This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/840736df-cd98-4b5b-a4f2-5615993fc74d.roa File: 840736df-cd98-4b5b-a4f2-5615993fc74d.roa (raw, json) Hash identifier: onFuUkONqK94T3a48Pkkw7Zj3Q2Ixpu+wEOZPWkUe5Y= Subject key identifier: 93:EA:70:2B:88:97:8F:88:DD:E7:CF:86:B8:03:35:0C:B7:8C:A0:A6 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 3A7DEC31FF0E8D0288E3EF85691E745238D23F4F Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/840736df-cd98-4b5b-a4f2-5615993fc74d.roa Signing time: Tue 02 Dec 2025 00:20:59 +0000 ROA not before: Tue 02 Dec 2025 00:20:59 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:7d:ec:31:ff:0e:8d:02:88:e3:ef:85:69:1e:74:52:38:d2:3f:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Dec 2 00:20:59 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=e9e2b7b33e41fe41499da61d743af273512861be1076c3fad8b23e9317a5809e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:15:bc:32:8e:de:c4:1f:ea:8d:72:6e:fa:ce: 00:cf:a0:82:6f:15:66:a0:e2:73:14:33:30:af:c7: 54:9e:05:5a:0e:5d:e5:45:7e:b3:4b:e7:45:ae:8b: 94:04:6e:18:fc:6b:00:26:9d:86:76:52:8e:e1:cb: e7:21:58:d8:cb:c5:c3:f0:40:b7:9a:5d:e8:8c:60: bd:36:fa:91:8f:62:e7:d5:0e:14:bd:72:bc:a4:33: 99:cc:78:dd:0d:ae:24:bb:a4:10:7f:62:83:58:e6: 60:e1:a7:e5:7b:d1:d9:15:8c:1b:0e:fe:6f:fd:e7: ed:e0:55:21:c1:26:46:71:3b:5f:b6:84:6d:27:44: 54:cc:0f:f6:04:f1:55:50:18:c4:01:92:19:d7:34: 99:d5:03:09:07:41:57:8c:eb:47:8f:18:e5:ca:42: 05:0c:26:a1:9c:a6:2b:a1:7b:9f:4f:5e:32:83:a9: f0:f1:44:41:fd:23:d6:40:14:f6:4d:d4:72:ac:5a: 28:d1:36:cc:ff:be:7f:0c:72:5c:47:14:a2:e2:43: 27:c2:cf:44:d3:1d:83:9b:fc:08:b7:68:bf:8e:90: 25:92:52:f4:42:04:88:eb:c3:cb:a8:d3:0d:46:b7: 20:64:6e:f9:a3:7d:bb:97:bd:fc:bc:02:c7:24:a7: ac:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:EA:70:2B:88:97:8F:88:DD:E7:CF:86:B8:03:35:0C:B7:8C:A0:A6 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/840736df-cd98-4b5b-a4f2-5615993fc74d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.0.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:71:ea:6b:13:81:5d:31:0c:71:56:08:29:64:3a:d5:ab:25: 80:b5:f0:d7:1d:a8:dc:bf:bb:c1:6c:03:2b:03:37:c4:2c:1f: eb:e7:c6:e8:12:44:4e:bd:35:72:10:66:2c:e6:24:f0:b0:03: c9:71:97:29:1a:07:6f:d4:36:c7:c0:fd:d4:5c:6d:72:ae:39: 59:eb:19:68:fa:44:5e:25:16:db:c2:46:c1:fc:ce:fb:3e:01: ab:07:e3:0d:86:da:08:9c:c1:fa:e0:bd:3a:d1:1f:ad:7f:83: a3:83:11:24:3b:65:99:7a:33:38:76:33:b8:c3:38:e0:07:55: 53:bb:f0:3c:56:14:3e:0e:95:d0:d9:28:39:8f:0c:71:14:cd: 2b:8d:dd:04:22:7d:4b:03:5e:d7:42:6b:54:dd:a8:97:f9:b8: c4:db:7c:8e:4f:94:75:e2:dc:6e:c1:20:98:b1:b3:af:08:8f: 14:91:dd:96:d5:77:d0:24:32:e7:41:94:c3:b3:ea:4a:f8:c2: 7e:cb:7a:cd:52:d0:b4:e2:37:e8:dc:4d:d2:d3:eb:c3:c3:5a: 46:62:9e:df:ad:11:fe:5c:94:be:a5:b1:33:2e:e0:a1:8a:84: 18:ce:bc:6e:8c:67:22:e2:1d:aa:bd:d3:b3:f0:47:5d:2c:e8: 53:87:ce:d5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOn3sMf8OjQKI4++FaR50UjjSP08wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTIwMjAwMjA1OVoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAZTllMmI3YjMzZTQxZmU0MTQ5OWRh NjFkNzQzYWYyNzM1MTI4NjFiZTEwNzZjM2ZhZDhiMjNlOTMxN2E1ODA5ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RW8Mo7exB/qjXJu+s4Az6CCbxVm oOJzFDMwr8dUngVaDl3lRX6zS+dFrouUBG4Y/GsAJp2GdlKO4cvnIVjYy8XD8EC3 ml3ojGC9NvqRj2Ln1Q4UvXK8pDOZzHjdDa4ku6QQf2KDWOZg4afle9HZFYwbDv5v /eft4FUhwSZGcTtftoRtJ0RUzA/2BPFVUBjEAZIZ1zSZ1QMJB0FXjOtHjxjlykIF DCahnKYroXufT14yg6nw8URB/SPWQBT2TdRyrFoo0TbM/75/DHJcRxSi4kMnws9E 0x2Dm/wIt2i/jpAlklL0QgSI68PLqNMNRrcgZG75o327l738vALHJKesywIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJPqcCuIl4+I3efPhrgDNQy3jKCmMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0MDczNmRmLWNkOTgtNGI1Yi1hNGYyLTU2MTU5OTNmYzc0ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/gAMA0GCSqGSIb3DQEBCwUAA4IBAQAOceprE4FdMQxxVggpZDrV qyWAtfDXHajcv7vBbAMrAzfELB/r58boEkROvTVyEGYs5iTwsAPJcZcpGgdv1DbH wP3UXG1yrjlZ6xlo+kReJRbbwkbB/M77PgGrB+MNhtoInMH64L060R+tf4OjgxEk O2WZejM4djO4wzjgB1VTu/A8VhQ+DpXQ2Sg5jwxxFM0rjd0EIn1LA17XQmtU3aiX +bjE23yOT5R14txuwSCYsbOvCI8Ukd2W1XfQJDLnQZTDs+pK+MJ+y3rNUtC04jfo 3E3S0+vDw1pGYp7frRH+XJS+pbEzLuChioQYzrxujGci4h2qvdOz8EddLOhTh87V -----END CERTIFICATE-----Generated at Sat Dec 6 10:58:53 2025 by rpki-client