This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/680b28c0-fd78-49c9-9355-94724e964ebe.roa File: 680b28c0-fd78-49c9-9355-94724e964ebe.roa (raw, json) Hash identifier: rUSte3Cgee0Sken/WgnUS+hjZ9ZkVCSJAw1CKJboK9U= Subject key identifier: 1D:43:89:E3:D5:AB:DC:6D:C8:0B:7E:A9:9B:92:46:C4:61:07:B6:29 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0C29D4F1E040606C77B96DFCD9AE7442F59096BB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/680b28c0-fd78-49c9-9355-94724e964ebe.roa Signing time: Tue 02 Dec 2025 00:20:39 +0000 ROA not before: Tue 02 Dec 2025 00:20:39 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:29:d4:f1:e0:40:60:6c:77:b9:6d:fc:d9:ae:74:42:f5:90:96:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:20:39 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=f72b8bf3fb1cc75db8e2f2907148aa541039de3556a812423f0cc01640dced26, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:47:99:4e:2f:43:05:eb:a8:4c:c3:37:f0:4c: 16:f1:d1:30:54:b0:67:ba:a9:fc:2b:e5:be:d1:0c: 63:da:71:88:40:17:88:2d:76:e6:d2:0e:c5:29:1b: af:66:ee:c1:8b:d1:68:34:2e:48:34:e9:1a:21:c6: f9:5b:02:bf:86:fd:b7:06:ed:e8:13:71:7c:d6:3d: ce:7a:cb:7e:68:47:a3:05:25:12:0d:8b:27:c1:b8: 7c:ce:66:39:22:4d:0f:24:e3:6b:a1:26:f6:32:1a: b9:9a:e0:3b:68:bf:49:a7:23:14:83:0d:fb:32:5e: 33:08:67:f3:ae:4a:8e:3c:ec:68:34:68:7e:01:e7: f8:60:cf:d6:3a:03:2d:e6:3c:fe:31:8a:53:bb:b3: 92:58:10:bc:fb:a8:96:68:e1:19:a7:1a:d4:c9:78: b9:b5:99:65:97:2c:27:92:e1:46:1c:e8:e6:5a:ce: 34:3c:3e:0c:64:07:5b:e6:be:0e:ed:29:d8:0b:7d: c0:1d:12:5d:78:d1:94:66:f0:89:e6:8d:92:0a:30: 33:34:e9:e8:73:27:78:e1:a2:fd:64:e8:91:94:20: 2a:1f:2a:d8:7e:55:d4:b0:a7:14:36:3c:92:d5:bd: 1c:0a:5c:0f:33:49:c3:9c:e5:27:19:83:72:2a:f0: 5e:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:43:89:E3:D5:AB:DC:6D:C8:0B:7E:A9:9B:92:46:C4:61:07:B6:29 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/680b28c0-fd78-49c9-9355-94724e964ebe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c040::/48 Signature Algorithm: sha256WithRSAEncryption 20:76:12:35:b8:16:ea:fb:79:4b:53:e1:2a:ec:5c:18:99:64: 45:f0:48:50:d7:c6:20:ac:69:cb:68:4a:86:63:f3:01:8e:82: 8a:e4:50:0b:47:69:c6:41:14:a5:4c:84:23:a2:31:f2:af:d8: fc:dd:ea:95:f9:7d:5a:4a:10:d2:2d:7d:f4:57:eb:3d:aa:a8: 88:71:5e:b5:31:4a:57:a3:4a:f9:20:0e:0f:b6:69:e5:eb:96: d0:03:f3:df:e5:f2:30:13:a9:4f:03:ea:45:5a:c5:95:40:f9: 1b:5b:bb:51:fa:ef:9a:f8:b9:dc:be:96:ab:48:0e:20:22:a3: 81:47:18:66:f9:63:90:93:79:a3:79:b6:b3:0e:12:06:b5:0b: 9e:95:2a:c9:69:03:c8:06:13:d0:c0:d3:7b:67:08:8e:5e:66: 4c:f3:c5:bd:8c:01:5c:37:35:d8:d4:e9:ed:81:e1:5e:e0:25: 61:1d:bd:9a:3a:dd:d9:20:23:03:f5:68:ef:7c:ef:76:e3:14: 41:2b:b1:9c:7a:f2:d8:73:42:d9:4f:dd:9e:11:7b:8d:1c:a7: 46:b4:6e:52:25:cb:98:8f:05:08:0e:15:d0:47:c5:25:e9:9c: b0:d4:6e:fa:f6:ec:55:40:4f:fc:35:9b:b9:1a:0d:a7:ad:3b: c6:9d:9b:68 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDCnU8eBAYGx3uW382a50QvWQlrswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMjAzOVoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAZjcyYjhiZjNmYjFjYzc1ZGI4ZTJm MjkwNzE0OGFhNTQxMDM5ZGUzNTU2YTgxMjQyM2YwY2MwMTY0MGRjZWQyNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10eZTi9DBeuoTMM38EwW8dEwVLBn uqn8K+W+0Qxj2nGIQBeILXbm0g7FKRuvZu7Bi9FoNC5INOkaIcb5WwK/hv23Bu3o E3F81j3Oest+aEejBSUSDYsnwbh8zmY5Ik0PJONroSb2Mhq5muA7aL9JpyMUgw37 Ml4zCGfzrkqOPOxoNGh+Aef4YM/WOgMt5jz+MYpTu7OSWBC8+6iWaOEZpxrUyXi5 tZlllywnkuFGHOjmWs40PD4MZAdb5r4O7SnYC33AHRJdeNGUZvCJ5o2SCjAzNOno cyd44aL9ZOiRlCAqHyrYflXUsKcUNjyS1b0cClwPM0nDnOUnGYNyKvBeLwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFB1DiePVq9xtyAt+qZuSRsRhB7YpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY4MGIyOGMwLWZkNzgtNDljOS05MzU1LTk0NzI0ZTk2NGViZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYcBAMA0GCSqGSIb3DQEBCwUAA4IBAQAgdhI1uBbq+3lLU+Eq 7FwYmWRF8EhQ18YgrGnLaEqGY/MBjoKK5FALR2nGQRSlTIQjojHyr9j83eqV+X1a ShDSLX30V+s9qqiIcV61MUpXo0r5IA4Ptmnl65bQA/Pf5fIwE6lPA+pFWsWVQPkb W7tR+u+a+LncvparSA4gIqOBRxhm+WOQk3mjebazDhIGtQuelSrJaQPIBhPQwNN7 ZwiOXmZM88W9jAFcNzXY1OntgeFe4CVhHb2aOt3ZICMD9WjvfO924xRBK7GcevLY c0LZT92eEXuNHKdGtG5SJcuYjwUIDhXQR8Ul6Zyw1G769uxVQE/8NZu5Gg2nrTvG nZto -----END CERTIFICATE-----Generated at Sat Dec 6 14:22:47 2025 by rpki-client