This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa File: 2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa (raw, json) Hash identifier: qW1MdhmC3SlEEGM/5cUoQhTUuYAH0LiNbemZ0UW9Wlc= Subject key identifier: B0:96:92:05:CB:81:E4:1C:7E:71:0C:F7:20:66:D2:8E:EA:D6:AD:14 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 473BD9C21AA37566D84169969EF84174C5888D82 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa Signing time: Tue 02 Dec 2025 00:10:08 +0000 ROA not before: Tue 02 Dec 2025 00:10:08 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:b040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:3b:d9:c2:1a:a3:75:66:d8:41:69:96:9e:f8:41:74:c5:88:8d:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:10:08 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=431606c44067bb992a5a2a2209dcb45c4d673c8cf9935a1fbea62fbffb61f1bc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:34:f5:d8:c5:4c:f1:35:5b:fd:cb:05:2e:bd: 5a:e9:dd:90:11:bf:82:20:7c:0a:73:d4:8d:cb:f9: 55:c3:2a:4a:25:7c:d7:a2:d8:11:ff:ce:f3:7f:98: 75:95:a8:05:43:8b:7e:a8:72:8c:dd:5e:b7:20:ee: 9f:26:79:15:6d:2d:01:83:65:7f:bb:e5:7a:56:4e: 5f:41:bb:91:10:8e:1d:fc:76:48:8e:63:a9:d2:ad: 15:ac:e1:4e:33:cb:4d:48:86:ee:92:48:b9:5d:b1: f7:65:37:a2:9a:70:cb:82:50:d3:c2:f4:0f:63:b8: cc:de:cf:dc:91:dd:95:1d:ed:5f:8b:fe:2c:03:f5: 76:94:62:33:4c:e9:69:2f:ee:dc:1e:27:18:01:03: a4:be:33:8c:60:86:c8:0d:39:9c:18:67:f6:72:a2: 82:05:30:47:d0:29:16:e0:04:01:83:73:a4:a8:47: a7:83:d0:24:ce:82:3a:72:be:75:bc:96:2d:d7:0e: f4:a6:1e:7b:dd:12:d7:18:c6:ec:98:f4:50:4f:88: f5:3a:a5:0b:ed:b6:a9:1e:52:8c:32:0a:2e:65:ce: 71:c3:9d:c7:f0:21:2c:78:ef:00:51:a6:86:e4:4e: 57:11:18:25:5e:74:3f:13:99:84:61:1e:a6:6d:e3: 46:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:96:92:05:CB:81:E4:1C:7E:71:0C:F7:20:66:D2:8E:EA:D6:AD:14 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:b040::/48 Signature Algorithm: sha256WithRSAEncryption 25:04:7b:df:6a:63:9d:b3:20:e7:ac:04:96:ee:ac:9b:d5:71: 07:fd:e0:29:cb:99:1c:e3:c1:f3:f2:15:a0:97:c2:c8:b8:d0: 45:c7:28:78:56:5e:a3:28:97:25:ea:d5:6c:91:ab:95:6f:de: de:19:e8:5a:d5:ed:b6:40:b1:ed:73:a1:ad:5d:52:a0:b4:ac: 88:78:11:42:f9:9d:40:11:57:f1:64:fb:3f:72:b4:87:b6:63: 37:61:c4:26:81:e6:9c:55:86:d7:25:1e:bf:cb:4d:58:d4:15: ce:88:cb:09:97:ad:7d:e3:e8:16:9b:4d:bd:ec:ca:30:9b:51: 47:be:b8:1e:eb:92:b8:10:78:e6:18:93:7c:49:7f:c0:99:ab: 61:28:d2:45:30:22:7c:71:51:de:76:5f:be:9b:eb:c2:17:cf: 21:c8:89:ed:fe:3b:b1:66:0a:ad:98:12:1b:98:57:7a:15:bd: 8d:02:af:80:42:39:4a:67:ad:5a:d7:d5:70:82:73:78:7d:ee: bc:2d:94:bb:75:72:f3:5e:fb:6d:6f:7f:d0:27:ff:9a:39:32: 70:8e:07:21:b9:4e:1d:e3:9e:2e:72:fb:41:7b:0c:ae:d4:8f: 58:b9:3f:63:a0:cd:7d:bb:00:52:8a:31:66:f0:09:5d:c4:e5: c3:cf:fe:30 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURzvZwhqjdWbYQWmWnvhBdMWIjYIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMTAwOFoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNANDMxNjA2YzQ0MDY3YmI5OTJhNWEy YTIyMDlkY2I0NWM0ZDY3M2M4Y2Y5OTM1YTFmYmVhNjJmYmZmYjYxZjFiYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTT12MVM8TVb/csFLr1a6d2QEb+C IHwKc9SNy/lVwypKJXzXotgR/87zf5h1lagFQ4t+qHKM3V63IO6fJnkVbS0Bg2V/ u+V6Vk5fQbuREI4d/HZIjmOp0q0VrOFOM8tNSIbukki5XbH3ZTeimnDLglDTwvQP Y7jM3s/ckd2VHe1fi/4sA/V2lGIzTOlpL+7cHicYAQOkvjOMYIbIDTmcGGf2cqKC BTBH0CkW4AQBg3OkqEeng9AkzoI6cr51vJYt1w70ph573RLXGMbsmPRQT4j1OqUL 7bapHlKMMgouZc5xw53H8CEseO8AUaaG5E5XERglXnQ/E5mEYR6mbeNGkwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLCWkgXLgeQcfnEM9yBm0o7q1q0UMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJmNzIyZWQxLWMyZDMtNGYzNC05M2RiLWYyNjI1ZTdlMTg5YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8rBAMA0GCSqGSIb3DQEBCwUAA4IBAQAlBHvfamOdsyDnrASW 7qyb1XEH/eApy5kc48Hz8hWgl8LIuNBFxyh4Vl6jKJcl6tVskauVb97eGeha1e22 QLHtc6GtXVKgtKyIeBFC+Z1AEVfxZPs/crSHtmM3YcQmgeacVYbXJR6/y01Y1BXO iMsJl6194+gWm0297Mowm1FHvrge65K4EHjmGJN8SX/AmathKNJFMCJ8cVHedl++ m+vCF88hyInt/juxZgqtmBIbmFd6Fb2NAq+AQjlKZ61a19VwgnN4fe68LZS7dXLz Xvttb3/QJ/+aOTJwjgchuU4d454ucvtBewyu1I9YuT9joM19uwBSijFm8AldxOXD z/4w -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:54 2025 by rpki-client