH+SqLqfdePM03lNPtj/wVttmE3KYNhz5DgKbjh JSIHzukkF32IJfvlJbNtrzLRxltYf9Eu2Sz6dyzqyVEWuGVCvk2rnpqazYf/a8Pr tef3S84ps8VDL4zX/BUCjWdPXRI8ZhxvhGEtdhe8aayZcswFOA9xnKMcd8PL1Q6A kbTs1FWCKvHlJS2sOfZXeX0q+v3eLX/RL+snEPDuZabY/hXDfSvc3h+qJRPiMz70 woL+XRrpzfyqvEzzDEZEm+X5++iaO3vhm0IUuqkRpDRheIFrEA2Dwg6CCQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNLobTYYcLoaLUwG1vXUrBShhB/PMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJlNDBlZTBiLTlhYTktNDkxOS1hMDc5LTk3MTIyMTJlMTI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/joMA0GCSqGSIb3DQEBCwUAA4IBAQAUjdNQNt34ZNy6iy7ndE+6 qlsMa3w0EgBJYJZXwJT53RosEqTlGp2bTUBRttMdYltVHOZhb7/zgLRxkuwgrpZK cvQ0M4eaM6/9wCfLZI/1iNW5eB0OAEWy+GWpchiIVzL3P6qmmgCeWqI0Aw7JGjsj x+91tStMBndAdAGK2K//dKyft9ScFAiLxVgZtBSeDCPA/sr7yMhyFNtOw5mk9uY8 d8l9aP3+RKljiRl4nwTeK3Nv28LTQJ6Ps0VS32CXyytwh2wUHXkncx3GINeG3JEI rfpextDklR1bE9zSUV+kgiJZQejQ8glXszUBZA0TWYlk6UJaz69CT7QVEtlXrEc8 -----END CERTIFICATE-----Generated at Sat Dec 6 09:57:22 2025 by rpki-client