This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa File: 9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa (raw, json) Hash identifier: CNzKonTubOC/6RmiXkGCAlQQNhz1lWIgCbqO7mb3AUs= Subject key identifier: 8B:AE:C0:AA:D7:7E:53:D4:8E:22:AA:E0:69:E6:7E:6D:6D:3A:77:FA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 012EDE94EA750EF82532F969D72333763AAF7B72 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa Signing time: Tue 02 Dec 2025 00:20:08 +0000 ROA not before: Tue 02 Dec 2025 00:20:08 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:2e:de:94:ea:75:0e:f8:25:32:f9:69:d7:23:33:76:3a:af:7b:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:20:08 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=0be2e6e0e4909a46e6651cf0766c0ccfd3262a563a4d0abbb8c79b5f678c87ef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:03:1c:cc:5a:1d:a1:dc:9f:c1:ba:cf:4e:5d: 50:0d:d2:7d:1d:6a:5f:d3:a5:da:4c:9d:26:b1:65: 5d:0c:b3:fd:86:72:25:bf:c5:0b:4e:fd:e0:2a:d6: 62:4e:e0:04:d5:a2:99:a3:7c:24:f0:85:46:e0:d1: ec:a2:a3:c1:98:e9:c7:67:13:25:ee:c3:02:55:5a: ff:19:ec:b0:bc:9a:95:1d:49:c2:69:fa:40:15:f4: dd:c4:e9:78:ea:f7:c8:57:84:d7:be:76:7c:88:88: 22:52:97:82:85:ef:2e:e4:9e:41:ab:3f:06:e2:7a: 02:92:c7:76:d7:88:30:20:00:3d:14:aa:7a:77:3b: 1c:8e:b2:07:24:6c:a3:8d:7d:3d:4d:d4:18:ee:a2: af:0f:aa:6c:f2:cd:5d:0b:81:e6:05:47:66:63:1c: d2:dd:d1:b9:8d:c9:3e:ca:5a:d0:7d:49:42:54:2e: a1:7d:e1:16:59:39:78:56:f5:f7:01:a6:a5:ec:19: 99:ef:3b:f3:2c:0a:71:a3:7d:55:12:fd:54:6c:b5: 58:03:1d:9d:07:ff:e7:a6:9c:dd:af:99:15:e2:fe: 0b:58:98:3c:ed:ed:86:35:ab:a6:be:17:fa:0e:8e: bf:13:fc:23:b3:52:5e:24:e5:00:c6:ac:a7:c9:d6: 1f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:AE:C0:AA:D7:7E:53:D4:8E:22:AA:E0:69:E6:7E:6D:6D:3A:77:FA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2800::/40 Signature Algorithm: sha256WithRSAEncryption 4c:ca:50:07:18:b7:ab:10:74:0b:87:2a:67:91:c3:ab:14:09: ef:50:59:ff:02:12:78:e2:22:e7:6e:1c:3b:93:f7:d7:e2:50: c8:28:54:2f:63:a5:38:74:14:46:2b:47:5f:0d:00:9f:81:48: cd:00:49:c6:e8:52:5f:d2:49:ff:36:f0:a3:59:ca:2f:e8:33: 88:58:ea:ba:d4:07:66:4b:63:0f:54:b9:75:70:a2:1d:6b:ee: 31:5a:b8:3c:f0:a1:6d:81:e5:34:a9:87:47:7a:8e:a7:ed:15: 6e:70:43:05:67:dd:6b:ab:55:df:d6:5a:9c:51:15:79:0c:24: 8e:e3:4f:03:3b:94:77:2d:71:fb:db:bc:f5:27:db:77:67:e6: ae:fc:10:fb:00:f8:0b:09:75:e5:02:51:ef:1e:67:b4:41:8c: b9:a1:2f:7e:9a:cf:43:d7:9d:11:2c:c4:f8:9e:24:f7:52:8d: bd:89:14:91:a8:46:36:9b:0b:74:94:96:ce:6b:7e:fc:9a:3e: a0:45:2b:44:4c:7d:90:5d:73:9b:4f:7a:34:4f:80:3a:35:0d: bf:a5:f2:62:05:5d:c4:0e:e8:ce:04:e5:bc:b6:b7:f9:0e:d0: f8:66:ec:24:da:79:97:d3:e3:51:7f:a6:db:5b:dd:92:1f:0a: a4:4b:c7:b3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAS7elOp1DvglMvlp1yMzdjqve3IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMjAwOFoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAMGJlMmU2ZTBlNDkwOWE0NmU2NjUx Y2YwNzY2YzBjY2ZkMzI2MmE1NjNhNGQwYWJiYjhjNzliNWY2NzhjODdlZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwMczFododyfwbrPTl1QDdJ9HWpf 06XaTJ0msWVdDLP9hnIlv8ULTv3gKtZiTuAE1aKZo3wk8IVG4NHsoqPBmOnHZxMl 7sMCVVr/GeywvJqVHUnCafpAFfTdxOl46vfIV4TXvnZ8iIgiUpeChe8u5J5Bqz8G 4noCksd214gwIAA9FKp6dzscjrIHJGyjjX09TdQY7qKvD6ps8s1dC4HmBUdmYxzS 3dG5jck+ylrQfUlCVC6hfeEWWTl4VvX3Aaal7BmZ7zvzLApxo31VEv1UbLVYAx2d B//nppzdr5kV4v4LWJg87e2GNaumvhf6Do6/E/wjs1JeJOUAxqynydYfTQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIuuwKrXflPUjiKq4Gnmfm1tOnf6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwMjFhZWY5LWM3NmEtNDFjNy05ZmY4LWRkOWVhMzI2MzQwZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYSgwDQYJKoZIhvcNAQELBQADggEBAEzKUAcYt6sQdAuHKmeR w6sUCe9QWf8CEnjiIuduHDuT99fiUMgoVC9jpTh0FEYrR18NAJ+BSM0AScboUl/S Sf828KNZyi/oM4hY6rrUB2ZLYw9UuXVwoh1r7jFauDzwoW2B5TSph0d6jqftFW5w QwVn3WurVd/WWpxRFXkMJI7jTwM7lHctcfvbvPUn23dn5q78EPsA+AsJdeUCUe8e Z7RBjLmhL36az0PXnREsxPieJPdSjb2JFJGoRjabC3SUls5rfvyaPqBFK0RMfZBd c5tPejRPgDo1Db+l8mIFXcQO6M4E5by2t/kO0Phm7CTaeZfT41F/pttb3ZIfCqRL x7M= -----END CERTIFICATE-----Generated at Sat Dec 6 14:42:32 2025 by rpki-client