This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa File: c18b0845-fc95-41d6-b476-af4e1e466849.roa (raw, json) Hash identifier: tUfvO1tfzBNVYGTeoObhXIC/xwxMuE3Y0IbH2s5grG4= Subject key identifier: 71:BB:A5:B3:4F:36:53:51:D2:47:8B:A4:0E:4E:A3:05:7B:B1:B5:FA Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 20D26D8F61A119311D2E0AF2CF0120CA10F744D1 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa Signing time: Sun 23 Nov 2025 00:11:08 +0000 ROA not before: Sun 23 Nov 2025 00:11:08 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:d2:6d:8f:61:a1:19:31:1d:2e:0a:f2:cf:01:20:ca:10:f7:44:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Nov 23 00:11:08 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=563a95fc3b5416ffe5707ce08e50807c29a92380731e51d48cbd79ec1871d23b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d7:82:ac:6f:75:51:8a:76:47:32:aa:aa:03: 7a:0b:8e:7c:98:54:9a:bd:cd:21:e1:d4:4c:d3:2b: 48:3a:c7:9e:2c:89:78:40:30:f9:80:6e:98:18:d9: 33:7b:4a:61:43:86:58:6a:8b:3b:53:5f:58:12:5a: 1c:2c:80:67:f6:e5:5b:43:44:ed:3b:72:51:0b:42: e6:a1:a3:f9:28:45:77:ee:b8:d6:6e:8c:75:55:25: b0:9f:7d:ac:d6:4f:a6:3e:c3:b0:66:b4:92:45:3a: 18:09:a2:d6:b1:52:d8:ba:0a:57:2d:38:f4:6b:2e: 1c:74:67:a8:6e:3b:d5:42:6a:7e:44:b0:51:db:e0: 38:f8:12:7d:b1:b0:9e:7e:58:ba:4f:59:6a:71:aa: a9:7b:3d:56:47:47:55:43:0d:65:ed:69:a4:7e:4c: 4f:c9:0b:43:14:5a:e3:f6:aa:34:47:be:01:6f:4a: b9:e3:62:c2:19:d0:06:c1:19:ec:67:09:73:13:12: 59:d2:2b:e6:db:1f:bb:77:41:32:88:b3:fc:ae:ae: a4:ad:ee:3a:65:b4:69:1c:b8:a4:74:f2:51:94:ef: 6d:e3:8c:f5:18:10:d3:c1:59:2e:18:6e:0f:68:69: 1f:4e:16:4e:db:87:ee:a8:a6:aa:59:77:b0:5d:e0: c7:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:BB:A5:B3:4F:36:53:51:D2:47:8B:A4:0E:4E:A3:05:7B:B1:B5:FA X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.133.0/24 Signature Algorithm: sha256WithRSAEncryption 59:2d:30:87:41:54:9d:f1:bc:11:bf:1b:16:42:a6:d4:09:66: d3:60:2f:ef:d9:ae:f3:1b:88:06:3d:71:6c:0d:8c:ed:fc:74: 1e:d8:a6:3a:16:3b:64:19:eb:54:4d:7d:1b:77:33:ca:ff:9a: e9:0e:78:89:57:34:77:52:37:6e:43:f0:47:d0:d0:35:a3:6e: 4b:31:f4:72:11:25:a1:7c:e4:4c:20:e3:bd:2b:a7:8d:b0:43: 61:65:c1:93:18:08:64:0a:cb:a3:70:a6:73:d0:39:e9:b2:11: e1:51:70:43:43:45:f7:05:5b:f5:a0:b1:30:26:58:8e:68:c2: fc:6e:f0:4b:a6:e1:65:ea:e4:e1:a3:dc:b0:4f:fe:6c:cd:7e: d3:87:3d:bc:7d:23:29:12:43:dd:e0:f9:96:39:f5:3b:f8:fe: b3:e2:c5:65:4a:97:a0:0f:ae:98:00:22:49:00:ba:25:78:e6: 4d:18:eb:55:95:44:df:66:54:74:f2:60:56:41:0f:1f:01:97: f4:0f:e3:24:1c:48:f4:fd:f2:2f:d3:6b:27:53:c5:54:c5:fe: b8:88:2e:df:eb:9e:d2:86:47:a8:65:61:3d:06:ef:2f:11:58: 2a:6d:8f:6a:e4:ed:ad:3e:36:68:0c:01:9b:4d:63:bb:9d:6d: f1:9b:bf:b8 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUINJtj2GhGTEdLgryzwEgyhD3RNEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTEyMzAwMTEwOFoX DTI2MDIyMTIzNTk1OVowejFJMEcGA1UEBRNANTYzYTk1ZmMzYjU0MTZmZmU1NzA3 Y2UwOGU1MDgwN2MyOWE5MjM4MDczMWU1MWQ0OGNiZDc5ZWMxODcxZDIzYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9eCrG91UYp2RzKqqgN6C458mFSa vc0h4dRM0ytIOseeLIl4QDD5gG6YGNkze0phQ4ZYaos7U19YElocLIBn9uVbQ0Tt O3JRC0LmoaP5KEV37rjWbox1VSWwn32s1k+mPsOwZrSSRToYCaLWsVLYugpXLTj0 ay4cdGeobjvVQmp+RLBR2+A4+BJ9sbCefli6T1lqcaqpez1WR0dVQw1l7WmkfkxP yQtDFFrj9qo0R74Bb0q542LCGdAGwRnsZwlzExJZ0ivm2x+7d0EyiLP8rq6kre46 ZbRpHLikdPJRlO9t44z1GBDTwVkuGG4PaGkfThZO24fuqKaqWXewXeDHPwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHG7pbNPNlNR0keLpA5OowV7sbX6MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxOGIwODQ1LWZjOTUtNDFkNi1iNDc2LWFmNGUxZTQ2Njg0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iFMA0GCSqGSIb3DQEBCwUAA4IBAQBZLTCHQVSd8bwRvxsWQqbU CWbTYC/v2a7zG4gGPXFsDYzt/HQe2KY6FjtkGetUTX0bdzPK/5rpDniJVzR3Ujdu Q/BH0NA1o25LMfRyESWhfORMIOO9K6eNsENhZcGTGAhkCsujcKZz0DnpshHhUXBD Q0X3BVv1oLEwJliOaML8bvBLpuFl6uTho9ywT/5szX7Thz28fSMpEkPd4PmWOfU7 +P6z4sVlSpegD66YACJJALoleOZNGOtVlUTfZlR08mBWQQ8fAZf0D+MkHEj0/fIv 02snU8VUxf64iC7f657ShkeoZWE9Bu8vEVgqbY9q5O2tPjZoDAGbTWO7nW3xm7+4 -----END CERTIFICATE-----Generated at Sat Dec 6 11:11:33 2025 by rpki-client