This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea6376bc-3f0a-4473-94e8-31ba637cd756.roa File: ea6376bc-3f0a-4473-94e8-31ba637cd756.roa (raw, json) Hash identifier: R17B9xfDeYeu6kGt3OtQFZvPzUAHkJlD+dfv2F+GOaE= Subject key identifier: 07:AD:7C:13:65:A4:4F:B3:DA:58:99:31:83:44:93:E8:00:04:F8:DB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2855EDD92BCD2E9322C745B41B327EF7D09B2175 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea6376bc-3f0a-4473-94e8-31ba637cd756.roa Signing time: Wed 26 Nov 2025 00:00:13 +0000 ROA not before: Wed 26 Nov 2025 00:00:13 +0000 ROA not after: Tue 24 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:55:ed:d9:2b:cd:2e:93:22:c7:45:b4:1b:32:7e:f7:d0:9b:21:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 26 00:00:13 2025 GMT Not After : Feb 24 23:59:59 2026 GMT Subject: serialNumber=a8246f505d6212e1791082632365c3f4b8edc4a73c6a8eb42df0dcfd89c2735d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:5a:95:a5:83:3e:de:03:b5:44:2f:3e:ef:3d: bc:7f:cc:db:23:76:81:89:58:11:92:4c:11:88:e3: ed:cb:69:98:0e:1f:b7:4a:0b:8a:05:85:1c:e8:05: 56:08:04:71:e8:25:37:fc:b3:c5:d2:d3:d9:b5:16: f7:c7:a0:8c:65:62:b7:15:82:2f:c0:d7:af:eb:e3: 81:33:0c:ed:59:b7:2a:08:30:14:72:56:24:c1:fb: b9:91:96:0d:31:ff:09:97:cc:da:8b:7d:d8:9a:d2: cf:57:67:a9:40:2c:80:ba:f6:d2:b7:17:f4:30:d4: 8a:12:5d:d8:01:c4:3d:57:e2:da:26:13:d9:cf:df: b7:23:cd:52:9d:7a:54:8c:d4:21:cc:eb:ce:d2:ad: ab:2c:fa:63:ee:5b:20:c0:20:cb:79:c9:0d:db:c8: c9:dc:9e:f0:64:64:56:b6:7e:fc:00:8b:aa:72:48: 61:32:84:70:17:b4:c3:a5:d0:6b:43:28:75:df:61: 03:70:0d:50:ed:fb:73:4d:1b:04:98:73:c1:4f:f3: c0:06:c7:da:30:0e:54:5a:f9:4c:d5:ce:87:8c:54: 05:50:27:4b:b7:19:cf:73:54:57:26:7a:13:db:b2: 25:18:e2:1e:0d:c9:0f:d8:b2:25:3c:c5:26:a9:cb: 02:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:AD:7C:13:65:A4:4F:B3:DA:58:99:31:83:44:93:E8:00:04:F8:DB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea6376bc-3f0a-4473-94e8-31ba637cd756.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:4800::/40 Signature Algorithm: sha256WithRSAEncryption 38:e5:0b:e5:b7:54:87:e1:42:bb:98:f7:90:98:f9:63:9b:47: d4:f3:bb:6d:59:4f:da:66:c2:6d:e6:b8:7f:f8:c8:5e:b9:57: 7b:56:aa:8e:94:4a:63:e1:3b:3a:d9:26:3a:ba:ce:2d:7e:78: 2a:ec:9e:f1:22:cb:89:27:3a:34:5f:86:ba:df:09:2b:ec:c5: 48:5d:81:13:df:57:c1:65:85:8a:ef:96:29:d5:b4:a0:b8:5a: 19:09:5a:f6:3f:58:5b:85:7d:3a:cf:31:06:36:b2:ec:00:d1: 1c:f2:9f:22:01:57:a0:7e:2c:43:d8:9f:47:f9:2a:15:ab:2a: 02:7b:17:43:27:e6:7e:b2:3c:28:14:87:8d:c5:41:a1:3b:2c: a4:35:ca:31:c8:8d:57:e0:5d:69:3b:77:41:c6:85:98:16:00: 00:57:6c:90:92:68:16:3b:fe:ad:a1:f1:c1:39:44:78:3a:f7: 79:64:4c:38:3e:5f:39:ab:7a:22:12:55:fa:b2:ad:4a:f0:a5: 28:e6:57:95:7c:67:c0:73:ed:8c:6c:86:45:a7:9b:7a:65:e0: b5:fa:84:16:7f:c6:db:88:88:df:56:b2:c6:fb:b5:a7:46:96: f6:e4:7c:50:12:30:89:48:5d:59:ae:33:a1:1a:46:4d:9c:c2: e6:f5:db:a8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKFXt2SvNLpMix0W0GzJ+99CbIXUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyNjAwMDAxM1oX DTI2MDIyNDIzNTk1OVowejFJMEcGA1UEBRNAYTgyNDZmNTA1ZDYyMTJlMTc5MTA4 MjYzMjM2NWMzZjRiOGVkYzRhNzNjNmE4ZWI0MmRmMGRjZmQ4OWMyNzM1ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlqVpYM+3gO1RC8+7z28f8zbI3aB iVgRkkwRiOPty2mYDh+3SguKBYUc6AVWCARx6CU3/LPF0tPZtRb3x6CMZWK3FYIv wNev6+OBMwztWbcqCDAUclYkwfu5kZYNMf8Jl8zai33YmtLPV2epQCyAuvbStxf0 MNSKEl3YAcQ9V+LaJhPZz9+3I81SnXpUjNQhzOvO0q2rLPpj7lsgwCDLeckN28jJ 3J7wZGRWtn78AIuqckhhMoRwF7TDpdBrQyh132EDcA1Q7ftzTRsEmHPBT/PABsfa MA5UWvlM1c6HjFQFUCdLtxnPc1RXJnoT27IlGOIeDckP2LIlPMUmqcsC5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAetfBNlpE+z2liZMYNEk+gABPjbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhNjM3NmJjLTNmMGEtNDQ3My05NGU4LTMxYmE2MzdjZDc1Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9EgwDQYJKoZIhvcNAQELBQADggEBADjlC+W3VIfhQruY95CY +WObR9Tzu21ZT9pmwm3muH/4yF65V3tWqo6USmPhOzrZJjq6zi1+eCrsnvEiy4kn OjRfhrrfCSvsxUhdgRPfV8FlhYrvlinVtKC4WhkJWvY/WFuFfTrPMQY2suwA0Rzy nyIBV6B+LEPYn0f5KhWrKgJ7F0Mn5n6yPCgUh43FQaE7LKQ1yjHIjVfgXWk7d0HG hZgWAABXbJCSaBY7/q2h8cE5RHg693lkTDg+XzmreiISVfqyrUrwpSjmV5V8Z8Bz 7YxshkWnm3pl4LX6hBZ/xtuIiN9Wssb7tadGlvbkfFASMIlIXVmuM6EaRk2cwub1 26g= -----END CERTIFICATE-----Generated at Sat Dec 6 10:58:46 2025 by rpki-client