This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8457b23d-d50e-4b48-bd70-aa0e3c7abb86.roa File: 8457b23d-d50e-4b48-bd70-aa0e3c7abb86.roa (raw, json) Hash identifier: nAZBz8HiSH2vlx6BhBif8ga1FFhSErgAKmROeo9UODM= Subject key identifier: 66:D6:21:37:D6:1A:E2:67:E0:23:D6:10:07:87:8B:32:BE:EB:EA:EE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B2DA8294D1CBA7D4E3DD6A72C5D52479DB3AD04 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8457b23d-d50e-4b48-bd70-aa0e3c7abb86.roa Signing time: Wed 03 Dec 2025 00:10:27 +0000 ROA not before: Wed 03 Dec 2025 00:10:27 +0000 ROA not after: Tue 03 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:2d:a8:29:4d:1c:ba:7d:4e:3d:d6:a7:2c:5d:52:47:9d:b3:ad:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 3 00:10:27 2025 GMT Not After : Mar 3 23:59:59 2026 GMT Subject: serialNumber=f931fc1246253d51688cdc2d881575175b78a55b221e1d2f663c71373d8ae01b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b1:e7:3d:fc:bd:e5:49:19:b0:f1:05:10:b2: 04:99:37:85:c3:3a:c4:7f:ed:36:7c:f4:96:ff:88: 1a:86:6a:ee:c1:72:24:a3:20:d4:20:13:d0:14:ca: 14:bf:2f:65:1a:03:05:ca:d6:3b:81:d4:f7:4b:22: fd:8a:7a:e5:2c:64:d7:9b:4e:ab:6f:07:a5:25:ac: a5:a5:63:32:c3:96:2d:ba:34:9f:a5:84:97:9b:4e: 21:7e:44:67:77:6a:17:73:91:cd:a1:c3:98:22:59: ee:8c:2e:0d:f8:c7:86:c4:f3:3d:0c:ea:a0:f2:d0: 2e:ca:50:17:af:83:06:98:0e:ac:c2:bd:05:9b:0f: 81:e9:f3:01:67:5c:03:6d:d1:2a:a0:3e:3c:6f:0f: f8:a2:67:26:98:7b:07:69:d2:b3:90:51:30:f0:5d: 67:5c:c5:53:59:72:a4:e0:4b:4a:fc:d6:97:09:ca: 2a:9f:88:fd:e5:11:2b:73:af:82:0f:e7:1c:6b:30: 49:3d:b9:cd:7f:b7:b7:f8:00:37:ac:07:d4:57:7a: 78:26:97:89:f9:5d:71:25:53:d6:d3:10:8a:ff:2a: 3d:8e:f4:f2:8f:d5:e4:24:4f:f4:29:5c:fa:83:8f: 36:e0:8f:87:b7:a9:82:43:41:b0:89:5b:6e:09:60: 88:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:D6:21:37:D6:1A:E2:67:E0:23:D6:10:07:87:8B:32:BE:EB:EA:EE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8457b23d-d50e-4b48-bd70-aa0e3c7abb86.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:b000::/40 Signature Algorithm: sha256WithRSAEncryption 6a:85:94:35:dc:8e:0a:0a:48:be:d4:d4:27:de:f3:65:bf:57: c2:5a:c2:d0:20:12:df:06:3e:a8:c3:ea:d9:40:43:78:55:88: 1a:f7:2c:fe:db:9f:64:38:6e:17:6d:27:6c:9d:44:5a:49:fd: 5a:d4:50:5f:d2:ae:b7:c2:36:5d:24:ef:b2:d0:40:0a:fe:68: 3e:71:34:cc:44:77:6b:51:f3:48:9b:4d:6b:96:8e:16:6e:ac: 35:ee:fa:e0:ae:25:42:b7:1f:cb:4a:86:36:70:77:9a:73:e1: 24:5a:14:35:dc:77:40:84:e2:2a:99:35:2e:e9:bc:87:89:f8: 6e:d8:41:82:3a:96:0a:92:7f:4c:5c:51:1e:67:1e:3e:4f:1e: 9e:97:a7:27:a6:e1:b5:47:af:ef:58:23:f7:c5:b7:79:c6:3d: 6d:0b:1f:41:4e:52:a7:d1:ef:5f:8b:de:c4:65:f7:e3:97:76: 45:d1:57:b1:dd:97:df:2c:21:f5:02:78:64:8c:79:92:d4:d3: 47:5b:d7:75:bf:a7:13:96:55:bd:e6:53:24:39:95:6b:4f:45: 42:b2:5a:34:fb:e3:27:60:62:81:e7:82:f7:04:5c:f7:7f:47: 6f:e1:b3:c8:14:a4:d4:c8:8d:3a:7b:1b:6b:ac:cc:16:d6:13: 48:a5:16:e2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUay2oKU0cun1OPdanLF1SR52zrQQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMzAwMTAyN1oX DTI2MDMwMzIzNTk1OVowejFJMEcGA1UEBRNAZjkzMWZjMTI0NjI1M2Q1MTY4OGNk YzJkODgxNTc1MTc1Yjc4YTU1YjIyMWUxZDJmNjYzYzcxMzczZDhhZTAxYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobHnPfy95UkZsPEFELIEmTeFwzrE f+02fPSW/4gahmruwXIkoyDUIBPQFMoUvy9lGgMFytY7gdT3SyL9inrlLGTXm06r bwelJaylpWMyw5YtujSfpYSXm04hfkRnd2oXc5HNocOYIlnujC4N+MeGxPM9DOqg 8tAuylAXr4MGmA6swr0Fmw+B6fMBZ1wDbdEqoD48bw/4omcmmHsHadKzkFEw8F1n XMVTWXKk4EtK/NaXCcoqn4j95RErc6+CD+ccazBJPbnNf7e3+AA3rAfUV3p4JpeJ +V1xJVPW0xCK/yo9jvTyj9XkJE/0KVz6g4824I+Ht6mCQ0GwiVtuCWCIJwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGbWITfWGuJn4CPWEAeHizK+6+ruMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0NTdiMjNkLWQ1MGUtNGI0OC1iZDcwLWFhMGUzYzdhYmI4Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+7AwDQYJKoZIhvcNAQELBQADggEBAGqFlDXcjgoKSL7U1Cfe 82W/V8JawtAgEt8GPqjD6tlAQ3hViBr3LP7bn2Q4bhdtJ2ydRFpJ/VrUUF/SrrfC Nl0k77LQQAr+aD5xNMxEd2tR80ibTWuWjhZurDXu+uCuJUK3H8tKhjZwd5pz4SRa FDXcd0CE4iqZNS7pvIeJ+G7YQYI6lgqSf0xcUR5nHj5PHp6Xpyem4bVHr+9YI/fF t3nGPW0LH0FOUqfR71+L3sRl9+OXdkXRV7Hdl98sIfUCeGSMeZLU00db13W/pxOW Vb3mUyQ5lWtPRUKyWjT74ydgYoHngvcEXPd/R2/hs8gUpNTIjTp7G2uszBbWE0il FuI= -----END CERTIFICATE-----Generated at Sat Dec 6 10:56:58 2025 by rpki-client