This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7003e8a9-a5a4-4137-b172-46c06da76822.roa File: 7003e8a9-a5a4-4137-b172-46c06da76822.roa (raw, json) Hash identifier: sQtl6ZzF9l9DHApehml0v3bP2WVWdesI9qxs6AY2SuE= Subject key identifier: 3C:AF:44:4A:BC:43:AD:C1:77:8A:D7:26:1F:72:8D:DF:A0:45:A4:8E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: D01E3B0E0E48A49E463B9D438CCA3CBDBE343A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7003e8a9-a5a4-4137-b172-46c06da76822.roa Signing time: Wed 26 Nov 2025 00:01:09 +0000 ROA not before: Wed 26 Nov 2025 00:01:09 +0000 ROA not after: Tue 24 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: d0:1e:3b:0e:0e:48:a4:9e:46:3b:9d:43:8c:ca:3c:bd:be:34:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 26 00:01:09 2025 GMT Not After : Feb 24 23:59:59 2026 GMT Subject: serialNumber=c8d0d6d889d3e9c827a85fa2ec0582a47aac111c712e73a46b139a02ecf86992, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:d5:bd:8d:66:9e:5e:29:0b:9e:c2:93:1b:97: 5c:53:f0:88:1b:74:cb:3b:01:3d:e4:3e:af:cb:23: 84:5e:0d:3f:00:6b:0b:74:0c:26:bd:d1:a3:e1:4f: 84:d6:e8:ea:ef:84:3f:df:0f:47:7f:2b:a3:31:d7: 42:45:ea:df:5e:3a:28:24:d6:18:0b:8d:5d:dc:eb: a4:8a:e9:62:75:82:8d:3c:21:ff:f0:fa:78:d8:63: 37:ca:88:4f:84:4a:fa:3c:c8:d8:84:90:7c:f7:fa: ea:f9:94:af:22:27:b6:f2:79:f7:d6:b7:1f:4e:7b: ed:17:ee:19:70:4c:f4:99:31:4f:20:72:39:05:2c: a3:7c:89:d9:e3:f6:58:33:5c:b7:fb:3f:f9:1b:82: f2:7b:93:50:a0:ac:f1:80:84:12:d8:12:41:75:9b: b3:f6:c1:ee:df:8b:fb:8a:7d:13:aa:0f:5e:2c:5f: bc:4d:34:b1:f6:75:f5:cf:29:85:60:ce:5f:17:23: 07:4a:68:92:f8:c8:98:c1:23:a0:ee:0d:2b:4c:3a: 92:b9:b9:4d:ac:97:ce:52:35:7f:ed:0a:48:0c:99: 15:4e:b2:90:a8:99:7c:84:57:d7:5d:28:c1:b7:40: 33:04:ec:d3:85:93:7e:a0:95:7c:ff:58:ae:4a:e8: 39:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:AF:44:4A:BC:43:AD:C1:77:8A:D7:26:1F:72:8D:DF:A0:45:A4:8E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7003e8a9-a5a4-4137-b172-46c06da76822.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:8800::/40 Signature Algorithm: sha256WithRSAEncryption 67:69:6c:59:34:80:66:3b:c9:2a:f5:2c:79:74:f5:3c:37:ce: ce:e6:9b:fb:b7:88:3d:b2:54:7f:50:5d:34:8a:87:87:bb:79: 8f:7b:a3:2c:50:55:0b:04:73:13:ba:b6:73:ff:18:d5:b2:b5: 42:9c:92:54:fe:84:a8:0e:5c:97:2e:d8:01:ca:5a:10:14:c7: 45:6c:f4:9f:4e:60:1b:67:52:12:e8:7d:0e:01:87:9b:cb:d1: 36:0f:34:57:36:0b:5c:7c:8d:c7:72:ef:b3:5e:f3:3a:06:15: 31:53:db:a0:01:95:ae:aa:b5:75:25:c3:5d:6d:93:fe:4c:51: c2:7a:80:3a:08:13:fa:dc:9c:2a:76:bb:fe:67:9f:61:98:62: 30:3c:07:95:b5:56:13:88:2d:59:87:4a:b2:68:d3:4f:95:76: 42:63:dd:e3:4c:dc:b3:a4:a7:55:74:77:73:bd:e6:b6:f7:3a: 7f:a3:cd:2e:d7:6f:cd:9a:34:91:50:d3:a3:5b:a6:11:0d:40: 54:a6:5a:93:4f:78:90:e1:79:ab:72:37:f7:b4:fa:c1:31:1e: 6f:86:46:c6:ec:95:eb:a6:9a:23:ef:31:07:c9:9b:a5:de:01: 67:6f:dc:56:7c:f0:7d:d9:0b:88:11:0f:f9:69:75:d1:60:d3: 93:0f:28:68 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUANAeOw4OSKSeRjudQ4zKPL2+NDowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyNjAwMDEwOVoX DTI2MDIyNDIzNTk1OVowejFJMEcGA1UEBRNAYzhkMGQ2ZDg4OWQzZTljODI3YTg1 ZmEyZWMwNTgyYTQ3YWFjMTExYzcxMmU3M2E0NmIxMzlhMDJlY2Y4Njk5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NW9jWaeXikLnsKTG5dcU/CIG3TL OwE95D6vyyOEXg0/AGsLdAwmvdGj4U+E1ujq74Q/3w9HfyujMddCRerfXjooJNYY C41d3OukiulidYKNPCH/8Pp42GM3yohPhEr6PMjYhJB89/rq+ZSvIie28nn31rcf TnvtF+4ZcEz0mTFPIHI5BSyjfInZ4/ZYM1y3+z/5G4Lye5NQoKzxgIQS2BJBdZuz 9sHu34v7in0Tqg9eLF+8TTSx9nX1zymFYM5fFyMHSmiS+MiYwSOg7g0rTDqSublN rJfOUjV/7QpIDJkVTrKQqJl8hFfXXSjBt0AzBOzThZN+oJV8/1iuSug5gwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDyvREq8Q63Bd4rXJh9yjd+gRaSOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcwMDNlOGE5LWE1YTQtNDEzNy1iMTcyLTQ2YzA2ZGE3NjgyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauYgwDQYJKoZIhvcNAQELBQADggEBAGdpbFk0gGY7ySr1LHl0 9Tw3zs7mm/u3iD2yVH9QXTSKh4e7eY97oyxQVQsEcxO6tnP/GNWytUKcklT+hKgO XJcu2AHKWhAUx0Vs9J9OYBtnUhLofQ4Bh5vL0TYPNFc2C1x8jcdy77Ne8zoGFTFT 26ABla6qtXUlw11tk/5MUcJ6gDoIE/rcnCp2u/5nn2GYYjA8B5W1VhOILVmHSrJo 00+VdkJj3eNM3LOkp1V0d3O95rb3On+jzS7Xb82aNJFQ06NbphENQFSmWpNPeJDh eatyN/e0+sExHm+GRsbsleummiPvMQfJm6XeAWdv3FZ88H3ZC4gRD/lpddFg05MP KGg= -----END CERTIFICATE-----Generated at Sat Dec 6 18:10:42 2025 by rpki-client