This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be8702e9-72df-463a-bb7d-aa1daff3f574.roa File: be8702e9-72df-463a-bb7d-aa1daff3f574.roa (raw, json) Hash identifier: OQ6NlBCG33owOxssv3LGUQo0HSCVKXNT9mwtz3d99SU= Subject key identifier: 4C:04:5B:70:20:82:62:84:74:B4:08:3B:07:BA:A5:FF:3D:04:ED:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 71FBB36A09952A883842CCBC27E293116AE40F15 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be8702e9-72df-463a-bb7d-aa1daff3f574.roa Signing time: Tue 02 Dec 2025 00:20:05 +0000 ROA not before: Tue 02 Dec 2025 00:20:05 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:fb:b3:6a:09:95:2a:88:38:42:cc:bc:27:e2:93:11:6a:e4:0f:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:20:05 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=ba39acd05fcd4f5405a2d4609af52508779e3cf4ece3b63d7d57b8aaea3a1dde, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:0e:d6:62:f2:72:4c:35:1b:33:3b:a5:74:1b: 78:bf:ae:2d:f6:b7:77:da:1f:db:96:80:96:24:f6: 70:49:c4:75:67:89:92:6d:0e:ae:d4:a4:07:c8:12: 01:62:2b:f9:f6:64:b6:cf:b1:46:35:ec:a6:90:13: f7:4b:0c:49:de:7c:e9:24:cb:c8:65:94:c7:d7:81: a1:de:99:89:b5:90:80:18:7d:e5:00:21:4e:a0:49: 07:eb:4a:8a:fc:3a:1d:45:72:38:c4:31:19:b2:60: 2c:ae:53:4d:2b:42:24:3e:fc:8d:9d:10:16:b7:ae: fe:63:b2:86:a0:71:bd:bd:1e:64:77:44:fe:3e:62: 1a:2a:0c:3f:97:45:e8:f7:c6:22:5d:82:d1:fe:b5: 2b:ac:9d:85:a5:90:bc:1b:41:59:88:13:b1:8f:e4: 95:4e:a4:87:0d:60:44:bf:94:cf:fe:01:61:54:9d: 1f:30:c1:6a:24:20:72:e8:88:9f:70:0e:2f:6c:7a: 21:14:df:d6:71:1b:50:a4:07:3a:85:a0:da:45:ee: 02:df:21:53:5e:2f:05:e1:f8:57:8d:34:8c:03:b2: 50:1d:8a:de:6e:ff:aa:14:2d:2d:ec:a2:dd:b2:ea: d7:b8:f3:9c:9c:46:cf:3c:5b:63:7a:59:94:cc:1e: 0e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:04:5B:70:20:82:62:84:74:B4:08:3B:07:BA:A5:FF:3D:04:ED:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be8702e9-72df-463a-bb7d-aa1daff3f574.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:a000::/40 Signature Algorithm: sha256WithRSAEncryption 91:6d:12:a5:79:94:6e:29:9a:ed:74:c5:30:bc:bc:ce:48:24: 91:0e:5d:3a:cb:42:77:b8:6d:42:c8:0b:0f:59:a8:36:ed:b1: 97:28:ef:32:4c:22:3e:46:47:b9:5a:da:e0:8a:6b:8b:c5:1c: 3f:ff:f6:c4:0d:fc:c2:9e:10:f2:3e:49:e9:93:e9:94:da:de: ad:d3:d2:ce:63:91:87:e0:f9:cc:f7:f8:44:59:df:99:3b:e1: 91:3f:41:c0:57:29:50:21:9e:f5:bc:f6:b5:bd:31:ba:84:37: a2:9e:6f:b5:a8:ce:ce:cb:66:7a:de:d7:25:c2:42:c6:d2:f8: 5f:5b:a3:0d:60:2f:0a:64:fa:cf:d7:58:27:3b:4a:de:d3:7a: 5a:66:45:0f:09:4e:83:ca:3d:b8:4b:8f:ce:f5:74:c9:aa:82: fd:a7:9e:17:f1:f7:33:78:b3:88:db:96:1f:43:58:e7:7b:b1: 64:c4:fb:47:c4:8d:25:f5:87:e3:20:21:4e:cc:39:6b:16:2b: ea:d5:39:e5:61:1c:2e:a2:3b:ca:e6:2d:52:96:16:09:86:55: e5:c6:76:ee:2b:13:40:85:8f:72:31:e6:76:d4:8e:a4:2d:2f: d3:aa:41:c7:ad:0a:11:70:97:5b:f4:1c:f3:27:3c:7b:64:7e: c4:47:16:16 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcfuzagmVKog4Qsy8J+KTEWrkDxUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMjAwNVoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAYmEzOWFjZDA1ZmNkNGY1NDA1YTJk NDYwOWFmNTI1MDg3NzllM2NmNGVjZTNiNjNkN2Q1N2I4YWFlYTNhMWRkZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw7WYvJyTDUbMzuldBt4v64t9rd3 2h/bloCWJPZwScR1Z4mSbQ6u1KQHyBIBYiv59mS2z7FGNeymkBP3SwxJ3nzpJMvI ZZTH14Gh3pmJtZCAGH3lACFOoEkH60qK/DodRXI4xDEZsmAsrlNNK0IkPvyNnRAW t67+Y7KGoHG9vR5kd0T+PmIaKgw/l0Xo98YiXYLR/rUrrJ2FpZC8G0FZiBOxj+SV TqSHDWBEv5TP/gFhVJ0fMMFqJCBy6IifcA4vbHohFN/WcRtQpAc6haDaRe4C3yFT Xi8F4fhXjTSMA7JQHYrebv+qFC0t7KLdsurXuPOcnEbPPFtjelmUzB4OiwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEwEW3AggmKEdLQIOwe6pf89BO0jMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JlODcwMmU5LTcyZGYtNDYzYS1iYjdkLWFhMWRhZmYzZjU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/6AwDQYJKoZIhvcNAQELBQADggEBAJFtEqV5lG4pmu10xTC8 vM5IJJEOXTrLQne4bULICw9ZqDbtsZco7zJMIj5GR7la2uCKa4vFHD//9sQN/MKe EPI+SemT6ZTa3q3T0s5jkYfg+cz3+ERZ35k74ZE/QcBXKVAhnvW89rW9MbqEN6Ke b7Wozs7LZnre1yXCQsbS+F9bow1gLwpk+s/XWCc7St7TelpmRQ8JToPKPbhLj871 dMmqgv2nnhfx9zN4s4jblh9DWOd7sWTE+0fEjSX1h+MgIU7MOWsWK+rVOeVhHC6i O8rmLVKWFgmGVeXGdu4rE0CFj3Ix5nbUjqQtL9OqQcetChFwl1v0HPMnPHtkfsRH FhY= -----END CERTIFICATE-----Generated at Sat Dec 6 14:04:41 2025 by rpki-client