This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa File: 328cea91-878c-4f36-ad16-29b649a79487.roa (raw, json) Hash identifier: u/73Q3oMaKyNm9V4FcIKwKYUMYSx58h2vPA7s3X4WNY= Subject key identifier: CD:09:95:E0:82:B3:E0:AC:63:32:5C:15:0D:F8:92:53:CE:5D:C5:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 48FAC9AB47F807E05B15FD57C63B09D7E0EFFB50 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa Signing time: Wed 03 Dec 2025 00:10:11 +0000 ROA not before: Wed 03 Dec 2025 00:10:11 +0000 ROA not after: Tue 03 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:fa:c9:ab:47:f8:07:e0:5b:15:fd:57:c6:3b:09:d7:e0:ef:fb:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 3 00:10:11 2025 GMT Not After : Mar 3 23:59:59 2026 GMT Subject: serialNumber=69058f65ecb57ec23addd455b61a8b6609068c2ba1afd93040dbc64b29194e42, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ad:c1:5f:95:8a:7f:c6:52:76:92:41:c2:3a: cc:5e:73:38:23:74:69:97:f7:ef:cf:ec:85:66:df: 23:7c:56:3f:95:f7:7e:4e:1d:64:97:f3:cf:fa:19: 3b:95:b4:18:28:73:ef:61:60:1d:b1:83:89:40:37: 7a:66:01:bc:68:a7:c9:05:f1:d2:e4:c5:9b:74:63: 7d:2d:9a:b4:b2:ac:3f:1b:c4:ba:86:07:74:8a:f8: 41:28:d3:27:c8:04:dd:ee:50:5e:8a:6e:7a:46:54: de:00:e0:04:02:c4:c3:fe:8f:eb:1a:5f:c3:36:a0: e7:24:05:ee:2b:8e:f2:54:c4:ce:87:dd:70:34:71: ab:9c:f3:38:e5:c3:15:13:23:61:78:f6:13:ec:cc: a6:5f:14:06:2c:96:67:b7:a6:5f:3d:7c:4e:52:49: 32:92:ea:5b:97:d9:a8:9f:b0:d1:9b:2a:02:41:33: 67:42:c4:57:54:c1:7a:b3:f6:86:54:3a:3f:70:a2: 9f:b9:42:b6:3d:5e:ef:74:ac:74:75:16:ea:6c:89: ad:81:d7:db:a9:7d:96:a0:8b:92:53:d0:b5:be:86: 46:c6:99:b0:1a:9a:79:1c:aa:f1:de:78:29:85:e5: c4:e3:f1:8b:65:e8:5f:87:bf:6a:6f:a2:0a:e5:4c: c4:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:09:95:E0:82:B3:E0:AC:63:32:5C:15:0D:F8:92:53:CE:5D:C5:B7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption 2a:96:ae:45:ca:99:ce:07:90:0b:94:45:41:e3:1c:9e:a7:6f: 59:f0:36:8c:f4:75:71:fd:94:09:98:63:63:44:3e:5c:64:ab: c4:69:cd:8c:4a:f2:e4:48:3f:98:2f:66:d2:3f:e1:9b:46:1c: f2:63:00:6c:02:48:4b:c5:19:40:3c:71:3c:d5:71:03:f9:6e: 6c:04:e2:97:a3:5f:7c:2a:ea:cf:9f:d6:e7:9f:91:17:cd:26: 7a:73:96:2c:16:61:31:2f:ce:35:8b:4d:af:b0:73:cf:46:69: 2b:9a:88:e2:51:08:29:06:c4:75:56:83:48:2d:28:bc:52:5e: 25:ba:43:84:15:4f:4d:c3:64:34:33:0a:46:ba:c1:4b:2d:fa: 7f:46:2b:1c:c4:f1:ee:32:5c:44:dd:ba:e7:2d:ea:15:a8:a4: e5:64:b8:af:73:2a:74:3f:a9:e2:65:68:13:34:87:f9:4e:66: 14:03:64:06:77:eb:1d:8b:ee:5b:06:87:c9:6f:96:1c:41:99: 82:b8:a8:45:64:c4:fb:7d:b6:97:3c:b7:9c:74:0b:d9:e6:4a: 7d:82:5b:93:4d:1a:1d:da:3c:d2:b1:13:f0:80:77:c0:2b:1c: 3b:33:90:46:25:c5:4a:4e:4c:77:6f:b0:4c:f7:5a:54:48:7d: 82:f1:03:f6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSPrJq0f4B+BbFf1XxjsJ1+Dv+1AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMzAwMTAxMVoX DTI2MDMwMzIzNTk1OVowejFJMEcGA1UEBRNANjkwNThmNjVlY2I1N2VjMjNhZGRk NDU1YjYxYThiNjYwOTA2OGMyYmExYWZkOTMwNDBkYmM2NGIyOTE5NGU0MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK3BX5WKf8ZSdpJBwjrMXnM4I3Rp l/fvz+yFZt8jfFY/lfd+Th1kl/PP+hk7lbQYKHPvYWAdsYOJQDd6ZgG8aKfJBfHS 5MWbdGN9LZq0sqw/G8S6hgd0ivhBKNMnyATd7lBeim56RlTeAOAEAsTD/o/rGl/D NqDnJAXuK47yVMTOh91wNHGrnPM45cMVEyNhePYT7MymXxQGLJZnt6ZfPXxOUkky kupbl9mon7DRmyoCQTNnQsRXVMF6s/aGVDo/cKKfuUK2PV7vdKx0dRbqbImtgdfb qX2WoIuSU9C1voZGxpmwGpp5HKrx3ngpheXE4/GLZehfh79qb6IK5UzEMwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFM0JleCCs+CsYzJcFQ34klPOXcW3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyOGNlYTkxLTg3OGMtNGYzNi1hZDE2LTI5YjY0OWE3OTQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8jAMA0GCSqGSIb3DQEBCwUAA4IBAQAqlq5FypnOB5ALlEVB 4xyep29Z8DaM9HVx/ZQJmGNjRD5cZKvEac2MSvLkSD+YL2bSP+GbRhzyYwBsAkhL xRlAPHE81XED+W5sBOKXo198KurPn9bnn5EXzSZ6c5YsFmExL841i02vsHPPRmkr mojiUQgpBsR1VoNILSi8Ul4lukOEFU9Nw2Q0MwpGusFLLfp/RiscxPHuMlxE3brn LeoVqKTlZLivcyp0P6niZWgTNIf5TmYUA2QGd+sdi+5bBofJb5YcQZmCuKhFZMT7 fbaXPLecdAvZ5kp9gluTTRod2jzSsRPwgHfAKxw7M5BGJcVKTkx3b7BM91pUSH2C 8QP2 -----END CERTIFICATE-----Generated at Sat Dec 6 10:04:37 2025 by rpki-client