This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f94d4be-2864-45c5-a16e-6384684a8060.roa File: 4f94d4be-2864-45c5-a16e-6384684a8060.roa (raw, json) Hash identifier: 0P1tQ5EFBD7XK/6gXkDZEK4f2CQGHYn4npOxLKsd5R0= Subject key identifier: 1C:81:58:07:1C:EA:49:47:C8:5D:15:0B:FC:83:E5:06:2E:69:AB:86 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 482CEFFC612EFB20AC9E9A145D5EA0F099229BC1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f94d4be-2864-45c5-a16e-6384684a8060.roa Signing time: Thu 04 Dec 2025 00:10:46 +0000 ROA not before: Thu 04 Dec 2025 00:10:46 +0000 ROA not after: Wed 04 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da16:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:2c:ef:fc:61:2e:fb:20:ac:9e:9a:14:5d:5e:a0:f0:99:22:9b:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 4 00:10:46 2025 GMT Not After : Mar 4 23:59:59 2026 GMT Subject: serialNumber=40e9b9435c4a9df535d20672a9432f50ea33e730faf9856523f6cb28be905aa7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:d3:9a:da:ac:01:6a:07:ea:63:28:f0:b6:79: c2:b2:c8:2f:d7:9e:a2:0b:11:fb:f4:71:19:64:02: b7:e9:09:7e:0d:19:68:64:6e:5c:16:1b:f4:09:05: 42:9d:1d:95:2f:4a:8f:fe:6c:43:51:b9:00:23:29: e6:bf:d6:95:78:40:5e:55:81:37:40:40:b6:0c:d6: b9:d3:4a:72:4d:3f:7f:86:5d:2e:3d:0e:66:f0:11: 83:9c:69:45:1f:84:2d:3c:8d:ff:a4:27:bf:58:ab: df:6d:56:05:dc:9f:fc:dd:66:31:3b:d2:d8:17:0d: b2:b1:33:07:84:8d:01:00:65:89:e2:10:30:86:76: 55:e7:c0:c6:a8:e4:27:69:ab:d7:e7:ba:64:75:ed: 5f:cc:42:c5:bd:d6:37:87:0c:71:64:71:c5:bc:8c: ac:d0:82:67:72:9c:2c:ee:25:a6:b3:08:99:40:a0: 61:7b:63:88:e8:12:55:e4:cd:4c:b2:ed:ee:db:ea: 24:4d:bf:9b:38:01:0c:46:0f:da:eb:ae:ea:72:a7: 51:fe:49:6c:60:59:b0:e4:54:76:d9:21:52:13:12: 8b:a9:86:88:07:d7:93:d8:21:99:c0:90:ab:df:2d: 64:89:af:21:c0:22:a3:37:08:70:5f:65:01:9a:cd: 5f:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:81:58:07:1C:EA:49:47:C8:5D:15:0B:FC:83:E5:06:2E:69:AB:86 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f94d4be-2864-45c5-a16e-6384684a8060.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da16:400::/38 Signature Algorithm: sha256WithRSAEncryption 78:2b:3e:41:ef:25:ab:00:63:05:41:aa:a1:26:38:cd:23:5a: f7:64:88:64:6e:0b:b4:70:1a:48:68:e3:ab:b3:dd:05:ac:d4: 29:8a:8b:b1:bb:8a:6e:6e:96:4a:40:6d:e0:d3:b9:52:8d:a4: 17:76:13:c4:1e:a4:f4:d1:5a:90:46:45:7d:56:07:c3:55:a1: e7:ad:2d:a8:bb:58:a1:b7:09:33:3f:0c:fb:47:8b:54:62:7f: 0d:19:4c:f0:2b:ef:f0:63:71:e6:6c:dd:51:64:75:67:f8:8b: d7:04:be:21:d3:ac:1b:72:6a:09:7b:1f:d5:dd:0b:2d:b4:56: 1f:55:ca:0c:04:df:1e:b8:94:8c:3b:e9:98:ea:4e:b1:6b:d5: c1:68:71:3d:50:61:fd:a8:77:44:bb:55:bc:14:67:ce:27:26: 47:92:8d:b9:5e:d7:13:63:4f:99:f7:1e:da:98:00:60:32:22: 92:c7:89:ce:a7:12:62:aa:2f:31:7b:ce:d7:b4:de:71:b6:4c: ec:54:0d:4e:13:ce:c9:e2:77:c9:30:68:75:7b:18:21:ad:6d: 0f:b7:37:95:e2:02:86:3c:b2:9f:f7:5b:8e:84:3c:8e:d6:dd: 20:4b:32:2b:a8:95:51:e0:67:95:87:82:24:c9:90:2f:65:5d: c1:6b:7d:d9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSCzv/GEu+yCsnpoUXV6g8Jkim8EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwNDAwMTA0NloX DTI2MDMwNDIzNTk1OVowejFJMEcGA1UEBRNANDBlOWI5NDM1YzRhOWRmNTM1ZDIw NjcyYTk0MzJmNTBlYTMzZTczMGZhZjk4NTY1MjNmNmNiMjhiZTkwNWFhNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dOa2qwBagfqYyjwtnnCssgv156i CxH79HEZZAK36Ql+DRloZG5cFhv0CQVCnR2VL0qP/mxDUbkAIynmv9aVeEBeVYE3 QEC2DNa500pyTT9/hl0uPQ5m8BGDnGlFH4QtPI3/pCe/WKvfbVYF3J/83WYxO9LY Fw2ysTMHhI0BAGWJ4hAwhnZV58DGqOQnaavX57pkde1fzELFvdY3hwxxZHHFvIys 0IJncpws7iWmswiZQKBhe2OI6BJV5M1Msu3u2+okTb+bOAEMRg/a667qcqdR/kls YFmw5FR22SFSExKLqYaIB9eT2CGZwJCr3y1kia8hwCKjNwhwX2UBms1fEQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFByBWAcc6klHyF0VC/yD5QYuaauGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRmOTRkNGJlLTI4NjQtNDVjNS1hMTZlLTYzODQ2ODRhODA2MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFgQwDQYJKoZIhvcNAQELBQADggEBAHgrPkHvJasAYwVBqqEm OM0jWvdkiGRuC7RwGkho46uz3QWs1CmKi7G7im5ulkpAbeDTuVKNpBd2E8QepPTR WpBGRX1WB8NVoeetLai7WKG3CTM/DPtHi1Rifw0ZTPAr7/BjceZs3VFkdWf4i9cE viHTrBtyagl7H9XdCy20Vh9VygwE3x64lIw76ZjqTrFr1cFocT1QYf2od0S7VbwU Z84nJkeSjble1xNjT5n3HtqYAGAyIpLHic6nEmKqLzF7zte03nG2TOxUDU4Tzsni d8kwaHV7GCGtbQ+3N5XiAoY8sp/3W46EPI7W3SBLMiuolVHgZ5WHgiTJkC9lXcFr fdk= -----END CERTIFICATE-----Generated at Sat Dec 6 13:02:13 2025 by rpki-client