This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa File: 42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa (raw, json) Hash identifier: f0KLPiWtc6swnkJIViUQ1mCXmKCOvSG/QfOQPFIY2jQ= Subject key identifier: 8A:AC:9A:C1:00:BC:2C:D9:B4:34:3A:C2:03:A7:8A:EE:94:30:C8:DB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 024D5DD518325284932D11CA98FE21B11CE4552E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa Signing time: Sun 30 Nov 2025 00:01:45 +0000 ROA not before: Sun 30 Nov 2025 00:01:45 +0000 ROA not after: Sat 28 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:4d:5d:d5:18:32:52:84:93:2d:11:ca:98:fe:21:b1:1c:e4:55:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 30 00:01:45 2025 GMT Not After : Feb 28 23:59:59 2026 GMT Subject: serialNumber=4d7291b6578892b8391b9c38bd6a0324495e2014d1412d435dc77ea0f12a41a6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:da:16:e7:96:3e:1b:8c:23:98:6f:8c:51:61: b6:c5:cd:84:02:88:ef:d7:cc:cb:d7:ae:69:29:8c: 00:47:2f:be:36:67:b0:03:71:ac:f0:32:e6:6b:b2: 4e:27:c8:d8:19:ae:5d:a7:50:f9:b9:71:33:4f:37: 26:2c:4e:66:9a:b8:cc:26:e3:bf:b3:85:89:dc:97: 6c:b6:47:53:8f:3b:77:e1:7d:73:e4:bd:b9:14:c3: 53:d8:21:46:19:2b:18:2a:66:b8:f0:33:2b:09:c1: 84:06:1f:db:16:10:1e:a7:a3:57:a1:b7:f8:69:40: 98:90:78:b5:bb:07:a1:e4:7f:b3:c0:e3:a3:58:05: 00:02:57:eb:f8:4f:5c:ca:b8:32:a1:ce:2e:62:bc: b3:8d:0e:81:53:e8:5e:7e:12:e2:05:6b:2b:a5:a5: 66:28:39:66:43:fa:bb:5e:ac:1e:69:4e:c0:95:fc: cf:79:9f:f1:ea:a9:04:35:fd:ba:02:84:3c:f7:91: 5c:d8:f5:4a:40:ba:d3:3c:95:09:cb:da:fa:ac:76: a8:67:c6:05:5b:51:6c:fd:62:27:21:45:13:d0:87: dc:85:92:49:4a:96:d0:60:d5:8b:b8:3b:de:97:44: ed:50:08:11:64:44:d5:22:db:58:86:18:a9:f0:d2: 05:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:AC:9A:C1:00:BC:2C:D9:B4:34:3A:C2:03:A7:8A:EE:94:30:C8:DB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 43:98:9e:65:0b:0a:67:34:48:29:ec:c3:ca:ee:9a:1d:80:c8: de:e9:6d:34:50:c8:4e:3e:23:17:37:40:c6:31:34:7a:11:18: a0:3f:11:13:da:fd:a6:4f:e1:e6:ce:1d:8b:ba:53:a2:0a:8b: c4:fd:3c:df:37:a4:74:7e:17:f1:d3:00:47:cd:6e:dc:ae:d9: 30:d1:4b:b9:f3:e8:dd:cb:01:3d:33:8e:1f:ba:65:af:81:6b: e5:e8:1f:cf:13:1b:72:f7:ce:d6:5e:2d:8a:fe:f8:37:2e:e6: 9d:e9:9b:07:8a:81:6d:05:00:48:09:7a:70:e7:bc:64:53:ef: 73:c9:7e:1e:84:38:b3:e6:1b:3d:8c:fb:73:fa:ca:b8:3b:81: e6:0b:4d:57:a2:91:14:35:dc:13:f5:cf:c3:71:62:28:f5:d5: 4a:e3:a2:7d:d5:f6:d8:79:9f:ab:00:86:d1:9e:15:9b:27:b8: 69:6a:41:8b:b9:8f:2f:bf:23:d3:23:f7:e7:22:83:35:e5:87: eb:eb:91:60:66:fd:a9:40:97:10:6c:7d:2f:7e:77:66:60:b4: 74:d4:d6:27:58:80:72:77:ee:51:a6:6e:46:36:f6:4e:21:ff: 41:f5:af:f0:f0:d3:ad:e7:e5:c1:44:b2:01:a3:cc:03:a0:bc: 0a:bc:df:55 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAk1d1RgyUoSTLRHKmP4hsRzkVS4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEzMDAwMDE0NVoX DTI2MDIyODIzNTk1OVowejFJMEcGA1UEBRNANGQ3MjkxYjY1Nzg4OTJiODM5MWI5 YzM4YmQ2YTAzMjQ0OTVlMjAxNGQxNDEyZDQzNWRjNzdlYTBmMTJhNDFhNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdoW55Y+G4wjmG+MUWG2xc2EAojv 18zL165pKYwARy++NmewA3Gs8DLma7JOJ8jYGa5dp1D5uXEzTzcmLE5mmrjMJuO/ s4WJ3JdstkdTjzt34X1z5L25FMNT2CFGGSsYKma48DMrCcGEBh/bFhAep6NXobf4 aUCYkHi1uweh5H+zwOOjWAUAAlfr+E9cyrgyoc4uYryzjQ6BU+hefhLiBWsrpaVm KDlmQ/q7XqweaU7AlfzPeZ/x6qkENf26AoQ895Fc2PVKQLrTPJUJy9r6rHaoZ8YF W1Fs/WInIUUT0IfchZJJSpbQYNWLuDvel0TtUAgRZETVIttYhhip8NIFLQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIqsmsEAvCzZtDQ6wgOniu6UMMjbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyZmQ1YTk2LTIxZTktNGVmOC1iMjdmLTVhN2Y5OTZiODRkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8uDAMA0GCSqGSIb3DQEBCwUAA4IBAQBDmJ5lCwpnNEgp7MPK 7podgMje6W00UMhOPiMXN0DGMTR6ERigPxET2v2mT+Hmzh2LulOiCovE/TzfN6R0 fhfx0wBHzW7crtkw0Uu58+jdywE9M44fumWvgWvl6B/PExty987WXi2K/vg3Luad 6ZsHioFtBQBICXpw57xkU+9zyX4ehDiz5hs9jPtz+sq4O4HmC01XopEUNdwT9c/D cWIo9dVK46J91fbYeZ+rAIbRnhWbJ7hpakGLuY8vvyPTI/fnIoM15Yfr65FgZv2p QJcQbH0vfndmYLR01NYnWIByd+5Rpm5GNvZOIf9B9a/w8NOt5+XBRLIBo8wDoLwK vN9V -----END CERTIFICATE-----Generated at Sat Dec 6 12:46:53 2025 by rpki-client