This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa File: b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa (raw, json) Hash identifier: R+g7Z36BkWhseW1mQNXTYs7VmEhSwefWU6CoAiLukSc= Subject key identifier: 1F:50:BC:C2:4F:C1:69:1D:C1:EC:6D:69:92:4E:E1:FD:13:42:2B:CD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1EC511773CDBB95ADD6ABF5EE20DAA9ACA54D53A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa Signing time: Sat 22 Nov 2025 00:00:36 +0000 ROA not before: Sat 22 Nov 2025 00:00:36 +0000 ROA not after: Fri 20 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:c5:11:77:3c:db:b9:5a:dd:6a:bf:5e:e2:0d:aa:9a:ca:54:d5:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 22 00:00:36 2025 GMT Not After : Feb 20 23:59:59 2026 GMT Subject: serialNumber=da0d3bbb9954ce9ca77ba826093c53d639ffa4b91a913b44a615df189c8560b8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:2b:b9:96:53:dd:5b:e6:59:8b:0f:36:05:01: 30:1d:fd:73:25:a5:9e:d6:83:15:da:0c:47:2d:e8: 4d:7f:1f:2a:05:86:14:67:9c:38:92:57:7e:40:d3: e9:b4:fa:b1:73:34:05:8f:f9:69:20:54:2c:41:37: 05:b9:1e:34:d8:ea:42:86:67:1b:82:de:01:c2:ba: e9:fc:f4:98:28:80:de:4d:19:33:9f:13:e9:46:eb: b7:fe:bc:0c:2e:c9:6c:cc:16:e8:03:cf:fa:35:3e: fb:eb:d2:6b:31:14:de:58:ed:5d:2d:ae:46:ab:04: dd:62:3d:09:3d:29:7a:f1:dd:a0:81:43:7b:ca:51: b3:50:46:46:22:72:d3:ff:82:f1:89:ed:50:d5:90: ac:8f:01:73:f6:fd:c6:05:4a:b9:fa:f3:51:31:9e: e1:93:c2:83:af:9b:05:2b:4f:aa:f0:93:1d:76:3e: 63:1d:09:72:b8:40:fb:5f:5f:3d:f7:25:83:39:5a: 38:ea:06:df:4e:69:b8:51:6f:ca:b1:88:45:7c:30: 85:3f:ba:bd:5a:39:71:55:b9:d9:43:4c:85:2e:11: 04:08:d9:59:19:ce:42:9b:84:ea:68:50:5d:b1:2f: b3:16:38:b6:da:7d:86:01:75:c6:9a:a7:35:f5:7e: 28:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:50:BC:C2:4F:C1:69:1D:C1:EC:6D:69:92:4E:E1:FD:13:42:2B:CD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:1000::/40 Signature Algorithm: sha256WithRSAEncryption 00:6f:c8:71:44:a4:33:32:37:86:72:e7:dd:2e:9a:ca:a5:31: 91:22:8d:0b:ac:1f:b7:42:5b:90:af:46:6e:13:c6:92:dd:03: 93:10:ff:a7:b2:40:28:bb:1a:db:8c:65:33:21:39:f7:ea:a5: 34:95:83:f3:e8:e7:c5:2e:41:69:69:c9:31:50:5d:5b:21:e0: c2:73:a2:43:0b:bc:5e:51:4b:0a:99:3b:fa:4b:93:1e:2c:65: 9c:6f:3d:37:25:2b:52:4a:4a:45:46:92:44:0d:25:b9:d8:4c: e2:55:0d:a3:55:0b:39:2e:72:ee:3e:11:1e:d6:84:fa:b3:f1: 59:f8:87:33:e5:58:4c:1f:b0:aa:ed:05:8c:97:49:c8:57:e4: 05:20:3d:eb:af:c9:e6:24:61:98:ea:a4:8b:b9:a5:18:61:01: be:6f:b5:4d:47:34:ec:79:88:c0:2e:00:95:46:0f:4c:aa:44: 40:d1:d9:d4:17:7d:3a:85:e3:7e:93:9e:99:2f:d7:08:19:c3: 58:87:66:9e:a8:e1:99:3b:33:2c:9c:c1:d5:fe:d5:84:96:bf: 22:16:36:2e:bf:e5:5c:8e:d8:d2:62:5e:3c:12:ba:3d:cf:3b: 8b:51:90:27:c4:41:fb:97:31:6c:c5:d2:4a:05:29:8a:4b:f6: 30:3c:44:82 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHsURdzzbuVrdar9e4g2qmspU1TowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyMjAwMDAzNloX DTI2MDIyMDIzNTk1OVowejFJMEcGA1UEBRNAZGEwZDNiYmI5OTU0Y2U5Y2E3N2Jh ODI2MDkzYzUzZDYzOWZmYTRiOTFhOTEzYjQ0YTYxNWRmMTg5Yzg1NjBiODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCu5llPdW+ZZiw82BQEwHf1zJaWe 1oMV2gxHLehNfx8qBYYUZ5w4kld+QNPptPqxczQFj/lpIFQsQTcFuR402OpChmcb gt4Bwrrp/PSYKIDeTRkznxPpRuu3/rwMLslszBboA8/6NT7769JrMRTeWO1dLa5G qwTdYj0JPSl68d2ggUN7ylGzUEZGInLT/4Lxie1Q1ZCsjwFz9v3GBUq5+vNRMZ7h k8KDr5sFK0+q8JMddj5jHQlyuED7X1899yWDOVo46gbfTmm4UW/KsYhFfDCFP7q9 WjlxVbnZQ0yFLhEECNlZGc5Cm4TqaFBdsS+zFji22n2GAXXGmqc19X4ozwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB9QvMJPwWkdwextaZJO4f0TQivNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwNGFiNmNjLWU2NDYtNDJiMi1iOGEwLTc1YTIyZTQ3NDRlYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMhAwDQYJKoZIhvcNAQELBQADggEBAABvyHFEpDMyN4Zy590u msqlMZEijQusH7dCW5CvRm4TxpLdA5MQ/6eyQCi7GtuMZTMhOffqpTSVg/Po58Uu QWlpyTFQXVsh4MJzokMLvF5RSwqZO/pLkx4sZZxvPTclK1JKSkVGkkQNJbnYTOJV DaNVCzkucu4+ER7WhPqz8Vn4hzPlWEwfsKrtBYyXSchX5AUgPeuvyeYkYZjqpIu5 pRhhAb5vtU1HNOx5iMAuAJVGD0yqREDR2dQXfTqF436Tnpkv1wgZw1iHZp6o4Zk7 MyycwdX+1YSWvyIWNi6/5VyO2NJiXjwSuj3PO4tRkCfEQfuXMWzF0koFKYpL9jA8 RII= -----END CERTIFICATE-----Generated at Sat Dec 6 10:58:08 2025 by rpki-client