This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa File: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (raw, json) Hash identifier: SJqKkWWRvucxATk3ukMocmr0mgKOOzXgxD5oqLLbpSM= Subject key identifier: A9:01:0C:0E:1A:F6:05:A5:56:AC:3E:16:62:0B:CE:07:7A:A2:08:77 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 39603DC2FBB5B720256F39D159DDD4EABDB56683 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa Signing time: Thu 13 Nov 2025 00:00:13 +0000 ROA not before: Thu 13 Nov 2025 00:00:13 +0000 ROA not after: Thu 18 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 160.235.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:60:3d:c2:fb:b5:b7:20:25:6f:39:d1:59:dd:d4:ea:bd:b5:66:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Nov 13 00:00:13 2025 GMT Not After : Dec 18 23:59:59 2025 GMT Subject: serialNumber=9ab407ea050a99ae9dec3c9e807aa1a82c7471a309783e72c8bb9733ca47c4e8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:fc:d5:15:cb:d1:79:0f:3b:e9:7f:c4:d1:f5: 53:1e:01:8f:35:63:1c:df:e7:5c:02:9e:2e:2d:db: 55:21:12:5d:c9:9b:13:08:18:45:47:56:8a:77:81: 49:45:ca:1d:af:89:c1:73:99:d6:8a:e0:4a:31:f4: 07:79:34:12:52:17:4b:4c:b9:90:a9:c2:22:12:4c: 72:22:54:05:a8:b4:4d:96:f7:ed:da:bc:e8:ad:9c: 83:92:42:e6:96:ad:26:9c:9d:48:15:a4:66:97:89: ce:59:56:76:99:d9:f9:a2:b7:e9:76:6d:f7:a8:0a: e5:f9:82:e4:6e:9c:dc:30:a2:4d:80:5d:50:6f:8b: 00:d5:33:f3:ac:fc:e2:eb:d2:9e:5f:2d:15:11:06: 60:17:b2:cb:c1:3d:b9:cf:0d:d8:1e:07:b2:19:65: 4b:04:72:57:bd:21:93:2e:04:27:a3:86:46:2a:71: 00:06:21:34:8a:41:d7:d5:40:78:51:17:5b:5c:d0: 7b:52:71:42:ea:f8:d6:2b:ff:06:84:29:e7:8e:7b: af:76:e7:b1:08:d1:38:27:9f:14:1a:1d:38:8d:b6: 54:0c:a4:46:27:e2:60:81:d0:64:e1:8f:4f:bd:4e: 98:f5:b4:61:d5:1f:ac:9d:d8:46:a2:85:38:2c:33: 2d:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:01:0C:0E:1A:F6:05:A5:56:AC:3E:16:62:0B:CE:07:7A:A2:08:77 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.235.0.0/16 Signature Algorithm: sha256WithRSAEncryption 3e:a6:10:1e:02:f7:71:41:07:5b:ee:95:3d:60:40:ba:e2:5b: 58:df:66:ed:49:dd:21:2b:24:50:1b:9d:20:ba:42:08:d9:c3: 5b:96:43:62:77:75:39:fd:c3:fa:4f:ab:c0:5e:17:d9:b9:79: ac:b5:bd:52:65:3a:ff:93:11:ea:e5:c4:22:59:d9:36:bf:d3: 72:29:8b:54:17:1b:6b:47:eb:3c:2d:e8:d4:a0:1f:e2:5b:ab: 29:82:ec:45:84:ec:4f:4f:7b:d1:e3:5b:c9:2a:99:5f:00:8d: 78:45:48:01:96:15:8e:31:b5:1b:2a:d3:53:6a:f5:9b:fe:be: 67:04:dc:33:ae:49:ab:75:3a:b5:81:d4:57:2a:8d:a5:77:16: fe:2e:47:0b:d5:96:37:dd:b9:36:ea:85:40:bc:bc:e1:c9:f7: 99:64:9e:2d:96:0a:51:2f:21:d7:82:fa:01:2a:16:17:7e:0f: 1a:e1:c2:15:6d:43:41:9b:1b:81:aa:66:ae:22:9a:bb:e1:a8: 07:65:b6:38:d2:f1:bb:d4:62:6e:7d:97:dc:30:34:5f:d1:b6: ce:b3:08:06:29:eb:63:28:03:58:3d:dd:81:c1:c6:d0:29:3c: ea:a0:6d:dd:50:f1:87:f2:42:a9:cb:ec:4f:60:10:d5:91:e7: c1:00:40:74 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUOWA9wvu1tyAlbznRWd3U6r21ZoMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTExMzAwMDAxM1oX DTI1MTIxODIzNTk1OVowejFJMEcGA1UEBRNAOWFiNDA3ZWEwNTBhOTlhZTlkZWMz YzllODA3YWExYTgyYzc0NzFhMzA5NzgzZTcyYzhiYjk3MzNjYTQ3YzRlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPzVFcvReQ876X/E0fVTHgGPNWMc 3+dcAp4uLdtVIRJdyZsTCBhFR1aKd4FJRcodr4nBc5nWiuBKMfQHeTQSUhdLTLmQ qcIiEkxyIlQFqLRNlvft2rzorZyDkkLmlq0mnJ1IFaRml4nOWVZ2mdn5orfpdm33 qArl+YLkbpzcMKJNgF1Qb4sA1TPzrPzi69KeXy0VEQZgF7LLwT25zw3YHgeyGWVL BHJXvSGTLgQno4ZGKnEABiE0ikHX1UB4URdbXNB7UnFC6vjWK/8GhCnnjnuvduex CNE4J58UGh04jbZUDKRGJ+JggdBk4Y9PvU6Y9bRh1R+sndhGooU4LDMtnwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFKkBDA4a9gWlVqw+FmILzgd6ogh3MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNkMWZiMWM3LTYxNDAtNGM1Ny05MjhmLTFhNTk1ODZmOWUyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAoOswDQYJKoZIhvcNAQELBQADggEBAD6mEB4C93FBB1vulT1gQLri W1jfZu1J3SErJFAbnSC6QgjZw1uWQ2J3dTn9w/pPq8BeF9m5eay1vVJlOv+TEerl xCJZ2Ta/03Ipi1QXG2tH6zwt6NSgH+JbqymC7EWE7E9Pe9HjW8kqmV8AjXhFSAGW FY4xtRsq01Nq9Zv+vmcE3DOuSat1OrWB1FcqjaV3Fv4uRwvVljfduTbqhUC8vOHJ 95lkni2WClEvIdeC+gEqFhd+DxrhwhVtQ0GbG4GqZq4imrvhqAdltjjS8bvUYm59 l9wwNF/Rts6zCAYp62MoA1g93YHBxtApPOqgbd1Q8YfyQqnL7E9gENWR58EAQHQ= -----END CERTIFICATE-----Generated at Sat Dec 6 17:49:45 2025 by rpki-client