This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/95723d87-e403-4a3f-8c2d-be6b316ed860.roa File: 95723d87-e403-4a3f-8c2d-be6b316ed860.roa (raw, json) Hash identifier: hHYLAi86OmTmtnOggnR0MAbxJcAsb/N4eZSS0UTELKo= Subject key identifier: 1F:BD:40:BB:25:29:8A:64:61:54:61:05:55:B4:AF:61:BE:0A:20:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6A3124475CCF9CD87B44B9DB56A0DF95EBA94571 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/95723d87-e403-4a3f-8c2d-be6b316ed860.roa Signing time: Wed 26 Nov 2025 00:01:12 +0000 ROA not before: Wed 26 Nov 2025 00:01:12 +0000 ROA not after: Tue 24 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:31:24:47:5c:cf:9c:d8:7b:44:b9:db:56:a0:df:95:eb:a9:45:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 26 00:01:12 2025 GMT Not After : Feb 24 23:59:59 2026 GMT Subject: serialNumber=40bcbc8596a4742545233c4d2adfd97755ed994f669021ba7490c2ce7588b72c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:7a:c3:67:a4:35:1a:b7:fd:e9:c3:28:0a:e7: 07:aa:a9:48:88:8c:c2:df:ca:c1:bf:9e:a4:c1:51: 06:d4:ea:9c:b2:89:1e:41:f6:2f:30:65:d0:e5:1c: d8:6e:4c:1f:5a:cf:01:e7:63:b1:8f:f7:57:5d:bb: cf:1d:6a:6c:5b:40:8c:6f:02:e2:35:a8:3d:5f:f8: a9:e2:95:ec:d8:df:5a:03:89:f0:5b:4f:6d:3d:6b: 92:62:da:95:6e:19:19:f6:e2:f8:a9:fa:b2:49:83: 4c:53:1b:1c:53:50:dd:9c:19:33:f6:00:15:6b:1f: 12:f1:1c:54:8f:f0:7c:c4:06:22:bc:b0:91:e4:0f: 4e:26:fe:a1:ae:dd:71:fe:6b:52:d4:4b:51:1f:b0: dd:73:46:dc:ae:6a:13:85:1c:55:00:b4:73:db:f4: 98:71:a0:00:5b:83:6d:e6:9c:62:7e:5d:83:ed:8a: ac:ff:b1:99:53:87:23:af:26:73:1a:db:b7:e6:09: 6b:61:a0:4d:9d:7d:0c:02:29:f5:df:3c:61:d5:5a: 41:1b:b1:99:e8:b7:42:81:01:3a:3c:d3:1b:ca:d6: 1d:73:a2:65:2e:1a:8c:f9:4a:52:8b:c5:de:df:c0: 52:22:68:dd:76:e9:85:06:f7:f6:07:c0:06:9a:f3: 0f:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:BD:40:BB:25:29:8A:64:61:54:61:05:55:B4:AF:61:BE:0A:20:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/95723d87-e403-4a3f-8c2d-be6b316ed860.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:8800::/40 Signature Algorithm: sha256WithRSAEncryption a2:af:0c:ba:59:d4:59:47:d0:a7:49:86:2d:60:5b:58:47:3a: 10:1c:3e:46:2e:70:76:ab:b8:1d:c2:a4:08:92:ca:f2:80:e7: d1:be:94:96:87:01:e0:56:43:1e:a0:b4:28:4c:df:84:38:b7: 90:25:b2:6a:ed:01:28:37:e8:86:b9:50:22:9d:2a:36:fa:ae: 85:3a:7a:ae:98:db:5a:31:f1:46:e3:00:f9:af:22:7b:68:7e: e4:75:fb:87:d9:03:fc:0d:5a:50:23:67:c3:f6:0a:e6:5d:04: e4:40:94:67:b7:f2:4b:1a:52:c7:31:80:e0:22:a4:05:21:4e: 1a:f0:1e:5d:54:d4:0b:a7:a5:ed:ba:26:9a:35:13:ae:62:fe: d4:80:a4:74:19:8a:7a:70:80:b5:04:81:9c:ca:5e:54:3e:a5: c8:b8:a1:c9:73:c9:30:18:6a:8d:52:f7:b4:03:f0:68:75:50: 79:ea:3d:d4:37:a8:27:b2:6b:f6:18:14:6d:e9:f6:a7:cf:91: de:62:b6:04:c5:39:af:64:17:a6:d4:bd:14:24:5a:72:0c:a0: 4b:dd:06:a6:97:d5:b1:73:cf:45:98:5b:65:ed:24:0d:4f:b3: cf:9a:0d:e3:9d:6b:73:85:91:17:33:33:b1:b7:8d:fe:7b:36: df:5d:cf:d7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUajEkR1zPnNh7RLnbVqDfleupRXEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyNjAwMDExMloX DTI2MDIyNDIzNTk1OVowejFJMEcGA1UEBRNANDBiY2JjODU5NmE0NzQyNTQ1MjMz YzRkMmFkZmQ5Nzc1NWVkOTk0ZjY2OTAyMWJhNzQ5MGMyY2U3NTg4YjcyYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HrDZ6Q1Grf96cMoCucHqqlIiIzC 38rBv56kwVEG1OqcsokeQfYvMGXQ5RzYbkwfWs8B52Oxj/dXXbvPHWpsW0CMbwLi Nag9X/ip4pXs2N9aA4nwW09tPWuSYtqVbhkZ9uL4qfqySYNMUxscU1DdnBkz9gAV ax8S8RxUj/B8xAYivLCR5A9OJv6hrt1x/mtS1EtRH7Ddc0bcrmoThRxVALRz2/SY caAAW4Nt5pxifl2D7Yqs/7GZU4cjryZzGtu35glrYaBNnX0MAin13zxh1VpBG7GZ 6LdCgQE6PNMbytYdc6JlLhqM+UpSi8Xe38BSImjddumFBvf2B8AGmvMPDwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB+9QLslKYpkYVRhBVW0r2G+CiDPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk1NzIzZDg3LWU0MDMtNGEzZi04YzJkLWJlNmIzMTZlZDg2MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9IgwDQYJKoZIhvcNAQELBQADggEBAKKvDLpZ1FlH0KdJhi1g W1hHOhAcPkYucHaruB3CpAiSyvKA59G+lJaHAeBWQx6gtChM34Q4t5AlsmrtASg3 6Ia5UCKdKjb6roU6eq6Y21ox8UbjAPmvIntofuR1+4fZA/wNWlAjZ8P2CuZdBORA lGe38ksaUscxgOAipAUhThrwHl1U1Aunpe26Jpo1E65i/tSApHQZinpwgLUEgZzK XlQ+pci4oclzyTAYao1S97QD8Gh1UHnqPdQ3qCeya/YYFG3p9qfPkd5itgTFOa9k F6bUvRQkWnIMoEvdBqaX1bFzz0WYW2XtJA1Ps8+aDeOda3OFkRczM7G3jf57Nt9d z9c= -----END CERTIFICATE-----Generated at Sat Dec 6 13:23:09 2025 by rpki-client