This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa File: ec8e23bf-c8d6-4a69-9151-124b795d815a.roa (raw, json) Hash identifier: 51VOQAc8yF43fpDMPwHTnQMAhsTHPU2+Xq5j1Ac6Nrk= Subject key identifier: 36:7C:71:8D:86:0E:DE:E0:D3:1B:69:ED:69:04:42:F0:C5:3A:94:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6DCD44C4F274F7F007A11CFF07A21F4B69DA9A45 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa Signing time: Tue 02 Dec 2025 00:20:13 +0000 ROA not before: Tue 02 Dec 2025 00:20:13 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:cd:44:c4:f2:74:f7:f0:07:a1:1c:ff:07:a2:1f:4b:69:da:9a:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:20:13 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=986f3c004aa1ce17e521c1d7761e2a8b4c097b3eb217ec25d261d4c3458f7869, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:68:d1:0d:af:dc:47:54:b6:a5:9f:67:3a:2b: 28:ce:ce:50:c0:f3:66:3b:2c:64:f7:21:8f:ae:de: a6:38:bf:9a:3f:cf:40:5a:2c:ce:7b:9c:3c:0e:95: 2c:19:47:1b:25:ca:a9:f1:fc:f4:3b:e0:ec:df:d0: 5e:e5:68:ad:d8:39:25:e0:7d:03:63:fc:39:b2:a0: f4:ba:98:e0:04:b6:fe:02:db:16:95:c8:7c:b7:7e: 94:16:25:81:19:eb:c2:56:89:7a:84:d3:ce:6c:b2: e1:81:ab:50:9a:27:96:60:5f:dc:eb:30:55:f7:44: d6:e9:95:2a:de:9a:41:ad:dc:aa:cb:13:a8:3d:78: ee:e7:4e:8e:7e:3d:97:0d:b6:9f:4a:59:60:91:da: 53:ad:da:23:0e:34:8a:ff:63:a5:88:63:33:7f:8a: 88:b6:11:7b:23:a7:1e:58:af:3e:c0:2c:b7:35:77: a1:2f:a0:75:0a:60:5d:5f:85:e2:01:6c:52:5b:68: aa:8f:f7:5e:ec:ca:71:a7:06:45:0d:b0:df:bc:24: 48:71:0b:7b:ca:bf:ea:ff:ee:72:64:b3:e2:a4:46: 02:02:0a:e7:39:b5:30:f5:cc:73:82:08:62:a1:14: 86:91:e2:23:41:4f:ed:23:b2:d5:c9:bd:07:25:ae: 11:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:7C:71:8D:86:0E:DE:E0:D3:1B:69:ED:69:04:42:F0:C5:3A:94:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6040::/48 Signature Algorithm: sha256WithRSAEncryption 31:1d:a2:35:f4:87:58:32:58:a1:ee:05:90:1a:57:2e:b6:64: 82:c4:7e:2c:d5:96:2a:fb:2b:05:a3:e4:5b:a6:35:a3:7a:dd: 4e:f2:5c:52:d1:be:a0:20:7d:e1:d4:a1:a2:d9:3e:52:89:99: 67:59:eb:b3:0d:8c:61:13:36:1b:ea:55:d1:ca:06:6a:41:9a: 28:ac:5e:be:1c:82:98:f7:93:a5:ed:4c:ec:cc:ba:b4:34:34: 09:73:9b:54:8e:e5:3c:5e:c4:3b:13:bf:98:cd:5b:aa:53:2b: b8:49:e3:c0:1b:b1:be:f0:4c:4f:c9:d9:e9:d4:93:0c:dd:46: 68:84:e3:63:16:a7:d4:78:18:9c:c9:d3:d2:b9:9b:b6:b5:17: 07:32:bf:0d:ea:13:d1:0d:ad:2a:22:e4:6e:34:b9:8e:b7:d6: 43:57:ab:f2:bb:ba:ff:52:ad:8b:3c:e2:4f:ef:f8:56:e0:66: 85:22:74:a6:24:bd:45:22:d2:66:fe:ca:06:13:6d:30:dd:ff: 83:f9:c1:c3:1e:72:17:1b:bf:6d:b8:4f:8d:69:56:c3:c2:7e: 6d:32:fd:a8:1d:08:16:75:8a:9b:60:7b:0d:6f:77:e6:6f:2a: 2d:49:01:f5:fe:8f:14:9a:ee:17:db:c5:7c:11:e3:ca:19:7b: 99:a9:0c:ee -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbc1ExPJ09/AHoRz/B6IfS2namkUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMjAxM1oX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAOTg2ZjNjMDA0YWExY2UxN2U1MjFj MWQ3NzYxZTJhOGI0YzA5N2IzZWIyMTdlYzI1ZDI2MWQ0YzM0NThmNzg2OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWjRDa/cR1S2pZ9nOisozs5QwPNm Oyxk9yGPrt6mOL+aP89AWizOe5w8DpUsGUcbJcqp8fz0O+Ds39Be5Wit2Dkl4H0D Y/w5sqD0upjgBLb+AtsWlch8t36UFiWBGevCVol6hNPObLLhgatQmieWYF/c6zBV 90TW6ZUq3ppBrdyqyxOoPXju506Ofj2XDbafSllgkdpTrdojDjSK/2OliGMzf4qI thF7I6ceWK8+wCy3NXehL6B1CmBdX4XiAWxSW2iqj/de7MpxpwZFDbDfvCRIcQt7 yr/q/+5yZLPipEYCAgrnObUw9cxzgghioRSGkeIjQU/tI7LVyb0HJa4RAQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDZ8cY2GDt7g0xtp7WkEQvDFOpT4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VjOGUyM2JmLWM4ZDYtNGE2OS05MTUxLTEyNGI3OTVkODE1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGBAMA0GCSqGSIb3DQEBCwUAA4IBAQAxHaI19IdYMlih7gWQ GlcutmSCxH4s1ZYq+ysFo+RbpjWjet1O8lxS0b6gIH3h1KGi2T5SiZlnWeuzDYxh EzYb6lXRygZqQZoorF6+HIKY95Ol7UzszLq0NDQJc5tUjuU8XsQ7E7+YzVuqUyu4 SePAG7G+8ExPydnp1JMM3UZohONjFqfUeBicydPSuZu2tRcHMr8N6hPRDa0qIuRu NLmOt9ZDV6vyu7r/Uq2LPOJP7/hW4GaFInSmJL1FItJm/soGE20w3f+D+cHDHnIX G79tuE+NaVbDwn5tMv2oHQgWdYqbYHsNb3fmbyotSQH1/o8Umu4X28V8EePKGXuZ qQzu -----END CERTIFICATE-----Generated at Sat Dec 6 10:58:08 2025 by rpki-client