This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa File: 5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa (raw, json) Hash identifier: GcbUcX+ULGPQGXjGDI2zvZbpaK8wIPlejB4hx9N9P2k= Subject key identifier: DF:F0:00:C3:AD:29:65:B6:09:03:20:66:7B:B1:6E:23:09:52:76:E3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6D9A81598D90F4951FF77641535DA68EB3215E4F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa Signing time: Sun 30 Nov 2025 00:10:06 +0000 ROA not before: Sun 30 Nov 2025 00:10:06 +0000 ROA not after: Sat 28 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:9a:81:59:8d:90:f4:95:1f:f7:76:41:53:5d:a6:8e:b3:21:5e:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 30 00:10:06 2025 GMT Not After : Feb 28 23:59:59 2026 GMT Subject: serialNumber=04344d03698c4875b670f94ef1359f8fa5941f4c0f8f68ecc3823bb164be0ac1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:1d:0d:ee:0c:dd:a2:9b:77:e8:e8:9d:31:f5: 74:50:c8:9b:5e:ba:3f:fd:37:f5:90:af:e8:a3:db: d4:68:d0:e3:1b:94:9b:1f:44:1c:b2:0d:7f:fb:34: c2:e1:6b:5b:d3:86:1c:6d:a6:d2:28:06:8c:79:fb: 11:bf:73:d3:8e:65:1f:29:fc:59:05:5d:e0:17:3a: d0:ba:d7:27:a4:f0:5f:a5:1f:88:78:51:19:f0:55: 4e:23:50:03:7b:1a:7c:68:cc:9d:b8:5b:aa:bc:e0: e5:68:05:0e:01:2e:d6:ae:84:3f:97:94:93:32:c2: b0:5c:9b:d2:c4:39:3c:7d:ba:f2:db:63:48:20:16: ba:5e:06:52:74:a4:ec:71:98:b9:5a:7c:42:0b:83: 99:c6:c7:85:80:e9:ee:03:35:43:19:43:42:86:c9: 97:7e:2e:bb:d4:90:16:09:26:ec:de:b8:c0:2c:b6: 30:38:4c:c3:be:d1:07:7a:74:e5:36:f4:9b:f0:de: 7b:4e:43:54:a4:2b:19:b2:46:e7:c3:c2:e3:c3:94: 01:dd:65:2d:87:dc:28:c6:98:03:aa:26:34:81:61: ce:88:a2:fe:82:51:1e:43:62:f5:6d:c4:3b:18:3e: a3:44:f2:87:0c:e4:e1:11:f5:bc:52:79:f5:8a:5f: 04:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:F0:00:C3:AD:29:65:B6:09:03:20:66:7B:B1:6E:23:09:52:76:E3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4840::/48 Signature Algorithm: sha256WithRSAEncryption 39:8f:c1:f6:3a:02:0a:b3:71:fc:8c:40:81:0d:07:bb:28:41: 3b:69:2e:0e:a5:58:64:3a:26:c2:17:5c:d0:53:b9:00:ce:97: 97:2e:33:87:fc:e1:95:a4:58:df:44:5c:97:8c:3d:db:a6:e4: 40:5f:d2:54:41:08:14:7b:87:52:12:f5:f4:ed:96:fc:a5:05: 65:91:80:f8:8e:32:8d:d5:1e:51:4a:91:8d:df:25:92:7f:7f: 0d:ae:7a:a9:11:fc:6e:e5:0e:f8:99:d7:52:d1:96:c5:81:38: ae:f5:b3:5e:23:19:96:64:76:55:b8:f9:68:b7:d4:aa:5e:b1: 58:5c:1a:6f:d7:6e:50:88:be:49:43:16:a0:83:e9:5a:06:b6: 0b:48:08:69:c9:43:eb:4f:f2:0c:73:d5:1b:64:4c:1c:01:88: 60:52:98:eb:b2:78:04:d0:dd:e6:03:fc:8f:d7:62:8c:97:1f: ac:b5:fb:77:1c:c0:d3:c3:45:8a:18:3e:c8:ae:3a:4b:4e:aa: 9c:82:5b:e2:7a:14:74:58:9f:ba:2d:0a:c2:a0:cb:a0:0c:f9: 33:f5:be:93:7c:e5:20:33:0f:7e:e5:d0:10:f2:31:0f:b1:f8: 2f:25:20:4c:c4:a8:11:5d:b0:04:f0:53:87:4e:62:df:41:81: 16:6a:5d:21 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbZqBWY2Q9JUf93ZBU12mjrMhXk8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEzMDAwMTAwNloX DTI2MDIyODIzNTk1OVowejFJMEcGA1UEBRNAMDQzNDRkMDM2OThjNDg3NWI2NzBm OTRlZjEzNTlmOGZhNTk0MWY0YzBmOGY2OGVjYzM4MjNiYjE2NGJlMGFjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh0N7gzdopt36OidMfV0UMibXro/ /Tf1kK/oo9vUaNDjG5SbH0Qcsg1/+zTC4Wtb04YcbabSKAaMefsRv3PTjmUfKfxZ BV3gFzrQutcnpPBfpR+IeFEZ8FVOI1ADexp8aMyduFuqvODlaAUOAS7WroQ/l5ST MsKwXJvSxDk8fbry22NIIBa6XgZSdKTscZi5WnxCC4OZxseFgOnuAzVDGUNChsmX fi671JAWCSbs3rjALLYwOEzDvtEHenTlNvSb8N57TkNUpCsZskbnw8Ljw5QB3WUt h9woxpgDqiY0gWHOiKL+glEeQ2L1bcQ7GD6jRPKHDOThEfW8Unn1il8EhwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN/wAMOtKWW2CQMgZnuxbiMJUnbjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjMzBkZGRmLTlmNmUtNDk1ZC04MDA1LTFkMzJmZDYwMDVhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOEhAMA0GCSqGSIb3DQEBCwUAA4IBAQA5j8H2OgIKs3H8jECB DQe7KEE7aS4OpVhkOibCF1zQU7kAzpeXLjOH/OGVpFjfRFyXjD3bpuRAX9JUQQgU e4dSEvX07Zb8pQVlkYD4jjKN1R5RSpGN3yWSf38NrnqpEfxu5Q74mddS0ZbFgTiu 9bNeIxmWZHZVuPlot9SqXrFYXBpv125QiL5JQxagg+laBrYLSAhpyUPrT/IMc9Ub ZEwcAYhgUpjrsngE0N3mA/yP12KMlx+stft3HMDTw0WKGD7IrjpLTqqcglviehR0 WJ+6LQrCoMugDPkz9b6TfOUgMw9+5dAQ8jEPsfgvJSBMxKgRXbAE8FOHTmLfQYEW al0h -----END CERTIFICATE-----Generated at Sat Dec 6 17:54:02 2025 by rpki-client