This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac8aea04-9afb-482f-82f7-e5e61b79d804.roa File: ac8aea04-9afb-482f-82f7-e5e61b79d804.roa (raw, json) Hash identifier: dsuw0mHWpBlCG5yDKh3iZ41q0aW4EobgbR0tg3Ym2iw= Subject key identifier: BB:73:59:EB:16:65:71:5F:CA:F0:D5:13:3A:F7:9F:D6:F9:61:14:0D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 783D25BF8CBBF5D43B0A010CAC086AE179F464AC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac8aea04-9afb-482f-82f7-e5e61b79d804.roa Signing time: Wed 03 Dec 2025 00:01:16 +0000 ROA not before: Wed 03 Dec 2025 00:01:16 +0000 ROA not after: Tue 03 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:a800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:3d:25:bf:8c:bb:f5:d4:3b:0a:01:0c:ac:08:6a:e1:79:f4:64:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 3 00:01:16 2025 GMT Not After : Mar 3 23:59:59 2026 GMT Subject: serialNumber=23606b042d0672e8c563e6b09ce18b5512188d8369f9c72ded934c3e445ef9fc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:d7:2f:37:63:1e:ed:cf:b7:76:68:8c:be:10: c3:c3:18:bf:77:d3:28:3d:4d:df:59:29:84:2c:0d: 40:7b:a9:1e:4f:3b:6c:d4:f2:48:e6:ed:18:c3:4d: 4c:d2:56:34:59:64:f7:37:95:33:fa:5c:4a:17:64: 1d:ac:08:39:e4:16:ec:c5:f5:7b:bd:5e:8f:99:5d: 0b:d1:83:fc:0e:4c:11:1b:b6:cb:ac:03:40:d2:2a: 61:c7:2b:3f:63:f3:cb:de:ae:75:78:6a:0f:d6:fa: 49:37:76:84:c9:38:da:30:8a:1f:5e:ea:e8:1e:06: be:fd:90:d8:cd:0b:14:6c:27:8a:e4:14:07:da:14: 7b:da:74:0f:ef:c0:19:59:e8:ed:1a:fb:60:d7:35: b0:67:46:6a:8b:ec:d8:58:da:e1:65:48:a5:09:d1: 28:37:10:ad:2f:be:96:60:01:c3:3a:c6:96:e8:fe: 70:de:f2:17:5c:a4:17:e6:99:a4:f0:5b:74:be:dd: 56:26:0f:44:59:22:f6:06:20:a5:d4:af:1c:48:dc: 3d:41:89:43:bd:cb:97:0c:ef:63:27:36:3d:59:54: 96:2c:1a:a3:69:b0:cc:dc:f5:c2:6c:65:4d:6e:6f: c8:80:94:cb:93:e2:51:5d:1d:7b:37:32:5a:25:a7: 5e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:73:59:EB:16:65:71:5F:CA:F0:D5:13:3A:F7:9F:D6:F9:61:14:0D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac8aea04-9afb-482f-82f7-e5e61b79d804.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:a800::/40 Signature Algorithm: sha256WithRSAEncryption b8:a3:48:07:5f:a7:6f:87:bd:4d:9f:36:7b:9d:db:f5:a9:f9: 5d:fe:1e:d2:c3:ec:56:3b:7b:71:4b:76:c4:fe:9e:00:59:a7: 76:19:12:a4:33:29:34:e3:09:1e:df:2b:f3:bf:65:43:5f:e7: 29:50:69:fe:ac:c4:3f:bb:fa:0b:34:2a:66:45:29:2f:e1:97: 23:43:45:05:4f:86:2d:eb:22:64:11:6b:ed:3c:5d:b5:8b:1f: 22:44:94:b2:22:6e:36:ae:8a:ee:ff:0f:84:23:37:48:62:d5: ae:82:ac:31:cb:67:db:c8:4a:0b:81:a5:32:fc:b9:d3:2a:4f: 3a:b3:a6:29:50:3a:eb:a2:4d:e6:22:e1:05:31:a3:ce:88:1f: 01:62:e2:91:69:81:37:00:75:6c:64:94:8d:a5:5c:a3:d6:d9: 69:74:ff:c5:d5:47:e2:d8:0e:1e:ba:07:6c:27:0c:6d:42:31: 72:37:2a:2a:4b:cc:32:60:fa:3d:6a:09:7a:61:4d:08:62:a3: 5b:10:b9:fb:28:08:92:35:84:29:1c:3b:9d:1b:ec:4a:5a:be: af:1e:53:f3:8e:40:28:fd:08:c1:0a:3f:de:c0:08:49:7d:6b: bd:2a:67:e5:d5:f0:1e:72:ef:6a:79:61:f3:0a:69:68:a5:bc: c8:21:46:15 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeD0lv4y79dQ7CgEMrAhq4Xn0ZKwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMzAwMDExNloX DTI2MDMwMzIzNTk1OVowejFJMEcGA1UEBRNAMjM2MDZiMDQyZDA2NzJlOGM1NjNl NmIwOWNlMThiNTUxMjE4OGQ4MzY5ZjljNzJkZWQ5MzRjM2U0NDVlZjlmYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdcvN2Me7c+3dmiMvhDDwxi/d9Mo PU3fWSmELA1Ae6keTzts1PJI5u0Yw01M0lY0WWT3N5Uz+lxKF2QdrAg55BbsxfV7 vV6PmV0L0YP8DkwRG7bLrANA0iphxys/Y/PL3q51eGoP1vpJN3aEyTjaMIofXuro Hga+/ZDYzQsUbCeK5BQH2hR72nQP78AZWejtGvtg1zWwZ0Zqi+zYWNrhZUilCdEo NxCtL76WYAHDOsaW6P5w3vIXXKQX5pmk8Ft0vt1WJg9EWSL2BiCl1K8cSNw9QYlD vcuXDO9jJzY9WVSWLBqjabDM3PXCbGVNbm/IgJTLk+JRXR17NzJaJadeqQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLtzWesWZXFfyvDVEzr3n9b5YRQNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjOGFlYTA0LTlhZmItNDgyZi04MmY3LWU1ZTYxYjc5ZDgwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoKgwDQYJKoZIhvcNAQELBQADggEBALijSAdfp2+HvU2fNnud 2/Wp+V3+HtLD7FY7e3FLdsT+ngBZp3YZEqQzKTTjCR7fK/O/ZUNf5ylQaf6sxD+7 +gs0KmZFKS/hlyNDRQVPhi3rImQRa+08XbWLHyJElLIibjauiu7/D4QjN0hi1a6C rDHLZ9vISguBpTL8udMqTzqzpilQOuuiTeYi4QUxo86IHwFi4pFpgTcAdWxklI2l XKPW2Wl0/8XVR+LYDh66B2wnDG1CMXI3KipLzDJg+j1qCXphTQhio1sQufsoCJI1 hCkcO50b7Epavq8eU/OOQCj9CMEKP97ACEl9a70qZ+XV8B5y72p5YfMKaWilvMgh RhU= -----END CERTIFICATE-----Generated at Sat Dec 6 16:53:35 2025 by rpki-client