This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa File: c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa (raw, json) Hash identifier: mcrHRyYbJaqV5WkRXME1RLzQgh+HKABiCl1RprKD46k= Subject key identifier: 61:9D:52:A7:2F:F0:10:E4:97:A4:27:48:E2:67:CD:CD:78:70:FA:D2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 52EC71773D53DA370253906D574645B0D9545101 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa Signing time: Sun 30 Nov 2025 00:00:58 +0000 ROA not before: Sun 30 Nov 2025 00:00:58 +0000 ROA not after: Sat 28 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:ec:71:77:3d:53:da:37:02:53:90:6d:57:46:45:b0:d9:54:51:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 30 00:00:58 2025 GMT Not After : Feb 28 23:59:59 2026 GMT Subject: serialNumber=0ff0dd08b371b05af5b20554a810f625b38025ce9841e841a43a6ebe32c51336, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ca:c2:f4:49:28:c6:41:9c:53:10:ff:c8:f7: 57:df:aa:80:32:ca:aa:a5:6a:c0:32:dc:7a:5d:94: 24:dc:35:5f:49:5d:5d:45:50:7f:d5:fb:88:72:0d: 7e:c5:b8:21:de:9c:7e:dd:f8:0a:76:74:c8:ff:65: 4d:61:ed:05:1b:b2:75:1c:1a:bc:8c:49:8b:34:1c: f2:c7:77:5e:fc:94:fc:c2:21:cc:1d:ff:57:28:49: e7:37:80:20:e3:98:01:ed:3d:df:b5:9d:82:69:be: 88:2d:64:4f:cd:cf:20:4a:53:cc:57:10:fb:ab:e6: 96:db:a0:f5:91:41:9b:f4:7c:39:dc:98:68:f3:30: ff:11:f4:fd:e4:49:5f:73:23:2d:6a:57:d7:04:70: d1:c3:98:51:95:b3:66:d1:c4:5e:1f:bd:b3:12:95: 5b:72:3f:1c:7f:16:39:ea:1e:57:d5:6e:14:b7:55: bd:4b:da:0d:b5:a7:a4:12:79:77:62:1b:54:ac:72: 81:64:a6:66:95:77:2f:50:51:b0:be:c1:89:90:18: 8a:7a:c0:ab:78:76:64:13:42:60:67:69:dd:ad:d9: ec:f3:66:ab:54:f4:99:94:4a:00:21:0e:3a:65:3b: 7c:1f:69:00:b6:ac:3c:b7:64:09:73:e0:fe:3f:9b: cc:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:9D:52:A7:2F:F0:10:E4:97:A4:27:48:E2:67:CD:CD:78:70:FA:D2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a040::/48 Signature Algorithm: sha256WithRSAEncryption be:13:7e:1d:ff:1c:bc:22:f2:8d:cb:93:f6:5d:2f:b1:2d:4f: 62:84:2b:e3:ea:05:78:52:2a:b6:61:40:2c:31:cf:e2:7e:86: 79:c0:4b:b3:da:d4:04:b7:9a:26:bb:98:40:17:94:05:eb:aa: f9:49:c3:0e:90:5f:a0:1a:16:be:8d:af:ef:61:38:e9:ab:23: 43:01:3b:5b:00:4a:38:a7:54:b1:e4:92:c5:e9:05:69:08:22: 88:23:55:ae:c9:79:2b:1b:48:74:68:2e:07:85:41:cd:9b:5a: 7a:15:a7:e0:d4:3d:e0:f2:44:18:f4:a9:7d:b4:dd:43:ab:60: 61:ef:aa:55:e9:e7:77:27:e1:19:0e:83:14:1b:c6:fe:40:d7: f5:2b:27:76:9f:5e:35:9e:56:7a:8a:b1:a6:e1:b5:04:35:ae: 67:b4:d0:53:c0:c0:90:0e:44:35:cd:8e:e1:e5:8a:6a:6b:d3: 18:51:b4:a9:04:fb:27:48:0f:3b:2c:4c:e0:c5:08:09:c0:9f: a9:05:07:d9:80:0d:24:b2:02:47:22:3d:24:01:e5:ca:79:91: 1b:6c:05:01:d1:e1:49:a3:26:61:bb:73:e0:4e:8b:97:58:9d: 61:b4:09:a3:b7:9b:35:4f:4b:25:3b:dd:13:8a:53:f4:fe:da: d7:04:ff:94 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUuxxdz1T2jcCU5BtV0ZFsNlUUQEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEzMDAwMDA1OFoX DTI2MDIyODIzNTk1OVowejFJMEcGA1UEBRNAMGZmMGRkMDhiMzcxYjA1YWY1YjIw NTU0YTgxMGY2MjViMzgwMjVjZTk4NDFlODQxYTQzYTZlYmUzMmM1MTMzNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcrC9EkoxkGcUxD/yPdX36qAMsqq pWrAMtx6XZQk3DVfSV1dRVB/1fuIcg1+xbgh3px+3fgKdnTI/2VNYe0FG7J1HBq8 jEmLNBzyx3de/JT8wiHMHf9XKEnnN4Ag45gB7T3ftZ2Cab6ILWRPzc8gSlPMVxD7 q+aW26D1kUGb9Hw53Jho8zD/EfT95ElfcyMtalfXBHDRw5hRlbNm0cReH72zEpVb cj8cfxY56h5X1W4Ut1W9S9oNtaekEnl3YhtUrHKBZKZmlXcvUFGwvsGJkBiKesCr eHZkE0JgZ2ndrdns82arVPSZlEoAIQ46ZTt8H2kAtqw8t2QJc+D+P5vMrQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGGdUqcv8BDkl6QnSOJnzc14cPrSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YTFhM2ViLTQ2ZmItNDM0OS1iZWI0LWRiYWRlZjkwN2UyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKBAMA0GCSqGSIb3DQEBCwUAA4IBAQC+E34d/xy8IvKNy5P2 XS+xLU9ihCvj6gV4Uiq2YUAsMc/ifoZ5wEuz2tQEt5omu5hAF5QF66r5ScMOkF+g Gha+ja/vYTjpqyNDATtbAEo4p1Sx5JLF6QVpCCKII1WuyXkrG0h0aC4HhUHNm1p6 Fafg1D3g8kQY9Kl9tN1Dq2Bh76pV6ed3J+EZDoMUG8b+QNf1Kyd2n141nlZ6irGm 4bUENa5ntNBTwMCQDkQ1zY7h5Ypqa9MYUbSpBPsnSA87LEzgxQgJwJ+pBQfZgA0k sgJHIj0kAeXKeZEbbAUB0eFJoyZhu3PgTouXWJ1htAmjt5s1T0slO90TilP0/trX BP+U -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:44 2025 by rpki-client