This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa File: 6de13c1e-8034-41b3-90e3-760249997c22.roa (raw, json) Hash identifier: ngYSes3YBqt5dYGgiOMkEHfF37wAyBjRcgfCsKpeKqU= Subject key identifier: 11:42:A7:81:ED:6C:EF:48:0A:6E:D0:28:AB:A0:0A:EC:2B:9A:F0:CE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4FE2AB06C79C61AE9EFE30FD980F6006A532DDFE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa Signing time: Sun 23 Nov 2025 00:10:34 +0000 ROA not before: Sun 23 Nov 2025 00:10:34 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:e2:ab:06:c7:9c:61:ae:9e:fe:30:fd:98:0f:60:06:a5:32:dd:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 23 00:10:34 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=84f1e25d96454c4eaa7ce3acd6dfafda516b630d625a129983c3a58aff1f8913, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:ed:45:12:e9:8c:53:bf:66:6e:f9:c3:0d:5b: a4:c0:ce:96:35:6c:80:f4:2d:84:73:fb:44:72:91: 8c:f6:86:a5:d3:77:e3:7c:73:09:f6:d1:b6:4e:41: 10:5f:65:78:0b:3c:07:12:fe:38:66:a6:5e:86:44: 84:9b:22:35:15:96:c8:1a:44:b3:cf:f7:1a:ba:41: 85:d8:07:61:07:4e:f0:0f:6e:69:14:c6:56:25:ca: 32:c5:5d:b3:ba:fc:3d:e9:62:30:1f:c7:88:bf:57: db:c8:77:70:d8:e9:fd:06:35:4d:99:55:21:65:f7: 04:49:80:6b:e3:cb:94:8e:df:c7:25:e4:21:b9:3a: 68:22:33:3c:14:18:ac:f6:77:b0:bf:ae:3e:5a:96: 34:10:e7:b8:d3:84:06:03:04:a0:71:ea:29:6a:d0: e8:fa:77:96:d6:82:27:96:9a:32:50:8f:51:fb:9a: e0:45:ae:55:c3:b1:9f:fa:73:8c:f1:f6:73:fe:c4: 39:ee:1d:07:41:32:e3:c3:e4:e5:2a:71:35:f4:89: 6e:df:31:e8:5f:a8:a6:c2:3d:b0:4c:b5:36:7a:24: 5d:d0:0f:9b:1c:86:c4:0e:83:eb:ac:40:c6:da:57: f8:1f:06:14:77:4d:99:15:e1:29:06:29:af:ff:90: 18:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:42:A7:81:ED:6C:EF:48:0A:6E:D0:28:AB:A0:0A:EC:2B:9A:F0:CE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:8800::/40 Signature Algorithm: sha256WithRSAEncryption 71:98:24:0b:3f:43:37:a6:1c:21:57:18:29:4e:e7:cb:c3:ea: e3:13:48:dd:8f:64:f1:1b:4b:e0:e8:61:e3:7f:77:24:9b:cd: 8b:40:57:3b:c3:a4:8d:1a:aa:f3:ba:e4:d6:90:de:8a:e3:57: f9:bc:00:77:55:b7:ab:04:ef:e6:b7:24:ba:54:7f:4e:84:23: a1:33:cc:bf:2f:73:51:a7:52:4a:03:a7:60:05:10:5f:bc:34: 64:00:10:26:01:88:46:7b:73:6a:d7:45:e7:5f:7b:89:9d:15: 0f:07:f7:4b:2e:7c:64:1e:24:62:b2:6c:f9:08:47:07:a6:e3: b4:4e:38:2e:86:20:9a:4d:87:c2:cc:9d:ca:a2:f1:6b:e9:52: d9:63:26:4d:1e:5d:a6:89:9d:eb:20:73:79:0e:60:0b:9c:d8: 2f:99:89:ac:c9:d2:e3:b0:3d:1d:c1:27:14:39:cb:7e:9e:16: 08:c0:30:a6:b1:8f:6e:19:5d:5e:35:05:ec:2e:d7:79:a7:16: 73:40:79:55:df:67:64:7c:9c:58:1b:75:a3:fe:5a:7c:57:2b: a0:df:90:68:73:d2:48:56:09:a9:74:3d:ac:72:c6:bf:da:80: 4b:cd:9c:22:2b:de:80:a3:35:68:bb:5a:3a:2b:c2:88:d5:2b: 1d:a4:20:4b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUT+KrBsecYa6e/jD9mA9gBqUy3f4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyMzAwMTAzNFoX DTI2MDIyMTIzNTk1OVowejFJMEcGA1UEBRNAODRmMWUyNWQ5NjQ1NGM0ZWFhN2Nl M2FjZDZkZmFmZGE1MTZiNjMwZDYyNWExMjk5ODNjM2E1OGFmZjFmODkxMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O1FEumMU79mbvnDDVukwM6WNWyA 9C2Ec/tEcpGM9oal03fjfHMJ9tG2TkEQX2V4CzwHEv44ZqZehkSEmyI1FZbIGkSz z/caukGF2AdhB07wD25pFMZWJcoyxV2zuvw96WIwH8eIv1fbyHdw2On9BjVNmVUh ZfcESYBr48uUjt/HJeQhuTpoIjM8FBis9newv64+WpY0EOe404QGAwSgceopatDo +neW1oInlpoyUI9R+5rgRa5Vw7Gf+nOM8fZz/sQ57h0HQTLjw+TlKnE19Ilu3zHo X6imwj2wTLU2eiRd0A+bHIbEDoPrrEDG2lf4HwYUd02ZFeEpBimv/5AYCQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBFCp4HtbO9ICm7QKKugCuwrmvDOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZkZTEzYzFlLTgwMzQtNDFiMy05MGUzLTc2MDI0OTk5N2MyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/ogwDQYJKoZIhvcNAQELBQADggEBAHGYJAs/QzemHCFXGClO 58vD6uMTSN2PZPEbS+DoYeN/dySbzYtAVzvDpI0aqvO65NaQ3orjV/m8AHdVt6sE 7+a3JLpUf06EI6EzzL8vc1GnUkoDp2AFEF+8NGQAECYBiEZ7c2rXRedfe4mdFQ8H 90sufGQeJGKybPkIRwem47ROOC6GIJpNh8LMncqi8WvpUtljJk0eXaaJnesgc3kO YAuc2C+ZiazJ0uOwPR3BJxQ5y36eFgjAMKaxj24ZXV41Bewu13mnFnNAeVXfZ2R8 nFgbdaP+WnxXK6DfkGhz0khWCal0Paxyxr/agEvNnCIr3oCjNWi7WjorwojVKx2k IEs= -----END CERTIFICATE-----Generated at Sat Dec 6 11:55:40 2025 by rpki-client