This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c21db1e2-4057-478d-a690-5baf74d3b413.roa File: c21db1e2-4057-478d-a690-5baf74d3b413.roa (raw, json) Hash identifier: VmsXSMmJFZ3FaBgjrn6KQCi6Z4SP4bVfOWMn1M2Oi8Q= Subject key identifier: A1:86:54:FD:83:9C:75:61:F8:68:44:36:DD:33:52:7E:A6:AF:72:AE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5B388327072A10D110F6625793A2456569CD98CC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c21db1e2-4057-478d-a690-5baf74d3b413.roa Signing time: Sun 23 Nov 2025 00:10:05 +0000 ROA not before: Sun 23 Nov 2025 00:10:05 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:f040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:38:83:27:07:2a:10:d1:10:f6:62:57:93:a2:45:65:69:cd:98:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 23 00:10:05 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=f335962f58e9985879d220a28ab7fd807ae9f5c5b0a871ecbc25f5b95ef3d771, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e9:ba:db:c9:a0:d5:41:8c:05:18:f5:60:a8: cb:32:6f:f4:8d:30:fc:ae:43:a6:92:a0:92:6b:d3: 48:28:c7:61:75:bf:2b:4d:9e:f3:bf:43:90:86:f6: 7b:2c:64:99:e4:d9:6b:f4:95:ab:c3:ee:9c:80:fd: b0:0b:6c:a8:65:0b:f3:63:e7:cd:79:ed:92:d6:8c: 7f:50:0d:1a:b2:df:c1:db:2a:23:fd:43:08:46:fc: c2:e1:7f:45:79:ed:76:6e:23:8d:f8:b2:d7:6c:31: bb:ba:f2:87:c8:5a:cc:18:6f:a0:00:e6:19:c5:d8: e7:1f:fa:5f:dd:d7:1b:b4:6d:b6:bb:ca:97:e1:00: eb:1c:de:6a:4b:8d:4a:d2:cc:3a:59:6f:44:47:1d: 45:90:b9:dc:73:33:0f:70:76:9d:2d:55:17:e4:87: a7:82:99:8f:ce:30:d2:0b:4c:ef:2e:ae:83:b0:06: 8e:45:f9:33:94:55:e9:7e:1a:4c:44:ba:1d:ac:2e: 52:b5:c7:de:36:6a:59:5e:05:af:af:ce:33:00:01: f1:d3:4b:0e:04:fd:e8:9e:f0:d3:b2:b3:62:69:8b: a9:b5:c2:de:8e:aa:32:cd:44:90:3b:5d:fa:34:5f: 2a:43:f1:ac:39:ed:37:38:88:1a:15:49:46:3d:b0: 4e:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:86:54:FD:83:9C:75:61:F8:68:44:36:DD:33:52:7E:A6:AF:72:AE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c21db1e2-4057-478d-a690-5baf74d3b413.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:f040::/48 Signature Algorithm: sha256WithRSAEncryption 79:1a:39:79:34:c3:c2:b3:0e:78:11:25:b6:b3:c5:e5:14:34: a3:4a:3e:f6:b0:cf:e0:47:c1:23:70:03:ac:5d:b7:28:11:8d: 0e:08:ff:14:04:1c:64:25:cc:89:cd:00:ce:34:8b:e5:7d:6b: c5:4f:ba:d1:1c:4f:62:05:be:01:47:a8:62:47:bd:48:fc:66: 02:12:85:14:04:b2:d3:34:36:3a:78:62:89:46:eb:5e:81:40: cf:97:19:0b:90:0e:63:cd:40:4b:92:1b:64:3b:6b:83:60:98: 8d:6e:de:73:51:fb:07:ad:a1:a9:7a:75:63:2c:e4:49:ea:ed: d4:5c:33:bb:a5:c2:de:5e:41:ae:d9:e3:ff:00:36:7e:dc:a7: 3a:ca:cf:a6:d0:47:f2:3d:dd:52:d3:6b:72:c0:d8:8a:f4:bb: 0e:a8:fe:65:6c:13:81:e9:cf:f9:35:ce:7d:2c:d1:3a:ad:4c: 9a:9f:27:36:56:c6:86:e3:d6:bc:70:35:ba:39:e3:73:02:c4: fa:39:d6:77:fc:d1:79:02:30:58:68:a9:27:77:19:e1:ff:3b: 20:00:24:ba:23:a0:e6:b5:2a:67:c7:c1:b8:27:6a:67:c8:54: b7:52:1c:4f:fc:47:cf:b9:09:d5:20:3b:6f:66:12:ef:ce:56: b8:94:b5:e8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWziDJwcqENEQ9mJXk6JFZWnNmMwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyMzAwMTAwNVoX DTI2MDIyMTIzNTk1OVowejFJMEcGA1UEBRNAZjMzNTk2MmY1OGU5OTg1ODc5ZDIy MGEyOGFiN2ZkODA3YWU5ZjVjNWIwYTg3MWVjYmMyNWY1Yjk1ZWYzZDc3MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvem628mg1UGMBRj1YKjLMm/0jTD8 rkOmkqCSa9NIKMdhdb8rTZ7zv0OQhvZ7LGSZ5Nlr9JWrw+6cgP2wC2yoZQvzY+fN ee2S1ox/UA0ast/B2yoj/UMIRvzC4X9Fee12biON+LLXbDG7uvKHyFrMGG+gAOYZ xdjnH/pf3dcbtG22u8qX4QDrHN5qS41K0sw6WW9ERx1FkLncczMPcHadLVUX5Ien gpmPzjDSC0zvLq6DsAaORfkzlFXpfhpMRLodrC5StcfeNmpZXgWvr84zAAHx00sO BP3onvDTsrNiaYuptcLejqoyzUSQO136NF8qQ/GsOe03OIgaFUlGPbBOYwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKGGVP2DnHVh+GhENt0zUn6mr3KuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MyMWRiMWUyLTQwNTctNDc4ZC1hNjkwLTViYWY3NGQzYjQxMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6vBAMA0GCSqGSIb3DQEBCwUAA4IBAQB5Gjl5NMPCsw54ESW2 s8XlFDSjSj72sM/gR8EjcAOsXbcoEY0OCP8UBBxkJcyJzQDONIvlfWvFT7rRHE9i Bb4BR6hiR71I/GYCEoUUBLLTNDY6eGKJRutegUDPlxkLkA5jzUBLkhtkO2uDYJiN bt5zUfsHraGpenVjLORJ6u3UXDO7pcLeXkGu2eP/ADZ+3Kc6ys+m0EfyPd1S02ty wNiK9LsOqP5lbBOB6c/5Nc59LNE6rUyanyc2VsaG49a8cDW6OeNzAsT6OdZ3/NF5 AjBYaKkndxnh/zsgACS6I6DmtSpnx8G4J2pnyFS3UhxP/EfPuQnVIDtvZhLvzla4 lLXo -----END CERTIFICATE-----Generated at Sat Dec 6 18:07:31 2025 by rpki-client