This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bac21e1d-59df-47ff-bfa7-6ebfc6aa52ef.roa File: bac21e1d-59df-47ff-bfa7-6ebfc6aa52ef.roa (raw, json) Hash identifier: AUn67ynJH/R/CCYGI8/1fTQ7Tx3eaBrKneNZz7OGWhM= Subject key identifier: E9:A5:5C:46:A7:FE:FA:D1:C3:F6:B9:AA:6D:7D:AB:37:C5:DA:D6:02 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 195D69D5994251D51F5F47BE2124FD34E3276D7A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bac21e1d-59df-47ff-bfa7-6ebfc6aa52ef.roa Signing time: Sat 29 Nov 2025 00:00:51 +0000 ROA not before: Sat 29 Nov 2025 00:00:51 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:5d:69:d5:99:42:51:d5:1f:5f:47:be:21:24:fd:34:e3:27:6d:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 29 00:00:51 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=e30b058e0928b0b98218a97e4e12bed82ac460b642b7ac3fbc32fbab141ceecd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:dd:7c:f4:c0:20:6c:ba:96:c7:4e:9f:6c:58: d4:1c:8b:80:21:1b:7e:2f:7a:fe:08:8d:7f:fb:a5: 98:7a:7a:54:48:5b:8e:84:15:78:db:d3:0d:83:2f: 1b:cc:4f:55:20:83:cc:2a:4c:86:1d:02:12:4a:c0: 57:1d:d6:07:31:0e:a1:2e:32:0e:e1:85:53:7b:fe: 50:32:3b:7f:d0:f3:b5:18:9a:ae:55:da:ed:c0:98: c1:09:ef:5a:e1:21:7f:e4:86:1e:85:45:61:2c:01: 6f:7c:4b:48:39:a4:e2:07:c4:36:f0:3d:13:c6:bd: 42:67:40:7f:90:55:17:d2:e7:bd:ef:d9:c7:24:45: 8a:70:e8:de:64:af:33:47:02:fe:20:94:f5:80:e5: dd:1c:0c:ce:30:58:5d:08:6e:9b:c2:d3:9e:38:c4: 59:19:13:54:36:b8:b9:f7:dc:94:4d:33:99:de:f1: 9d:2c:4b:84:e1:9c:c8:30:56:79:a3:86:f4:09:ce: 5b:7d:1c:b4:8d:aa:2b:af:22:74:a6:e2:fb:d0:92: f9:c5:aa:a3:5a:ef:94:63:30:b9:8b:a2:0d:bf:76: 8c:1d:8c:72:54:eb:d0:f0:c3:68:9c:87:44:40:05: 87:23:89:fd:98:22:4b:5c:75:62:f0:08:b2:15:1e: 79:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:A5:5C:46:A7:FE:FA:D1:C3:F6:B9:AA:6D:7D:AB:37:C5:DA:D6:02 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bac21e1d-59df-47ff-bfa7-6ebfc6aa52ef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:2800::/40 Signature Algorithm: sha256WithRSAEncryption 4a:15:e7:6b:5a:5a:ce:85:8b:8c:d6:86:95:2f:3d:3a:b9:a0: 27:0d:47:46:28:16:d2:d7:a9:dd:41:b7:4f:96:3c:63:51:32: de:b6:e2:0a:a6:af:de:fd:89:46:0f:6a:47:d6:bf:71:9a:c1: fd:cf:8a:00:aa:58:9e:ca:9e:f3:06:c0:28:8a:c2:63:1c:00: 66:59:df:2b:82:2b:63:f3:62:e2:a1:bd:7b:24:e7:1a:a1:4d: 3e:64:db:11:18:0e:b7:92:96:49:de:1f:a4:ad:98:9e:55:77: 69:e6:da:77:b9:a8:4d:14:c5:d3:8a:8d:bb:dd:c0:1c:85:f4: 75:34:86:42:58:2d:e9:04:89:8c:7d:ff:4c:1b:17:e2:5e:00: f8:8e:31:a6:4e:d6:89:84:df:56:f6:49:a2:89:35:7d:99:82: f3:35:9f:df:a4:a4:77:92:d8:05:ac:4e:ec:11:21:e1:2a:2c: 42:ad:8a:e6:0c:2f:43:25:15:8c:e3:a1:e3:c3:42:f5:3c:06: f2:6b:dd:26:c6:e5:42:01:85:da:ba:2f:38:60:e6:bb:f5:23: eb:b2:85:3d:1e:ca:a2:7f:da:7a:8f:ec:ec:d9:4e:1c:82:e5: 47:c2:c9:49:1e:60:32:1b:40:f8:35:e6:29:21:a4:8b:b0:07: bb:b3:98:65 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGV1p1ZlCUdUfX0e+IST9NOMnbXowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyOTAwMDA1MVoX DTI2MDIyNzIzNTk1OVowejFJMEcGA1UEBRNAZTMwYjA1OGUwOTI4YjBiOTgyMThh OTdlNGUxMmJlZDgyYWM0NjBiNjQyYjdhYzNmYmMzMmZiYWIxNDFjZWVjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt189MAgbLqWx06fbFjUHIuAIRt+ L3r+CI1/+6WYenpUSFuOhBV429MNgy8bzE9VIIPMKkyGHQISSsBXHdYHMQ6hLjIO 4YVTe/5QMjt/0PO1GJquVdrtwJjBCe9a4SF/5IYehUVhLAFvfEtIOaTiB8Q28D0T xr1CZ0B/kFUX0ue979nHJEWKcOjeZK8zRwL+IJT1gOXdHAzOMFhdCG6bwtOeOMRZ GRNUNri599yUTTOZ3vGdLEuE4ZzIMFZ5o4b0Cc5bfRy0jaorryJ0puL70JL5xaqj Wu+UYzC5i6INv3aMHYxyVOvQ8MNonIdEQAWHI4n9mCJLXHVi8AiyFR55IQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOmlXEan/vrRw/a5qm19qzfF2tYCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JhYzIxZTFkLTU5ZGYtNDdmZi1iZmE3LTZlYmZjNmFhNTJlZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaACgwDQYJKoZIhvcNAQELBQADggEBAEoV52taWs6Fi4zWhpUv PTq5oCcNR0YoFtLXqd1Bt0+WPGNRMt624gqmr979iUYPakfWv3Gawf3PigCqWJ7K nvMGwCiKwmMcAGZZ3yuCK2PzYuKhvXsk5xqhTT5k2xEYDreSlkneH6StmJ5Vd2nm 2ne5qE0UxdOKjbvdwByF9HU0hkJYLekEiYx9/0wbF+JeAPiOMaZO1omE31b2SaKJ NX2ZgvM1n9+kpHeS2AWsTuwRIeEqLEKtiuYML0MlFYzjoePDQvU8BvJr3SbG5UIB hdq6Lzhg5rv1I+uyhT0eyqJ/2nqP7OzZThyC5UfCyUkeYDIbQPg15ikhpIuwB7uz mGU= -----END CERTIFICATE-----Generated at Sat Dec 6 13:01:32 2025 by rpki-client