This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa File: d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa (raw, json) Hash identifier: jhpJacTbu42rFGMajKTO5qTYrLJKuWUyUwziE99BgHM= Subject key identifier: 3F:54:CC:F4:D1:36:8E:F8:5A:F2:05:D4:FE:2D:60:B3:82:E4:28:15 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1A44C0C4A1B4547B75993EBD702ADE64506AA88A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa Signing time: Wed 03 Dec 2025 00:10:50 +0000 ROA not before: Wed 03 Dec 2025 00:10:50 +0000 ROA not after: Tue 03 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:44:c0:c4:a1:b4:54:7b:75:99:3e:bd:70:2a:de:64:50:6a:a8:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 3 00:10:50 2025 GMT Not After : Mar 3 23:59:59 2026 GMT Subject: serialNumber=fac6cd2f0e24fb286f6841865b9b25ebc0a95ab1c35fd541b339b162fbef0078, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:32:b3:51:7d:96:2c:3d:39:74:d5:bb:36:8a: 08:28:9c:e6:d5:6d:16:a6:72:d8:92:08:53:25:44: cb:c8:5b:f9:6f:d2:61:6e:22:28:0d:c4:ba:99:fe: 1f:a4:bb:36:73:11:40:1b:1a:35:f0:2a:48:93:63: a5:4e:d2:0b:23:95:15:e4:eb:d5:04:98:23:2e:3e: 04:e5:f9:8b:7a:06:41:4f:0e:87:db:f8:37:a7:a8: ee:b5:97:35:de:1d:ab:3e:60:2a:02:a1:fa:00:34: 30:08:0a:59:15:de:12:35:25:42:87:60:ca:6f:17: 91:87:14:42:8e:25:e7:58:dc:5c:24:e4:17:1a:57: 4d:6a:05:ae:67:96:07:c0:31:86:b7:ee:82:1d:40: 11:e6:9c:7c:7d:4d:8d:da:f3:71:94:74:f2:1c:c4: cb:da:63:24:7d:43:fb:17:6a:00:20:c4:b0:d3:a6: 31:a1:f7:a8:18:6e:38:9b:dd:5e:c9:28:55:9a:30: 45:85:b5:ce:9b:c2:39:a5:21:1d:be:62:4e:dc:ed: 60:e4:50:1d:41:a0:a9:3a:55:86:ad:39:ed:71:db: 13:69:b8:33:a3:82:bb:d2:a7:38:4e:40:fd:76:4b: 5c:93:bd:a5:c0:f2:ec:f4:6b:20:79:f5:3c:3f:1a: 12:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:54:CC:F4:D1:36:8E:F8:5A:F2:05:D4:FE:2D:60:B3:82:E4:28:15 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4000::/40 Signature Algorithm: sha256WithRSAEncryption 07:0d:2a:32:ae:eb:b3:81:63:6c:e0:74:b0:6d:14:0f:1c:63: 4a:0f:e6:34:c9:bb:89:69:2b:39:79:6b:41:6c:5b:56:61:b5: b4:94:37:51:6a:9e:04:34:1b:65:35:58:e1:76:87:c1:21:75: 81:28:4f:f4:3d:e4:12:2d:15:47:ba:62:9d:f3:00:8c:2f:73: de:ac:b5:fd:9f:ed:c6:fd:42:67:08:b2:4e:7d:71:00:aa:3e: 84:3c:10:b3:22:d5:08:9d:f3:98:92:a6:62:61:a2:67:30:25: 25:6f:ae:68:70:4d:0c:78:2c:ab:ce:57:a2:47:aa:46:f4:1e: ad:d4:ce:dd:00:d2:b0:67:ba:00:7d:dc:6f:79:c8:96:69:d0: 5a:88:90:e4:21:15:04:5d:01:eb:08:f7:c0:bf:cc:89:7a:db: 49:6d:2e:10:99:5e:84:24:fa:7d:93:5f:9c:cf:c4:7d:e4:0a: 6d:87:cb:0d:12:66:26:8c:fd:68:c5:d2:0b:8f:5b:8e:27:65: 7b:2f:57:71:ac:de:70:f7:7b:d1:07:63:19:81:27:11:f6:17: 49:f6:50:42:4b:3a:93:5f:f2:a8:a3:8d:9e:b6:60:16:f5:92: f2:14:c9:46:de:aa:78:7e:c2:3d:52:22:09:44:d8:bd:a0:0a: 1c:e5:be:74 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGkTAxKG0VHt1mT69cCreZFBqqIowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMzAwMTA1MFoX DTI2MDMwMzIzNTk1OVowejFJMEcGA1UEBRNAZmFjNmNkMmYwZTI0ZmIyODZmNjg0 MTg2NWI5YjI1ZWJjMGE5NWFiMWMzNWZkNTQxYjMzOWIxNjJmYmVmMDA3ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTKzUX2WLD05dNW7NooIKJzm1W0W pnLYkghTJUTLyFv5b9JhbiIoDcS6mf4fpLs2cxFAGxo18CpIk2OlTtILI5UV5OvV BJgjLj4E5fmLegZBTw6H2/g3p6jutZc13h2rPmAqAqH6ADQwCApZFd4SNSVCh2DK bxeRhxRCjiXnWNxcJOQXGldNagWuZ5YHwDGGt+6CHUAR5px8fU2N2vNxlHTyHMTL 2mMkfUP7F2oAIMSw06YxofeoGG44m91eyShVmjBFhbXOm8I5pSEdvmJO3O1g5FAd QaCpOlWGrTntcdsTabgzo4K70qc4TkD9dktck72lwPLs9GsgefU8PxoS4QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD9UzPTRNo74WvIF1P4tYLOC5CgVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QzYmFlNzkwLTAxZDctNGI2ZS1hMGYwLTkzMDViY2JkNGEzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAEAwDQYJKoZIhvcNAQELBQADggEBAAcNKjKu67OBY2zgdLBt FA8cY0oP5jTJu4lpKzl5a0FsW1ZhtbSUN1FqngQ0G2U1WOF2h8EhdYEoT/Q95BIt FUe6Yp3zAIwvc96stf2f7cb9QmcIsk59cQCqPoQ8ELMi1Qid85iSpmJhomcwJSVv rmhwTQx4LKvOV6JHqkb0Hq3Uzt0A0rBnugB93G95yJZp0FqIkOQhFQRdAesI98C/ zIl620ltLhCZXoQk+n2TX5zPxH3kCm2Hyw0SZiaM/WjF0guPW44nZXsvV3Gs3nD3 e9EHYxmBJxH2F0n2UEJLOpNf8qijjZ62YBb1kvIUyUbeqnh+wj1SIglE2L2gChzl vnQ= -----END CERTIFICATE-----Generated at Sat Dec 6 12:50:12 2025 by rpki-client