This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba66f204-ef53-4c25-92d8-95b5c7db0e2f.roa File: ba66f204-ef53-4c25-92d8-95b5c7db0e2f.roa (raw, json) Hash identifier: 14fkcgbZ8pWeOy38lJjhbbP0ZrxcxBWXIpj/6hP//EU= Subject key identifier: B5:C7:8B:63:AA:E6:AE:5E:AE:95:27:F4:5C:CC:D6:AF:4C:3E:A0:A4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 196634385B25DB527E60BF04291ECEDCF7F1CD32 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba66f204-ef53-4c25-92d8-95b5c7db0e2f.roa Signing time: Tue 02 Dec 2025 00:20:54 +0000 ROA not before: Tue 02 Dec 2025 00:20:54 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:66:34:38:5b:25:db:52:7e:60:bf:04:29:1e:ce:dc:f7:f1:cd:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:20:54 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=3ab1e02fabaeb0acaf44beb04f0c9ac65fa52d7233a079e58ae0a6b57775090b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:50:26:08:27:74:77:8b:cd:b9:f7:82:10:bc: 52:4b:94:50:d0:73:68:5c:5a:7a:f6:05:7c:10:e9: ab:ab:1f:7a:5b:b3:bc:72:ca:de:55:ac:2d:34:f6: 6e:15:9e:94:63:11:85:70:8f:11:66:13:fc:5c:5f: 7a:6f:5d:af:76:ad:34:2e:0c:cc:b0:16:12:20:6b: be:4a:ba:1f:48:c2:dc:24:33:3b:0d:3e:44:9c:9f: 58:2e:43:df:9d:d5:a6:95:c9:e1:c9:e4:5b:81:5b: 32:95:97:db:30:34:14:ab:73:23:f4:df:73:a7:48: 7d:34:7a:21:af:f7:fd:ad:1d:af:ce:a5:35:99:83: a2:f7:30:f4:75:92:b6:a7:03:2a:99:08:c9:a4:a9: 4e:61:19:88:94:76:3d:25:75:f2:35:6d:7f:4f:c1: 0f:27:45:49:12:66:c2:b1:39:38:a5:75:3a:8a:2a: 28:16:51:de:68:d2:ca:3f:ef:55:78:d4:2f:ab:98: b5:b5:dd:10:ed:8c:1a:c3:e8:dc:45:c9:6c:0e:ff: a3:4d:d8:b7:d0:79:6c:65:35:89:f4:93:e8:68:6f: b5:66:00:fa:9f:bb:62:64:8d:99:92:bc:60:90:25: 47:30:a0:eb:f6:c9:79:0f:d8:b5:4f:eb:d6:46:66: b4:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:C7:8B:63:AA:E6:AE:5E:AE:95:27:F4:5C:CC:D6:AF:4C:3E:A0:A4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba66f204-ef53-4c25-92d8-95b5c7db0e2f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:1040::/48 Signature Algorithm: sha256WithRSAEncryption 71:b0:44:81:3d:41:67:25:e3:bf:49:82:0b:67:7c:fb:49:cc: ef:aa:ab:a3:40:4b:f2:0a:e6:63:7b:ee:b6:42:b5:8c:44:ab: ee:43:7a:d5:fe:59:54:12:ed:92:83:c8:a2:63:74:25:64:a8: d3:73:ea:f5:51:de:93:b4:82:d3:a7:d0:b1:b1:6c:42:b2:45: b8:20:e3:bc:43:99:1e:78:af:4b:49:13:22:59:d2:bf:2a:b8: 82:7e:50:fb:4e:f0:3a:d1:61:5e:25:08:9e:99:47:07:e9:9b: 3b:71:35:75:a7:79:32:ed:de:a0:82:9f:20:57:d4:92:fc:fe: 68:f0:18:dd:69:56:da:1d:e8:50:dc:88:4e:af:ae:a6:05:a6: fc:6b:e3:a5:14:0f:28:70:50:ee:1a:e0:f6:30:3e:2e:ed:f1: 06:a7:d5:0b:54:85:1a:ce:52:e9:0e:a2:1a:a3:15:b8:fa:fb: 6b:a2:7f:ee:d7:9c:e6:db:23:6a:86:71:ba:91:91:57:7d:bc: 0d:72:f6:c6:78:dd:9b:39:ea:82:02:b0:03:6d:e1:78:b9:91: c3:b8:03:62:bb:12:dd:79:ad:50:29:76:c7:13:7f:1f:93:7b: ec:56:d9:6c:08:6c:76:30:d4:9b:07:43:f2:58:ac:89:69:7f: 1b:4d:a1:4a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGWY0OFsl21J+YL8EKR7O3PfxzTIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMjA1NFoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAM2FiMWUwMmZhYmFlYjBhY2FmNDRi ZWIwNGYwYzlhYzY1ZmE1MmQ3MjMzYTA3OWU1OGFlMGE2YjU3Nzc1MDkwYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFAmCCd0d4vNufeCELxSS5RQ0HNo XFp69gV8EOmrqx96W7O8csreVawtNPZuFZ6UYxGFcI8RZhP8XF96b12vdq00LgzM sBYSIGu+SrofSMLcJDM7DT5EnJ9YLkPfndWmlcnhyeRbgVsylZfbMDQUq3Mj9N9z p0h9NHohr/f9rR2vzqU1mYOi9zD0dZK2pwMqmQjJpKlOYRmIlHY9JXXyNW1/T8EP J0VJEmbCsTk4pXU6iiooFlHeaNLKP+9VeNQvq5i1td0Q7Ywaw+jcRclsDv+jTdi3 0HlsZTWJ9JPoaG+1ZgD6n7tiZI2ZkrxgkCVHMKDr9sl5D9i1T+vWRma0WwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLXHi2Oq5q5erpUn9FzM1q9MPqCkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JhNjZmMjA0LWVmNTMtNGMyNS05MmQ4LTk1YjVjN2RiMGUyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/xBAMA0GCSqGSIb3DQEBCwUAA4IBAQBxsESBPUFnJeO/SYIL Z3z7SczvqqujQEvyCuZje+62QrWMRKvuQ3rV/llUEu2Sg8iiY3QlZKjTc+r1Ud6T tILTp9CxsWxCskW4IOO8Q5keeK9LSRMiWdK/KriCflD7TvA60WFeJQiemUcH6Zs7 cTV1p3ky7d6ggp8gV9SS/P5o8BjdaVbaHehQ3IhOr66mBab8a+OlFA8ocFDuGuD2 MD4u7fEGp9ULVIUazlLpDqIaoxW4+vtron/u15zm2yNqhnG6kZFXfbwNcvbGeN2b OeqCArADbeF4uZHDuANiuxLdea1QKXbHE38fk3vsVtlsCGx2MNSbB0PyWKyJaX8b TaFK -----END CERTIFICATE-----Generated at Sat Dec 6 10:04:39 2025 by rpki-client