This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa File: 8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa (raw, json) Hash identifier: SjkZ617hlU3K9NUxqTax9mwWhCpPgxjsxtcsLTXY4bQ= Subject key identifier: 37:18:8F:31:7A:A8:FA:99:81:EC:8D:57:60:E4:BA:68:32:03:94:D3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2912B87E348DF574D7A87538044220B75AEC0EF0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa Signing time: Tue 02 Dec 2025 00:10:09 +0000 ROA not before: Tue 02 Dec 2025 00:10:09 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:12:b8:7e:34:8d:f5:74:d7:a8:75:38:04:42:20:b7:5a:ec:0e:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:10:09 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=8123e5b1b99cd292ad2ec1f640021e03a47fcf083d9bfcc69c1781f02908493e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:01:65:a0:41:e5:ac:27:1f:e9:65:23:88:d0: fd:b0:fa:e0:59:e8:0a:73:31:9a:06:92:42:eb:65: b6:56:37:a2:b8:2d:4d:0d:34:69:b6:5c:a8:7b:7a: 66:cb:89:f6:c8:99:af:62:67:8e:ee:72:b3:19:f4: 0e:5d:a1:e8:41:73:96:98:cc:c1:5b:95:aa:b7:8e: f0:b6:ef:80:0a:db:76:25:b0:eb:9a:d9:03:d5:49: f2:f2:54:0a:c0:e1:03:ab:b9:56:28:47:35:d8:63: 15:21:7f:93:dd:d1:fd:40:ef:e6:0a:f6:96:07:85: 4d:c5:b5:18:46:3f:31:ae:30:7e:9c:8e:28:24:7c: 76:56:fe:82:3d:44:45:7b:87:a6:4c:32:7c:59:18: 06:bf:14:7b:18:ea:82:c1:b5:38:55:0d:95:31:20: d2:c8:d4:69:eb:e7:cf:2b:19:60:c2:ab:05:91:45: b8:01:b4:f7:67:e5:3e:f5:c3:c0:b9:b1:f5:b9:80: f1:c9:75:c6:cc:fc:f9:27:af:4d:74:c9:df:5f:5e: 13:0a:fd:ae:01:2d:8f:fe:cd:17:b0:b5:46:0c:ce: 90:ae:d2:cd:24:33:ee:11:6a:80:b6:61:13:74:ae: df:9a:ff:5f:43:9d:90:60:81:a5:ff:5c:c7:50:06: 7a:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:18:8F:31:7A:A8:FA:99:81:EC:8D:57:60:E4:BA:68:32:03:94:D3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c840::/48 Signature Algorithm: sha256WithRSAEncryption 7f:75:15:25:d0:50:ed:3e:80:f5:d6:42:e0:81:b6:87:03:96: 1c:56:b3:88:9d:60:86:01:9d:5b:2b:ad:ad:af:1d:53:10:51: 69:98:58:3e:65:fe:35:f2:b1:5e:fe:d4:f2:90:49:00:42:96: 63:08:76:71:69:14:0b:cc:6d:1a:7d:62:65:45:0f:47:40:fe: 56:9e:23:54:96:d0:80:67:7f:18:a0:56:6e:80:e3:a5:af:e0: 5d:5b:82:e9:b5:21:4f:ac:21:d6:79:2b:8e:93:04:26:95:df: 8b:74:a8:14:75:24:70:1c:a0:b5:41:c7:bc:57:37:1e:88:23: e4:e5:e6:f7:ca:e2:40:5e:69:17:5d:78:e6:07:e4:5a:7d:b7: d1:97:76:21:a6:bb:0f:47:f8:bb:02:74:36:4a:9b:9b:9d:da: 08:09:ea:d7:c2:47:07:8e:88:88:f9:d9:ed:06:f7:e1:97:bc: cd:17:07:1a:97:17:6a:a1:3f:c0:74:f5:01:12:dd:9f:64:00: c5:ae:5d:c5:4d:79:e1:96:8a:cd:8c:2c:5e:7f:22:a1:65:60: 9d:5a:5a:9d:ac:7a:89:a6:3a:97:c6:1f:35:c1:35:49:6a:ad: 3f:2e:c8:d5:14:07:bd:f4:b6:57:b7:d7:ee:91:b4:c8:73:ab: 75:fa:7d:76 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKRK4fjSN9XTXqHU4BEIgt1rsDvAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMTAwOVoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAODEyM2U1YjFiOTljZDI5MmFkMmVj MWY2NDAwMjFlMDNhNDdmY2YwODNkOWJmY2M2OWMxNzgxZjAyOTA4NDkzZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QFloEHlrCcf6WUjiND9sPrgWegK czGaBpJC62W2VjeiuC1NDTRptlyoe3pmy4n2yJmvYmeO7nKzGfQOXaHoQXOWmMzB W5Wqt47wtu+ACtt2JbDrmtkD1Uny8lQKwOEDq7lWKEc12GMVIX+T3dH9QO/mCvaW B4VNxbUYRj8xrjB+nI4oJHx2Vv6CPURFe4emTDJ8WRgGvxR7GOqCwbU4VQ2VMSDS yNRp6+fPKxlgwqsFkUW4AbT3Z+U+9cPAubH1uYDxyXXGzPz5J69NdMnfX14TCv2u AS2P/s0XsLVGDM6QrtLNJDPuEWqAtmETdK7fmv9fQ52QYIGl/1zHUAZ6lQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDcYjzF6qPqZgeyNV2DkumgyA5TTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhkYmE4NWI3LTQ3MzAtNGMyOC05OGRmLTNjODQ4NGUwZjFjYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8shAMA0GCSqGSIb3DQEBCwUAA4IBAQB/dRUl0FDtPoD11kLg gbaHA5YcVrOInWCGAZ1bK62trx1TEFFpmFg+Zf418rFe/tTykEkAQpZjCHZxaRQL zG0afWJlRQ9HQP5WniNUltCAZ38YoFZugOOlr+BdW4LptSFPrCHWeSuOkwQmld+L dKgUdSRwHKC1Qce8VzceiCPk5eb3yuJAXmkXXXjmB+RafbfRl3YhprsPR/i7AnQ2 SpubndoICerXwkcHjoiI+dntBvfhl7zNFwcalxdqoT/AdPUBEt2fZADFrl3FTXnh lorNjCxefyKhZWCdWlqdrHqJpjqXxh81wTVJaq0/LsjVFAe99LZXt9fukbTIc6t1 +n12 -----END CERTIFICATE-----Generated at Sat Dec 6 14:42:17 2025 by rpki-client