This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa File: b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa (raw, json) Hash identifier: 14P83VVJnI9tn4nHrahB8DNnnsCLd65ffKbl3+dgXxo= Subject key identifier: A6:7F:7C:DF:0F:6B:9E:02:38:F2:95:34:C9:91:53:B5:A8:C9:F0:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08A34D359E2674070C8FBB42766C77E0788A5B84 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa Signing time: Tue 02 Dec 2025 00:01:22 +0000 ROA not before: Tue 02 Dec 2025 00:01:22 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:a3:4d:35:9e:26:74:07:0c:8f:bb:42:76:6c:77:e0:78:8a:5b:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:01:22 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=ba0615cfd8bd5982edd920799823104eac1beb52c87ddf8927ff73bb1f6ade7b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:3f:21:09:24:43:fb:1b:6d:6d:11:0d:2e:af: f4:09:a0:1b:77:ee:74:9a:36:9e:95:f4:17:2a:97: 07:c6:6c:12:67:2f:56:b2:1a:4d:94:e6:d0:a6:24: bd:04:64:9c:3c:0a:72:86:7b:9b:03:81:4b:11:a2: a7:f1:c9:4c:55:7a:53:5d:93:c6:03:44:8c:49:21: 67:56:93:3e:f5:f3:44:88:a8:38:62:74:a2:34:ce: 66:b9:13:0b:37:b5:6a:b2:1b:be:da:3b:20:9e:dd: a4:e4:39:22:85:b5:4a:4b:ec:e0:73:bf:1d:d9:45: cd:cc:ed:7d:5f:b8:6f:ad:13:ee:02:29:00:d5:ee: e1:53:35:22:18:55:f5:1d:77:40:3d:ff:62:40:9e: 4a:e2:9b:a3:60:20:52:c8:03:01:d6:f6:7f:dc:95: e1:b9:e4:7b:c9:ce:12:1f:05:5b:e0:86:69:bc:54: 1d:17:e1:be:84:3c:fe:26:ca:2a:be:03:74:85:d7: 79:f2:36:12:9d:af:a6:2d:43:f5:5e:73:04:05:72: 4f:29:0e:51:69:67:a1:02:41:22:76:9d:39:86:df: 52:08:f8:2f:97:54:c6:43:e8:7b:91:5c:6d:b7:d8: d8:ea:1a:44:f9:2a:54:e3:c0:ac:e6:fa:8a:76:39: f9:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:7F:7C:DF:0F:6B:9E:02:38:F2:95:34:C9:91:53:B5:A8:C9:F0:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:8800::/40 Signature Algorithm: sha256WithRSAEncryption 0d:ac:d8:4d:ec:53:0b:92:24:94:23:f2:41:3a:a3:4f:49:7c: ab:4f:3a:1c:a3:da:69:6d:b0:ab:fa:25:0b:3d:d6:b1:3d:48: 9e:3c:aa:49:50:ee:60:b8:bd:be:5b:66:5f:7f:90:db:5c:3c: 27:1e:fe:25:23:82:9a:4c:22:d0:26:fb:a8:c3:e3:60:45:09: 8e:3d:6a:ed:59:24:60:c3:8f:63:87:a4:58:0c:3a:a2:10:19: 66:41:93:d2:63:10:b8:1e:04:70:8a:a8:66:79:4f:89:e2:76: ba:4a:6f:8b:d1:1c:b3:84:7d:a8:fb:ba:3d:de:9f:fc:b0:25: 6e:14:7c:67:e2:1b:9f:bb:85:84:75:29:bd:3c:c2:20:7d:0c: 08:4f:35:64:87:0c:c8:9f:ab:28:b2:f2:97:d4:d7:90:c9:9c: e3:01:a4:52:e6:2b:b0:0e:7e:60:53:47:e2:ef:cc:2f:dd:d1: 5b:7b:ee:d7:c6:be:85:c6:2b:c2:7d:20:38:7a:38:e5:c7:c7: b7:42:14:21:12:2d:dc:09:bc:84:51:df:9b:83:c8:d7:65:f4: 92:ad:b9:e1:a5:23:08:ed:8b:f7:25:12:3a:66:02:17:5b:04: 76:67:b0:1d:7f:a9:ea:2c:c0:6a:99:7a:ee:de:54:8d:e4:67: a7:d0:73:c8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCKNNNZ4mdAcMj7tCdmx34HiKW4QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMDEyMloX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAYmEwNjE1Y2ZkOGJkNTk4MmVkZDky MDc5OTgyMzEwNGVhYzFiZWI1MmM4N2RkZjg5MjdmZjczYmIxZjZhZGU3YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7T8hCSRD+xttbRENLq/0CaAbd+50 mjaelfQXKpcHxmwSZy9WshpNlObQpiS9BGScPApyhnubA4FLEaKn8clMVXpTXZPG A0SMSSFnVpM+9fNEiKg4YnSiNM5muRMLN7Vqshu+2jsgnt2k5DkihbVKS+zgc78d 2UXNzO19X7hvrRPuAikA1e7hUzUiGFX1HXdAPf9iQJ5K4pujYCBSyAMB1vZ/3JXh ueR7yc4SHwVb4IZpvFQdF+G+hDz+JsoqvgN0hdd58jYSna+mLUP1XnMEBXJPKQ5R aWehAkEidp05ht9SCPgvl1TGQ+h7kVxtt9jY6hpE+SpU48Cs5vqKdjn5VQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKZ/fN8Pa54COPKVNMmRU7WoyfB0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IyMjY1ODU0LWFjMWMtNGU1YS1hNzk0LWQ0Y2UxZTU4MzNhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOIgwDQYJKoZIhvcNAQELBQADggEBAA2s2E3sUwuSJJQj8kE6 o09JfKtPOhyj2mltsKv6JQs91rE9SJ48qklQ7mC4vb5bZl9/kNtcPCce/iUjgppM ItAm+6jD42BFCY49au1ZJGDDj2OHpFgMOqIQGWZBk9JjELgeBHCKqGZ5T4nidrpK b4vRHLOEfaj7uj3en/ywJW4UfGfiG5+7hYR1Kb08wiB9DAhPNWSHDMifqyiy8pfU 15DJnOMBpFLmK7AOfmBTR+LvzC/d0Vt77tfGvoXGK8J9IDh6OOXHx7dCFCESLdwJ vIRR35uDyNdl9JKtueGlIwjti/clEjpmAhdbBHZnsB1/qeoswGqZeu7eVI3kZ6fQ c8g= -----END CERTIFICATE-----Generated at Sat Dec 6 16:53:33 2025 by rpki-client