This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd2c2945-d487-4697-92e0-60bea4ebc9ee.roa File: dd2c2945-d487-4697-92e0-60bea4ebc9ee.roa (raw, json) Hash identifier: NFiZjAzHeYxsTr1BTsLA8iWstXtCXncpX8DlkCP4TBY= Subject key identifier: 84:69:A8:F7:F4:4E:E7:F3:46:FF:2E:D9:62:B9:85:FF:1E:6C:8F:92 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09F5102B832F20FC6FDED8FD39A79A6E69648704 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd2c2945-d487-4697-92e0-60bea4ebc9ee.roa Signing time: Sun 23 Nov 2025 00:10:11 +0000 ROA not before: Sun 23 Nov 2025 00:10:11 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:8840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:f5:10:2b:83:2f:20:fc:6f:de:d8:fd:39:a7:9a:6e:69:64:87:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 23 00:10:11 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=7aaaa3d80d67a077a4c82eb26122f02d41202ac68e041a775c1d83e720d2b92a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:73:e8:c6:dc:ef:6c:7d:69:f0:74:7c:aa:72: 44:11:50:dd:12:de:29:a7:57:48:32:89:57:e1:2d: 88:3d:45:16:f9:39:85:0c:cf:32:20:0c:7e:eb:88: 6e:57:f3:d7:33:30:4e:90:01:52:da:57:21:d0:17: 19:3d:0f:5c:fa:17:22:01:6a:55:a2:ca:64:17:80: c5:91:f8:53:e0:72:d0:78:1b:58:53:b5:30:be:87: fe:69:80:7b:04:e9:57:fa:58:8d:bf:0b:17:1d:9f: ed:50:24:07:68:69:01:fe:55:1a:d7:44:48:65:7c: 07:31:c0:b5:97:1b:a3:5b:54:80:6f:ee:58:3e:5b: 5d:e7:2b:9e:b9:7a:19:11:e7:45:5a:15:5c:d8:88: 26:3e:7a:df:ba:2d:14:26:be:b9:a2:a0:57:23:6a: c9:74:cd:b6:68:02:03:f5:3a:19:db:9f:15:b6:93: 3e:17:44:af:e4:7b:56:ff:c4:c0:97:3c:70:29:5c: 56:4a:cf:04:4f:c8:ab:26:73:37:7c:99:e5:32:38: 95:0f:79:c9:f2:08:ef:6e:04:de:de:28:c2:ef:91: b9:74:14:45:4b:10:e6:64:5f:e5:25:6e:03:e4:05: 9f:50:97:32:fa:5b:1e:ef:89:65:2e:e2:72:39:9f: 24:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:69:A8:F7:F4:4E:E7:F3:46:FF:2E:D9:62:B9:85:FF:1E:6C:8F:92 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd2c2945-d487-4697-92e0-60bea4ebc9ee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:8840::/48 Signature Algorithm: sha256WithRSAEncryption 21:7d:de:05:87:53:ca:e9:3c:6e:ca:07:0b:62:cd:d9:f0:66: 8b:eb:36:be:19:04:3b:00:fc:41:75:43:23:5f:ee:b3:9c:de: 68:07:ba:38:c2:61:1e:e5:56:d0:53:31:25:94:2d:62:13:25: 80:b7:d2:ba:7e:a1:b6:25:51:0f:8e:f9:09:e8:aa:dc:12:e8: 07:6b:e5:31:9f:91:97:5e:66:6a:c2:e6:81:75:e0:2c:a7:ba: 46:8e:53:aa:d7:9b:11:e7:25:d2:6c:74:2a:60:a7:09:ac:75: 73:73:f6:38:35:db:ea:66:82:e2:b6:98:89:e4:b7:57:22:6c: 30:1c:ff:fd:1e:d3:60:dd:0b:e9:d7:ca:4d:b4:33:26:87:18: e4:50:e0:c2:20:f9:fa:84:d3:46:42:ef:b1:11:24:fa:80:cf: 8e:69:52:df:e7:17:8a:2b:45:f2:38:fd:39:a6:d2:19:4c:eb: ba:22:e7:88:9c:7d:63:f2:58:18:61:1a:21:a5:64:be:e6:48: b9:31:05:2e:3d:96:68:5b:4a:42:7b:6f:a8:83:f6:bc:70:99: 7b:e7:6c:f2:cd:da:15:0f:0e:7d:82:c9:2c:20:43:6b:05:a6: 76:70:c8:ac:ee:91:4c:1b:14:95:58:27:73:a2:d9:9c:fd:0d: 48:59:bb:cf -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCfUQK4MvIPxv3tj9OaeabmlkhwQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyMzAwMTAxMVoX DTI2MDIyMTIzNTk1OVowejFJMEcGA1UEBRNAN2FhYWEzZDgwZDY3YTA3N2E0Yzgy ZWIyNjEyMmYwMmQ0MTIwMmFjNjhlMDQxYTc3NWMxZDgzZTcyMGQyYjkyYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3PoxtzvbH1p8HR8qnJEEVDdEt4p p1dIMolX4S2IPUUW+TmFDM8yIAx+64huV/PXMzBOkAFS2lch0BcZPQ9c+hciAWpV ospkF4DFkfhT4HLQeBtYU7Uwvof+aYB7BOlX+liNvwsXHZ/tUCQHaGkB/lUa10RI ZXwHMcC1lxujW1SAb+5YPltd5yueuXoZEedFWhVc2IgmPnrfui0UJr65oqBXI2rJ dM22aAID9ToZ258VtpM+F0Sv5HtW/8TAlzxwKVxWSs8ET8irJnM3fJnlMjiVD3nJ 8gjvbgTe3ijC75G5dBRFSxDmZF/lJW4D5AWfUJcy+lse74llLuJyOZ8k9QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIRpqPf0TufzRv8u2WK5hf8ebI+SMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RkMmMyOTQ1LWQ0ODctNDY5Ny05MmUwLTYwYmVhNGViYzllZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6ohAMA0GCSqGSIb3DQEBCwUAA4IBAQAhfd4Fh1PK6TxuygcL Ys3Z8GaL6za+GQQ7APxBdUMjX+6znN5oB7o4wmEe5VbQUzEllC1iEyWAt9K6fqG2 JVEPjvkJ6KrcEugHa+Uxn5GXXmZqwuaBdeAsp7pGjlOq15sR5yXSbHQqYKcJrHVz c/Y4NdvqZoLitpiJ5LdXImwwHP/9HtNg3Qvp18pNtDMmhxjkUODCIPn6hNNGQu+x EST6gM+OaVLf5xeKK0XyOP05ptIZTOu6IueInH1j8lgYYRohpWS+5ki5MQUuPZZo W0pCe2+og/a8cJl752zyzdoVDw59gsksIENrBaZ2cMis7pFMGxSVWCdzotmc/Q1I WbvP -----END CERTIFICATE-----Generated at Sat Dec 6 12:44:35 2025 by rpki-client