This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa File: c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa (raw, json) Hash identifier: YUQbqNt3QbEV4Iz1a5mwKLLJ5UI7PmkW/ev6KwknvTg= Subject key identifier: 88:55:BA:FC:09:22:A1:9D:86:AB:AE:B4:E0:3D:FC:12:7B:D1:00:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2302FAC89D253021F9BBADB11F527BBFCCA060B1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa Signing time: Wed 26 Nov 2025 00:00:59 +0000 ROA not before: Wed 26 Nov 2025 00:00:59 +0000 ROA not after: Tue 24 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.213.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:02:fa:c8:9d:25:30:21:f9:bb:ad:b1:1f:52:7b:bf:cc:a0:60:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 26 00:00:59 2025 GMT Not After : Feb 24 23:59:59 2026 GMT Subject: serialNumber=0d375616854f4ce43fe1b084a818dce903f71c88255032898aacdb94a63902f6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:4d:1f:57:f4:78:f6:ac:19:29:52:a6:c1:43: ed:63:c6:b2:13:75:4d:a9:50:66:2f:ac:0e:3a:0d: 9a:f0:63:88:bc:05:b1:3a:76:ac:39:79:58:d3:f3: db:47:9d:e2:bf:d0:82:fc:24:79:4c:f6:07:67:4e: 9a:fd:38:27:38:55:52:27:b3:6b:b4:1c:47:51:c1: 65:fe:28:57:1b:bc:58:f9:b4:84:0d:db:18:1d:3d: 47:bf:76:b1:ec:c0:52:82:91:1f:bb:64:ea:79:81: f3:0e:ea:14:ee:4d:fe:db:9d:49:a8:7f:fe:f6:f1: 65:46:ca:75:65:36:03:bf:9f:15:a3:a0:59:6b:1e: 53:96:62:d8:88:dd:f7:f6:79:bc:bf:6c:e3:bf:53: 47:ab:b0:27:b2:3a:5b:03:4e:48:cb:e8:27:35:18: 90:1c:ff:c1:95:7f:8d:88:5a:34:fc:26:eb:13:1f: 3d:6f:a5:0d:b7:9d:8a:ba:1f:c8:14:d3:02:5a:93: 06:08:60:85:a8:d3:4f:1d:62:c6:1a:e5:ca:fc:df: cb:b6:5a:8c:d4:36:5f:6d:fb:87:d8:99:b6:3c:4e: eb:b4:16:8d:58:b0:81:ba:22:2b:b2:a0:16:20:29: f7:fd:db:db:be:98:2a:ee:92:8e:a8:8e:8e:fc:11: 1d:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:55:BA:FC:09:22:A1:9D:86:AB:AE:B4:E0:3D:FC:12:7B:D1:00:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.213.154.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:22:79:34:99:87:0c:58:22:72:eb:51:d0:c8:f5:5d:55:f2: 1e:d5:9d:9b:9a:58:96:36:53:c7:e1:8b:69:d4:fa:f0:db:47: af:c1:c9:e8:f7:c6:49:46:25:0e:1c:bc:d9:9b:ff:da:a8:4a: 49:8d:23:83:70:18:80:44:06:48:f9:6e:ed:3b:ea:9b:b5:ac: 9c:39:21:54:34:d8:c2:c5:e5:3a:c0:01:cb:6a:12:02:78:6b: 30:f8:5f:88:8d:3b:8f:d1:dd:d6:f1:b8:7f:e3:f9:21:48:c7: e6:b8:96:77:4b:d8:e2:c2:d1:f1:ed:a0:2d:19:97:0b:bf:fb: 31:67:d1:d5:b7:0e:24:27:7b:fc:a8:42:be:f4:fe:37:0c:80: 4f:d5:ad:32:33:23:20:65:a6:b1:14:e1:8b:55:16:c4:60:ba: 20:f8:b7:3c:07:43:27:69:96:cd:8c:83:0e:d5:a7:d9:5f:a7: 44:7e:16:d4:69:39:0b:a2:51:42:6e:92:2b:5d:41:4b:59:70: 66:96:4f:9e:6d:c3:ef:ad:e3:66:3b:55:d9:58:c7:a2:d8:ff: f6:ca:2d:be:4e:17:a2:b0:c4:3b:ab:09:01:6c:c8:33:e6:ac: 32:da:f7:a6:8c:91:9f:21:36:56:85:f4:da:a7:52:1b:5e:e4: 83:8d:04:31 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUIwL6yJ0lMCH5u62xH1J7v8ygYLEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyNjAwMDA1OVoX DTI2MDIyNDIzNTk1OVowejFJMEcGA1UEBRNAMGQzNzU2MTY4NTRmNGNlNDNmZTFi MDg0YTgxOGRjZTkwM2Y3MWM4ODI1NTAzMjg5OGFhY2RiOTRhNjM5MDJmNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnE0fV/R49qwZKVKmwUPtY8ayE3VN qVBmL6wOOg2a8GOIvAWxOnasOXlY0/PbR53iv9CC/CR5TPYHZ06a/TgnOFVSJ7Nr tBxHUcFl/ihXG7xY+bSEDdsYHT1Hv3ax7MBSgpEfu2TqeYHzDuoU7k3+251JqH/+ 9vFlRsp1ZTYDv58Vo6BZax5TlmLYiN339nm8v2zjv1NHq7AnsjpbA05Iy+gnNRiQ HP/BlX+NiFo0/CbrEx89b6UNt52Kuh/IFNMCWpMGCGCFqNNPHWLGGuXK/N/LtlqM 1DZfbfuH2Jm2PE7rtBaNWLCBuiIrsqAWICn3/dvbvpgq7pKOqI6O/BEdcQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIhVuvwJIqGdhquutOA9/BJ70QARMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M2NGIzY2UyLTA2NzAtNGYwYy1iNWI2LWY5NGNlNmJmN2E1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9WaMA0GCSqGSIb3DQEBCwUAA4IBAQA8Ink0mYcMWCJy61HQyPVd VfIe1Z2bmliWNlPH4Ytp1Prw20evwcno98ZJRiUOHLzZm//aqEpJjSODcBiARAZI +W7tO+qbtaycOSFUNNjCxeU6wAHLahICeGsw+F+IjTuP0d3W8bh/4/khSMfmuJZ3 S9jiwtHx7aAtGZcLv/sxZ9HVtw4kJ3v8qEK+9P43DIBP1a0yMyMgZaaxFOGLVRbE YLog+Lc8B0MnaZbNjIMO1afZX6dEfhbUaTkLolFCbpIrXUFLWXBmlk+ebcPvreNm O1XZWMei2P/2yi2+TheisMQ7qwkBbMgz5qwy2vemjJGfITZWhfTap1IbXuSDjQQx -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:53 2025 by rpki-client