This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa File: f308a076-0e58-4b45-b7b0-474f5484be2e.roa (raw, json) Hash identifier: 78JxRFSiZUtsryOlmQFRdCg+pwtsUysk/nkXFXtU8Fc= Subject key identifier: D1:4E:F6:51:CE:25:4A:19:ED:91:25:C7:83:09:4A:9B:FD:7C:C1:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5AD194AC7628B6582B7179F64E14FD88E0BF3857 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa Signing time: Wed 03 Dec 2025 00:01:29 +0000 ROA not before: Wed 03 Dec 2025 00:01:29 +0000 ROA not after: Tue 03 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:d1:94:ac:76:28:b6:58:2b:71:79:f6:4e:14:fd:88:e0:bf:38:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 3 00:01:29 2025 GMT Not After : Mar 3 23:59:59 2026 GMT Subject: serialNumber=82c8491f1605fa09cbd84d044b203caab019eb29ad4fa33fe16b3ca6781d6222, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:84:38:48:fc:09:06:8b:04:e8:c7:06:37:0b: ea:45:78:1c:ff:53:ce:df:91:e6:5f:98:73:5c:c1: cd:8d:23:9f:63:e6:71:5a:a2:a8:d8:f8:4d:2f:e8: cb:16:ea:d4:22:c4:10:2e:6d:04:cf:08:2f:bc:91: 98:4b:53:3f:d1:3f:07:4f:5e:2b:a4:1f:f0:ce:51: 25:f8:3e:bf:1e:d2:b5:12:42:36:ce:c4:0e:41:de: 34:3a:db:54:90:2d:97:04:d2:77:cb:70:ce:7e:bc: 69:75:1e:12:47:1e:f1:ac:24:f8:35:49:46:cd:b2: 1e:92:05:9a:7f:16:8c:86:04:8a:f7:9f:d1:31:f7: 8e:08:bf:9a:7b:e7:3b:31:1e:ed:b1:ea:67:c1:e3: 10:a0:7f:b3:29:fa:ec:ee:1a:b3:1e:e0:92:8c:f5: 64:3a:b9:d2:ef:1f:4e:f9:0a:57:16:67:d9:09:83: 8f:8e:56:04:f3:8f:dd:17:34:e0:b9:95:78:3a:87: d4:98:a4:0a:99:19:dc:dd:a3:87:94:3d:e1:4d:3f: 1d:86:49:ae:26:ab:c8:79:e8:08:9e:94:5c:48:f4: 13:99:02:1f:35:f2:8a:b6:b0:81:5e:9f:7b:2c:9b: 8c:fe:58:6f:d8:4a:f1:7f:6f:12:59:cf:a7:04:51: 1e:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:4E:F6:51:CE:25:4A:19:ED:91:25:C7:83:09:4A:9B:FD:7C:C1:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:1000::/48 Signature Algorithm: sha256WithRSAEncryption 3a:21:1c:30:5f:7d:98:d7:05:bf:56:e5:87:19:7c:1d:25:ca: be:a1:b7:5c:33:91:3b:76:ad:8b:8b:88:88:98:d1:a1:b1:db: 02:de:72:17:0b:91:cb:b6:8b:bc:02:6c:de:76:3c:4a:39:58: 6a:5f:09:31:c2:26:fe:80:04:a1:4b:6c:47:77:a6:e9:86:46: bf:e4:ab:ae:40:88:82:2b:70:8a:ae:44:63:34:d6:a3:99:e6: bb:1f:7e:e7:a2:0b:9b:15:1f:45:cb:3f:8c:87:c8:0c:a7:b8: a0:f0:c4:34:62:bc:d5:df:68:c5:44:3b:94:a9:db:cd:fc:3e: c9:29:56:8d:ce:00:ae:0b:fd:35:57:fa:e5:ef:3d:a5:1c:cf: 97:ea:81:09:ab:59:72:1c:98:0b:e4:d8:18:40:12:49:67:a0: b8:21:7f:da:d6:5d:bd:22:a0:ed:f7:14:40:29:9f:42:a2:3e: 2e:0b:9f:c0:e9:dd:ae:e8:19:6b:a0:d0:5a:03:d0:73:a1:ea: f4:75:da:60:d9:98:02:1b:e9:bd:0c:d0:2f:28:d5:81:50:bf: ea:1a:c2:11:9d:98:1d:05:a0:ff:7d:9e:7d:17:d2:ba:19:53: 15:f4:d1:2e:bf:ae:4a:1a:ec:9c:88:fd:c6:19:b8:0c:f2:4d: 80:ed:f4:dc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWtGUrHYotlgrcXn2ThT9iOC/OFcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMzAwMDEyOVoX DTI2MDMwMzIzNTk1OVowejFJMEcGA1UEBRNAODJjODQ5MWYxNjA1ZmEwOWNiZDg0 ZDA0NGIyMDNjYWFiMDE5ZWIyOWFkNGZhMzNmZTE2YjNjYTY3ODFkNjIyMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4Q4SPwJBosE6McGNwvqRXgc/1PO 35HmX5hzXMHNjSOfY+ZxWqKo2PhNL+jLFurUIsQQLm0EzwgvvJGYS1M/0T8HT14r pB/wzlEl+D6/HtK1EkI2zsQOQd40OttUkC2XBNJ3y3DOfrxpdR4SRx7xrCT4NUlG zbIekgWafxaMhgSK95/RMfeOCL+ae+c7MR7tsepnweMQoH+zKfrs7hqzHuCSjPVk OrnS7x9O+QpXFmfZCYOPjlYE84/dFzTguZV4OofUmKQKmRnc3aOHlD3hTT8dhkmu JqvIeegInpRcSPQTmQIfNfKKtrCBXp97LJuM/lhv2Erxf28SWc+nBFEezwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNFO9lHOJUoZ7ZElx4MJSpv9fMGcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzMDhhMDc2LTBlNTgtNGI0NS1iN2IwLTQ3NGY1NDg0YmUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7BAAMA0GCSqGSIb3DQEBCwUAA4IBAQA6IRwwX32Y1wW/VuWH GXwdJcq+obdcM5E7dq2Li4iImNGhsdsC3nIXC5HLtou8AmzedjxKOVhqXwkxwib+ gAShS2xHd6bphka/5KuuQIiCK3CKrkRjNNajmea7H37nogubFR9Fyz+Mh8gMp7ig 8MQ0YrzV32jFRDuUqdvN/D7JKVaNzgCuC/01V/rl7z2lHM+X6oEJq1lyHJgL5NgY QBJJZ6C4IX/a1l29IqDt9xRAKZ9Coj4uC5/A6d2u6BlroNBaA9Bzoer0ddpg2ZgC G+m9DNAvKNWBUL/qGsIRnZgdBaD/fZ59F9K6GVMV9NEuv65KGuyciP3GGbgM8k2A 7fTc -----END CERTIFICATE-----Generated at Sat Dec 6 10:57:49 2025 by rpki-client