This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa File: ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa (raw, json) Hash identifier: BK/7lW1/0YdMy00a4VeuIhk3o3t3IfP/L+q4rU+C+/w= Subject key identifier: 20:E4:C5:19:EB:32:58:7A:DD:76:7E:76:3D:FA:71:8E:8B:BD:A8:2F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18F96B00F4992892F50B4EF076DE47DCE7B662F0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa Signing time: Thu 04 Dec 2025 00:21:12 +0000 ROA not before: Thu 04 Dec 2025 00:21:12 +0000 ROA not after: Wed 04 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:f9:6b:00:f4:99:28:92:f5:0b:4e:f0:76:de:47:dc:e7:b6:62:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 4 00:21:12 2025 GMT Not After : Mar 4 23:59:59 2026 GMT Subject: serialNumber=383df132fda4bcab373f93c5fbc2f91837cc294622fec33b5eb87958122b3f0e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:90:7b:65:ec:7d:f9:0a:44:2e:49:04:1e:71: 38:ea:75:69:df:9f:b0:28:cb:fa:a2:75:c6:ab:a0: 0b:ce:42:a5:aa:7e:e9:a7:2f:1e:83:98:32:0e:fb: 41:26:a5:36:5a:2e:59:3b:8d:d1:02:b8:5d:31:5d: 90:9e:4f:73:5f:35:71:78:9e:5e:fa:e7:5e:61:c7: 96:4b:a9:f4:6c:c6:41:54:74:1c:e3:02:cc:38:46: 8f:64:a6:08:1a:0f:6e:9b:6e:6c:98:56:23:30:a0: 6a:1c:af:ae:94:15:c0:04:6d:e9:21:d6:a1:31:18: 7f:b1:1b:69:e1:c2:58:ab:c4:d1:db:1a:af:bf:bc: 2c:fe:1a:a6:eb:8f:29:8e:64:dd:92:5c:51:17:a1: 72:53:37:12:ef:4b:93:41:4a:c5:a4:92:53:8c:df: ae:23:2c:5f:2f:3a:a4:0f:85:66:b1:99:cc:46:67: 43:13:db:62:ee:99:e8:a0:68:82:ae:ed:b9:e2:71: 9d:fa:d9:ca:e6:a6:1c:09:ae:82:c7:0f:05:0f:4e: ae:32:ff:24:9b:9c:84:13:a5:a8:2b:9a:1f:6d:f5: e0:36:fe:c0:b1:2a:2f:1d:35:bf:6d:92:87:51:2f: 1e:38:c1:7a:0c:17:94:b7:0f:1e:a0:36:06:95:27: bf:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:E4:C5:19:EB:32:58:7A:DD:76:7E:76:3D:FA:71:8E:8B:BD:A8:2F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:4000::/40 Signature Algorithm: sha256WithRSAEncryption 8a:9f:38:10:29:20:b0:49:7c:7b:a9:95:43:f6:11:85:58:d4: 0a:f0:ee:28:31:72:93:7d:13:f1:c6:cc:4b:db:94:cd:b4:db: 7e:84:50:a0:2f:dc:ed:c2:d1:55:9f:c8:8a:33:f9:4f:4d:07: 9c:3f:e7:71:6d:ec:92:d1:a3:f7:a2:35:5a:21:5b:8e:c6:e0: 69:fd:b1:c3:ba:b0:b7:5a:24:f5:8e:d7:7e:b0:7f:62:c6:47: 46:49:40:c1:c2:f2:bf:82:0b:8b:ef:15:c6:1d:de:34:c0:6c: 55:d5:bb:cb:59:42:f7:19:be:f1:2d:bf:df:0d:da:cc:2a:87: b1:64:7a:e6:9c:29:a2:ba:ce:7c:d8:b2:90:7a:1c:2c:d5:7e: 69:20:40:0f:d9:03:19:be:62:34:64:02:d6:fd:1b:9b:f2:a3: 73:d8:a3:dd:8f:59:82:56:ca:c2:a0:74:e5:ed:e1:e2:c7:aa: 8c:be:16:70:c2:c4:23:d8:84:8a:28:2d:09:54:a1:c0:76:57: 38:c6:bc:98:59:9b:3a:c5:d6:4e:eb:57:36:16:a4:8b:bc:94: 35:c7:30:3e:7e:21:74:d1:a9:58:14:40:1b:7a:ab:28:4e:8d: 1e:ea:4e:4e:1a:f7:cf:cd:10:da:78:1f:d3:61:c5:c2:8e:7c: ff:aa:92:2e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGPlrAPSZKJL1C07wdt5H3Oe2YvAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwNDAwMjExMloX DTI2MDMwNDIzNTk1OVowejFJMEcGA1UEBRNAMzgzZGYxMzJmZGE0YmNhYjM3M2Y5 M2M1ZmJjMmY5MTgzN2NjMjk0NjIyZmVjMzNiNWViODc5NTgxMjJiM2YwZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpB7Zex9+QpELkkEHnE46nVp35+w KMv6onXGq6ALzkKlqn7ppy8eg5gyDvtBJqU2Wi5ZO43RArhdMV2Qnk9zXzVxeJ5e +udeYceWS6n0bMZBVHQc4wLMOEaPZKYIGg9um25smFYjMKBqHK+ulBXABG3pIdah MRh/sRtp4cJYq8TR2xqvv7ws/hqm648pjmTdklxRF6FyUzcS70uTQUrFpJJTjN+u IyxfLzqkD4VmsZnMRmdDE9ti7pnooGiCru254nGd+tnK5qYcCa6Cxw8FD06uMv8k m5yEE6WoK5ofbfXgNv7AsSovHTW/bZKHUS8eOMF6DBeUtw8eoDYGlSe/1wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCDkxRnrMlh63XZ+dj36cY6LvagvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JhMDY1OWVhLThlZDktNGE3ZS04NGMzLTEzMWQ0ZDViYTI1Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/kAwDQYJKoZIhvcNAQELBQADggEBAIqfOBApILBJfHuplUP2 EYVY1Arw7igxcpN9E/HGzEvblM20236EUKAv3O3C0VWfyIoz+U9NB5w/53Ft7JLR o/eiNVohW47G4Gn9scO6sLdaJPWO136wf2LGR0ZJQMHC8r+CC4vvFcYd3jTAbFXV u8tZQvcZvvEtv98N2swqh7FkeuacKaK6znzYspB6HCzVfmkgQA/ZAxm+YjRkAtb9 G5vyo3PYo92PWYJWysKgdOXt4eLHqoy+FnDCxCPYhIooLQlUocB2VzjGvJhZmzrF 1k7rVzYWpIu8lDXHMD5+IXTRqVgUQBt6qyhOjR7qTk4a98/NENp4H9NhxcKOfP+q ki4= -----END CERTIFICATE-----Generated at Sat Dec 6 12:08:18 2025 by rpki-client