This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/77b66450-4698-44c5-9f99-8e8f76945e37.roa File: 77b66450-4698-44c5-9f99-8e8f76945e37.roa (raw, json) Hash identifier: JnE5TPCYcZMIkCue1bz4FcA8YoK5J+dzdbaIdQXNTgs= Subject key identifier: 93:E7:E9:80:6B:C9:B1:A9:8D:B7:9E:40:97:61:9E:F7:7A:51:D0:7E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0DA2A21FC6B02487C1DAF2AA3C8237EA72C02A81 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/77b66450-4698-44c5-9f99-8e8f76945e37.roa Signing time: Wed 03 Dec 2025 00:10:48 +0000 ROA not before: Wed 03 Dec 2025 00:10:48 +0000 ROA not after: Tue 03 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:a2:a2:1f:c6:b0:24:87:c1:da:f2:aa:3c:82:37:ea:72:c0:2a:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 3 00:10:48 2025 GMT Not After : Mar 3 23:59:59 2026 GMT Subject: serialNumber=be094af671e65a3f1ec606199ad0caf8863b0357867c88297b0cde7dc61bc19e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:33:11:20:18:27:2b:4b:40:e4:b9:88:4c:0a: 1b:fd:d8:6e:37:5c:71:3f:15:f1:17:f8:7b:c7:f2: f7:e6:19:7a:9d:8b:de:1c:3c:5a:87:77:84:72:05: a2:5e:44:39:a1:b6:bd:a0:48:cd:aa:00:1b:45:4d: 2d:0a:b2:ed:25:de:83:02:53:3b:52:67:a1:81:ff: e7:cb:1a:a1:66:aa:ca:e6:c2:ae:e1:68:06:34:17: ef:b4:7c:e8:aa:45:6a:f5:94:95:ca:ce:60:b0:07: 1d:8a:91:95:5d:24:b8:35:5b:22:a2:55:f7:6e:c6: 65:cf:e5:64:67:7b:05:a3:fa:a1:1d:74:9c:58:dd: eb:da:1d:b6:05:27:19:32:b9:37:1a:bb:44:80:71: 60:f6:12:d2:3c:6d:e3:5d:33:1d:07:4f:83:bb:f9: 21:98:11:44:90:ea:ce:ee:c7:f5:84:4b:d6:f9:cf: 94:aa:75:e3:02:2f:d1:1d:0f:94:cc:21:45:d5:db: c2:af:85:15:76:42:77:38:22:e0:e4:29:31:7f:41: 92:16:be:23:32:3b:b8:b3:84:9e:70:dd:e4:81:b5: 72:04:40:54:51:33:ba:8c:c7:b1:5b:ab:b1:b1:e3: 32:31:b2:17:61:9a:b2:5f:47:a5:6d:cf:fd:d0:10: 5b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:E7:E9:80:6B:C9:B1:A9:8D:B7:9E:40:97:61:9E:F7:7A:51:D0:7E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/77b66450-4698-44c5-9f99-8e8f76945e37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:1000::/40 Signature Algorithm: sha256WithRSAEncryption 5a:2c:28:96:18:3c:a0:6a:17:b1:ee:1a:8b:c5:5a:40:22:c9: 76:a4:8c:31:d7:bc:a2:d2:ea:8e:0b:d0:7a:dd:90:18:67:cb: 91:79:72:7e:a7:b8:be:1b:ed:8e:cb:a3:4e:0d:2c:59:be:3d: a4:19:33:64:80:76:7d:1f:2b:d8:79:6d:31:dc:4a:2d:1f:a7: 53:a3:de:8d:ce:c4:70:d1:f6:ad:b4:59:ae:dc:f8:09:56:f1: 7f:cb:73:d9:fe:6e:77:8d:85:a2:61:ea:f3:5d:8b:92:bd:e0: 7b:65:f1:0e:e7:2f:df:67:f9:b5:8f:d8:47:7f:d0:05:5d:6c: 05:84:98:63:e8:5d:21:6f:c9:1e:cb:42:d9:d3:94:7f:6d:84: b6:4e:b7:82:ad:dd:87:48:fc:25:a2:75:9a:de:b0:c0:bd:4a: 69:d9:33:96:09:aa:05:de:99:be:57:a6:a0:b8:d9:bc:1d:35: 89:b1:6c:9e:0f:61:ee:e1:05:4a:e7:03:74:e6:c0:5f:31:21: 33:bc:b4:f9:c7:82:8e:ef:a2:e9:b9:f8:24:18:4c:03:a0:d3: 92:20:0f:90:2e:88:f3:c9:02:a9:a7:b3:72:44:41:47:8f:2b: b9:8c:42:2e:8b:60:89:bd:32:33:21:c5:c0:fc:ce:6f:be:15: 52:83:2b:c7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDaKiH8awJIfB2vKqPII36nLAKoEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMzAwMTA0OFoX DTI2MDMwMzIzNTk1OVowejFJMEcGA1UEBRNAYmUwOTRhZjY3MWU2NWEzZjFlYzYw NjE5OWFkMGNhZjg4NjNiMDM1Nzg2N2M4ODI5N2IwY2RlN2RjNjFiYzE5ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjMRIBgnK0tA5LmITAob/dhuN1xx PxXxF/h7x/L35hl6nYveHDxah3eEcgWiXkQ5oba9oEjNqgAbRU0tCrLtJd6DAlM7 Umehgf/nyxqhZqrK5sKu4WgGNBfvtHzoqkVq9ZSVys5gsAcdipGVXSS4NVsiolX3 bsZlz+VkZ3sFo/qhHXScWN3r2h22BScZMrk3GrtEgHFg9hLSPG3jXTMdB0+Du/kh mBFEkOrO7sf1hEvW+c+UqnXjAi/RHQ+UzCFF1dvCr4UVdkJ3OCLg5Ckxf0GSFr4j Mju4s4SecN3kgbVyBEBUUTO6jMexW6uxseMyMbIXYZqyX0elbc/90BBbCwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJPn6YBrybGpjbeeQJdhnvd6UdB+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc3YjY2NDUwLTQ2OTgtNDRjNS05Zjk5LThlOGY3Njk0NWUzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+xAwDQYJKoZIhvcNAQELBQADggEBAFosKJYYPKBqF7HuGovF WkAiyXakjDHXvKLS6o4L0HrdkBhny5F5cn6nuL4b7Y7Lo04NLFm+PaQZM2SAdn0f K9h5bTHcSi0fp1Oj3o3OxHDR9q20Wa7c+AlW8X/Lc9n+bneNhaJh6vNdi5K94Htl 8Q7nL99n+bWP2Ed/0AVdbAWEmGPoXSFvyR7LQtnTlH9thLZOt4Kt3YdI/CWidZre sMC9SmnZM5YJqgXemb5XpqC42bwdNYmxbJ4PYe7hBUrnA3TmwF8xITO8tPnHgo7v oum5+CQYTAOg05IgD5AuiPPJAqmns3JEQUePK7mMQi6LYIm9MjMhxcD8zm++FVKD K8c= -----END CERTIFICATE-----Generated at Sat Dec 6 12:05:04 2025 by rpki-client