This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa File: 85858219-71cc-46f9-9c59-e75c9c1f8098.roa (raw, json) Hash identifier: lIlOvjNMtHHCHc4GFqF9/UiPgEPzy01NJYWXM/HDmT4= Subject key identifier: AF:6D:E0:FD:CB:02:CB:D0:E8:05:58:69:5E:60:60:39:9E:06:90:F5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 05FF1F867DA8C1D146F57588668EBC8AFB7E6334 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa Signing time: Tue 02 Dec 2025 00:30:49 +0000 ROA not before: Tue 02 Dec 2025 00:30:49 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:ff:1f:86:7d:a8:c1:d1:46:f5:75:88:66:8e:bc:8a:fb:7e:63:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:30:49 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=39af985498b81a31450b10c8cea282fc753a4ca01bd8f23b81fbd08eb9a16f39, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:56:5f:20:68:55:18:70:24:ce:7e:cc:53:c3: 8c:ee:52:70:dd:30:74:80:d0:5c:22:af:4e:0f:91: 8b:1e:f0:92:a8:a3:8b:a6:a2:15:7b:61:54:e0:e5: d6:c5:1a:19:86:93:f7:8c:77:67:4b:24:07:00:86: bd:52:5e:19:b0:f9:46:a1:cc:ab:05:ae:a2:cd:96: fe:fb:16:2d:3d:fc:1b:f7:bf:02:76:0c:ea:9e:ca: 2c:63:1e:6d:56:7d:1a:4e:d0:b0:b2:b9:f2:fe:77: 5c:9a:f7:b8:b3:1b:46:4b:b8:c5:43:8c:4f:e2:03: 32:fb:36:b9:65:34:fa:16:46:40:d2:5a:29:89:66: e5:fa:8a:07:91:d8:3a:64:e5:30:29:72:1f:1c:97: 55:f4:6c:1d:22:a6:2a:68:3c:0c:ee:a8:e7:96:e8: bc:63:52:44:9d:cc:ab:4e:e3:53:5e:d5:ea:ec:69: 22:3c:42:a7:3c:d0:b4:b0:1c:9d:30:c3:2c:c8:96: 29:0b:4a:ac:55:b0:67:a7:71:6d:79:05:e0:1b:68: 33:e4:50:b3:e4:ae:f0:fa:68:fb:a8:94:33:84:aa: d2:51:34:e2:90:28:65:f9:2c:a4:e3:15:2f:54:cc: c1:be:17:d0:47:65:e0:a4:6e:c2:1b:35:96:f6:6a: 63:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:6D:E0:FD:CB:02:CB:D0:E8:05:58:69:5E:60:60:39:9E:06:90:F5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c800::/40 Signature Algorithm: sha256WithRSAEncryption 98:35:8c:6c:56:23:be:33:60:f3:48:41:c9:52:a9:d4:0a:23: bd:43:f3:50:8a:2d:4e:85:0d:07:34:70:7d:2d:8c:0b:06:7b: ab:81:80:4d:22:59:ba:65:04:56:32:cb:cc:22:9c:88:17:b9: 78:cb:cf:2a:0d:38:f9:aa:ec:63:39:a5:eb:1c:fa:f9:fc:46: bb:de:3f:71:5a:78:ee:47:d8:99:fe:fb:ab:dc:69:4f:eb:f2: 40:03:9e:85:6b:12:42:4d:3d:19:ee:f4:3b:47:cb:62:88:be: cb:c4:d1:28:be:93:80:b1:c6:8d:66:36:9e:2f:8f:e0:10:f2: 68:c0:b3:aa:85:81:c3:b2:25:1a:1b:d7:2e:15:e9:d7:20:38: e2:fb:e2:c7:89:9f:7d:dd:a1:75:86:de:e1:3f:48:7d:cd:42: 75:df:ca:74:b3:cf:af:4c:82:9f:65:3c:98:08:a8:82:2d:58: 69:81:c3:fd:d0:f4:35:81:66:ce:8b:d8:56:ff:76:72:70:51: 89:7d:d1:f4:71:c0:c6:86:83:4e:3d:54:96:94:7b:1d:3c:b4: 4a:4e:a3:ce:ed:44:8e:d7:27:d6:e3:68:8f:db:b7:8b:f1:76: 76:0c:23:02:27:09:5f:94:58:4c:51:3b:29:dc:60:9d:90:dd: d3:54:73:9e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBf8fhn2owdFG9XWIZo68ivt+YzQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMzA0OVoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAMzlhZjk4NTQ5OGI4MWEzMTQ1MGIx MGM4Y2VhMjgyZmM3NTNhNGNhMDFiZDhmMjNiODFmYmQwOGViOWExNmYzOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VZfIGhVGHAkzn7MU8OM7lJw3TB0 gNBcIq9OD5GLHvCSqKOLpqIVe2FU4OXWxRoZhpP3jHdnSyQHAIa9Ul4ZsPlGocyr Ba6izZb++xYtPfwb978CdgzqnsosYx5tVn0aTtCwsrny/ndcmve4sxtGS7jFQ4xP 4gMy+za5ZTT6FkZA0lopiWbl+ooHkdg6ZOUwKXIfHJdV9GwdIqYqaDwM7qjnlui8 Y1JEncyrTuNTXtXq7GkiPEKnPNC0sBydMMMsyJYpC0qsVbBnp3FteQXgG2gz5FCz 5K7w+mj7qJQzhKrSUTTikChl+Syk4xUvVMzBvhfQR2XgpG7CGzWW9mpjBQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK9t4P3LAsvQ6AVYaV5gYDmeBpD1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg1ODU4MjE5LTcxY2MtNDZmOS05YzU5LWU3NWM5YzFmODA5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAMgwDQYJKoZIhvcNAQELBQADggEBAJg1jGxWI74zYPNIQclS qdQKI71D81CKLU6FDQc0cH0tjAsGe6uBgE0iWbplBFYyy8winIgXuXjLzyoNOPmq 7GM5pesc+vn8RrveP3FaeO5H2Jn++6vcaU/r8kADnoVrEkJNPRnu9DtHy2KIvsvE 0Si+k4Cxxo1mNp4vj+AQ8mjAs6qFgcOyJRob1y4V6dcgOOL74seJn33doXWG3uE/ SH3NQnXfynSzz69Mgp9lPJgIqIItWGmBw/3Q9DWBZs6L2Fb/dnJwUYl90fRxwMaG g049VJaUex08tEpOo87tRI7XJ9bjaI/bt4vxdnYMIwInCV+UWExROyncYJ2Q3dNU c54= -----END CERTIFICATE-----Generated at Sat Dec 6 16:09:15 2025 by rpki-client