This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0a2ed07-afde-4341-b34f-44bfbdfef09f.roa File: b0a2ed07-afde-4341-b34f-44bfbdfef09f.roa (raw, json) Hash identifier: 2KqAwbkMAHUHGe6wjnLcrciw/ZdRmzyxScJFcMnLqlo= Subject key identifier: A3:6D:A7:40:10:61:B7:C5:94:30:3B:B1:83:9B:C9:FF:9C:E4:68:57 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3022150D692C99B54E379F871FCB2FD8543BBE18 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0a2ed07-afde-4341-b34f-44bfbdfef09f.roa Signing time: Tue 02 Dec 2025 00:30:15 +0000 ROA not before: Tue 02 Dec 2025 00:30:15 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:22:15:0d:69:2c:99:b5:4e:37:9f:87:1f:cb:2f:d8:54:3b:be:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:30:15 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=dba3f39bcaf6f35dcfe16fd033cc73bc1e72256ac40179e6e75b6a5d9252c0d3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:62:7e:37:5a:47:9b:79:72:be:c7:b7:cb:16: 89:ec:09:61:9b:8d:26:42:ac:f2:f3:27:72:3f:97: 11:88:4d:8f:b5:5f:6c:21:c2:62:c8:41:7d:b5:ec: 1f:1c:57:c6:0b:01:7d:76:82:d2:b4:27:bc:c9:d8: d6:1f:56:ae:80:99:6a:03:e8:bc:18:31:18:b2:2b: d6:16:2f:13:c6:9c:3d:25:22:72:52:04:ce:69:a9: 8d:23:bf:f3:4d:8d:0d:c0:1d:72:e3:e5:1d:6b:87: 93:bf:7b:04:d0:22:cc:e7:6a:93:2a:0f:40:35:52: f4:49:e9:14:68:67:1e:ae:76:56:1e:29:15:94:2b: 47:55:ac:06:5f:55:c1:ad:54:93:de:6d:56:23:4d: 2d:13:db:8a:16:43:f1:0b:a8:e9:d7:e9:5a:46:ab: ca:79:0f:42:a0:ae:70:fe:06:89:20:69:39:5f:93: de:2a:bc:46:c7:95:ce:d6:05:69:71:ec:be:2f:82: 8b:98:61:a6:f5:14:cd:c1:94:49:de:f4:c5:c8:6e: e0:b8:a4:5c:60:5f:d5:5a:81:c5:5f:74:0a:d6:d6: 85:5c:85:ad:8c:e1:65:db:0d:a1:c7:59:fb:d6:b4: ac:a9:23:5c:e3:a7:1a:ac:08:3e:f0:36:a9:a5:04: eb:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:6D:A7:40:10:61:B7:C5:94:30:3B:B1:83:9B:C9:FF:9C:E4:68:57 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0a2ed07-afde-4341-b34f-44bfbdfef09f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption be:18:99:c7:5a:7e:be:8b:7e:d0:e8:fb:9d:f8:76:45:1f:bc: ff:cb:42:ce:fd:91:72:50:68:30:3a:53:a8:e7:02:c7:bb:df: e2:8b:fd:c7:6d:92:7c:13:29:a2:03:d0:89:45:8f:63:20:07: 9d:4c:be:2d:9f:f7:5f:b3:8f:99:a1:e0:2c:43:a0:b0:fb:6b: ef:b9:4e:e1:66:94:8a:6e:e9:03:17:15:4f:2c:fc:e3:d1:98: 30:42:06:65:0a:00:5f:96:13:b1:6e:4d:56:a3:b9:a4:16:4b: 22:5c:cf:36:e2:d6:03:15:91:22:dc:dd:15:17:dc:4e:7b:9b: eb:3c:c0:4f:65:11:3a:46:ca:ce:a3:05:cf:7e:5f:ef:31:2a: 28:ea:78:68:06:94:c0:68:ab:89:82:21:86:19:87:3e:11:7d: 89:63:87:bf:2a:d9:ab:50:11:9a:b3:42:bc:00:5e:77:b3:4c: d3:d9:d6:05:9a:ca:90:a9:3c:06:8c:f7:77:69:39:58:5f:8d: 3e:f4:ea:4f:85:c3:79:79:b4:25:6b:70:82:f5:21:ce:ca:90: 10:d1:31:6e:82:6e:11:90:33:f7:57:c1:a9:15:e0:d3:8f:b8: e3:98:16:f4:7a:25:dc:f3:e3:53:c8:ec:8e:ae:8d:7b:1e:30: 9f:ee:1e:2a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMCIVDWksmbVON5+HH8sv2FQ7vhgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMzAxNVoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAZGJhM2YzOWJjYWY2ZjM1ZGNmZTE2 ZmQwMzNjYzczYmMxZTcyMjU2YWM0MDE3OWU2ZTc1YjZhNWQ5MjUyYzBkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GJ+N1pHm3lyvse3yxaJ7Alhm40m Qqzy8ydyP5cRiE2PtV9sIcJiyEF9tewfHFfGCwF9doLStCe8ydjWH1augJlqA+i8 GDEYsivWFi8Txpw9JSJyUgTOaamNI7/zTY0NwB1y4+Uda4eTv3sE0CLM52qTKg9A NVL0SekUaGcernZWHikVlCtHVawGX1XBrVST3m1WI00tE9uKFkPxC6jp1+laRqvK eQ9CoK5w/gaJIGk5X5PeKrxGx5XO1gVpcey+L4KLmGGm9RTNwZRJ3vTFyG7guKRc YF/VWoHFX3QK1taFXIWtjOFl2w2hx1n71rSsqSNc46carAg+8DappQTroQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKNtp0AQYbfFlDA7sYObyf+c5GhXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwYTJlZDA3LWFmZGUtNDM0MS1iMzRmLTQ0YmZiZGZlZjA5Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8DAMA0GCSqGSIb3DQEBCwUAA4IBAQC+GJnHWn6+i37Q6Pud +HZFH7z/y0LO/ZFyUGgwOlOo5wLHu9/ii/3HbZJ8EymiA9CJRY9jIAedTL4tn/df s4+ZoeAsQ6Cw+2vvuU7hZpSKbukDFxVPLPzj0ZgwQgZlCgBflhOxbk1Wo7mkFksi XM824tYDFZEi3N0VF9xOe5vrPMBPZRE6RsrOowXPfl/vMSoo6nhoBpTAaKuJgiGG GYc+EX2JY4e/KtmrUBGas0K8AF53s0zT2dYFmsqQqTwGjPd3aTlYX40+9OpPhcN5 ebQla3CC9SHOypAQ0TFugm4RkDP3V8GpFeDTj7jjmBb0eiXc8+NTyOyOro17HjCf 7h4q -----END CERTIFICATE-----Generated at Sat Dec 6 10:58:25 2025 by rpki-client