This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa File: bffbf7d3-f229-458a-8400-7dc848730d21.roa (raw, json) Hash identifier: c/sFveZm87ydC3HcDgEkDELqKC8KTxtScA0L1es9V8c= Subject key identifier: CD:4B:D0:84:90:4C:98:F9:6C:9E:65:6F:18:DA:2F:BA:FE:E0:25:F3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 46807A839689A57EF27968612C8E550A55A6736B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa Signing time: Sun 30 Nov 2025 00:01:23 +0000 ROA not before: Sun 30 Nov 2025 00:01:23 +0000 ROA not after: Sat 28 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:80:7a:83:96:89:a5:7e:f2:79:68:61:2c:8e:55:0a:55:a6:73:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 30 00:01:23 2025 GMT Not After : Feb 28 23:59:59 2026 GMT Subject: serialNumber=d75f68c22d86987e43702a35928bb4f5319f1267fd9e2e73054fc6cbaa840b07, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6c:28:4f:71:98:5f:c2:16:02:5f:f5:aa:af: c4:61:de:93:e6:8f:d9:86:5d:57:05:2c:f8:34:09: bd:1c:83:ca:41:b9:16:59:7a:71:84:73:ac:f4:fc: 4d:57:ce:ca:b1:f8:67:29:d7:79:67:b7:ed:ef:4b: aa:f3:88:8b:c9:7d:8c:e4:03:e5:79:74:46:d4:0e: 30:5e:61:9d:c5:f2:3b:87:18:5a:d8:37:81:93:25: 83:10:38:0e:e2:20:3c:cf:f9:4b:88:9f:19:ff:79: b4:13:bf:6b:7d:43:d7:9b:b1:d4:56:6d:e6:25:df: 97:82:ec:13:26:ff:06:8c:e9:f8:7f:fa:4c:5c:d0: de:f8:ac:9f:f3:41:a2:2f:43:3e:6e:fd:82:37:15: d8:11:9c:18:ab:24:33:22:a7:99:b5:45:ea:8a:4e: 5d:85:14:45:d7:42:f2:44:9e:ff:28:46:45:5f:64: df:69:31:b7:92:29:03:6e:6e:3b:3e:3a:a3:d6:96: 7e:a0:30:b7:25:c6:a2:fe:1a:c1:b2:e9:08:89:5e: 0c:81:40:0b:e3:aa:d4:f3:a2:17:43:9c:09:7b:6f: 22:33:14:c8:44:a6:fa:5c:35:4d:3e:79:77:00:10: e8:20:57:cb:fa:b7:59:57:95:54:2a:ee:8a:24:c2: 46:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:4B:D0:84:90:4C:98:F9:6C:9E:65:6F:18:DA:2F:BA:FE:E0:25:F3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 02:5c:76:45:d0:4b:eb:20:f4:69:9e:51:df:04:d6:5f:a4:4b: e3:2a:9c:3b:4a:63:c5:87:5e:46:a4:b3:4e:ee:2f:da:71:8b: 65:84:f9:f1:12:45:ee:1b:a7:8b:af:a1:3b:3b:79:85:8d:1c: ae:b4:b0:51:8b:e5:2f:dd:ac:36:e9:08:16:3c:22:7a:38:7f: c5:bd:07:2f:d3:a1:79:a9:56:29:a3:41:ec:46:32:f4:28:71: 80:27:4a:9a:a3:8e:3c:15:1b:13:7b:67:a0:be:77:5e:37:fc: e5:77:a4:4d:b8:46:4b:c7:2e:a2:7a:e6:85:e0:54:c6:64:f0: 06:6d:99:68:73:c4:38:98:53:74:5a:11:23:de:9d:d5:bb:e0: ba:56:b6:5e:16:68:1c:f8:5a:b4:39:2a:96:9c:76:e6:61:f0: 46:0a:d9:60:85:2e:73:ec:40:39:c5:0b:31:46:99:c1:97:f8: cd:f3:7f:06:e1:ec:71:d1:d4:0d:3a:75:0a:cf:3d:a2:1e:01: 6e:3b:ce:e7:67:db:e8:b2:41:02:37:55:8f:42:3d:8a:c1:a9: 33:33:7c:14:d7:3b:78:d5:50:7b:6a:19:f3:d6:dd:00:53:62: 1a:c3:d3:c9:fd:57:f6:19:5a:c1:2b:e9:de:6b:48:2d:ff:16: 8d:fd:25:3e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURoB6g5aJpX7yeWhhLI5VClWmc2swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEzMDAwMDEyM1oX DTI2MDIyODIzNTk1OVowejFJMEcGA1UEBRNAZDc1ZjY4YzIyZDg2OTg3ZTQzNzAy YTM1OTI4YmI0ZjUzMTlmMTI2N2ZkOWUyZTczMDU0ZmM2Y2JhYTg0MGIwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmwoT3GYX8IWAl/1qq/EYd6T5o/Z hl1XBSz4NAm9HIPKQbkWWXpxhHOs9PxNV87KsfhnKdd5Z7ft70uq84iLyX2M5APl eXRG1A4wXmGdxfI7hxha2DeBkyWDEDgO4iA8z/lLiJ8Z/3m0E79rfUPXm7HUVm3m Jd+XguwTJv8GjOn4f/pMXNDe+Kyf80GiL0M+bv2CNxXYEZwYqyQzIqeZtUXqik5d hRRF10LyRJ7/KEZFX2TfaTG3kikDbm47Pjqj1pZ+oDC3Jcai/hrBsukIiV4MgUAL 46rU86IXQ5wJe28iMxTIRKb6XDVNPnl3ABDoIFfL+rdZV5VUKu6KJMJGCwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFM1L0ISQTJj5bJ5lbxjaL7r+4CXzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmZmJmN2QzLWYyMjktNDU4YS04NDAwLTdkYzg0ODczMGQyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8sCAMA0GCSqGSIb3DQEBCwUAA4IBAQACXHZF0EvrIPRpnlHf BNZfpEvjKpw7SmPFh15GpLNO7i/acYtlhPnxEkXuG6eLr6E7O3mFjRyutLBRi+Uv 3aw26QgWPCJ6OH/FvQcv06F5qVYpo0HsRjL0KHGAJ0qao448FRsTe2egvndeN/zl d6RNuEZLxy6ieuaF4FTGZPAGbZloc8Q4mFN0WhEj3p3Vu+C6VrZeFmgc+Fq0OSqW nHbmYfBGCtlghS5z7EA5xQsxRpnBl/jN838G4exx0dQNOnUKzz2iHgFuO87nZ9vo skECN1WPQj2KwakzM3wU1zt41VB7ahnz1t0AU2Iaw9PJ/Vf2GVrBK+nea0gt/xaN /SU+ -----END CERTIFICATE-----Generated at Sat Dec 6 15:57:24 2025 by rpki-client