This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa File: f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa (raw, json) Hash identifier: 2NYEniH9VbJlXApTnBLgnMaqvtchKdqTXjuFqatl4XY= Subject key identifier: BC:11:8D:65:7D:62:04:DA:DB:B8:EB:E8:12:E1:B6:DF:72:E1:FA:3F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5F95CEA0DA730E62C602B203CD5B43B1C8C75E2B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa Signing time: Tue 02 Dec 2025 00:20:05 +0000 ROA not before: Tue 02 Dec 2025 00:20:05 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:95:ce:a0:da:73:0e:62:c6:02:b2:03:cd:5b:43:b1:c8:c7:5e:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 2 00:20:05 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=282a7e50641685eb5085ed2b53b1a63e2b64107aaf0d25dd78d023ad7aa0ad2b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1f:f9:a7:51:8d:92:4a:1d:1d:9b:7d:52:03: 23:c9:a4:60:72:dd:80:ad:0a:f1:8b:89:d0:a9:fd: e5:9f:03:85:e9:da:b9:e4:b9:02:91:66:c9:64:33: 36:91:f7:68:6b:31:6b:9d:a5:a6:85:fb:cd:71:f2: dd:6a:53:19:18:5a:65:12:08:7d:16:77:f7:6d:3d: 65:5b:4f:b2:16:6b:66:ad:22:94:26:26:4f:24:f8: 90:66:90:0c:5e:b0:80:d3:f7:a7:b7:70:8e:da:05: 6f:22:90:a2:8f:c3:a7:09:15:b2:60:68:12:e0:e4: 55:51:2e:53:48:f4:a4:b4:df:b0:6f:6b:56:59:89: 2c:28:ea:ed:a7:33:65:91:2d:a5:f6:44:7b:ac:b1: 2b:94:ee:72:30:4a:96:98:39:af:4d:e0:ea:24:95: 3d:6d:71:10:e4:6c:0e:c3:2e:cf:a2:7b:4f:cc:bb: 4c:11:ef:f9:af:68:f4:e6:bb:b4:6b:c2:ec:13:80: 19:ef:ee:6c:25:e3:9c:22:aa:2e:e3:b1:9d:dd:ec: 71:87:d2:77:ef:15:fc:57:f6:5d:53:6b:55:1f:b6: 25:b3:e8:0a:1a:dd:52:94:a1:70:d0:67:93:53:af: a5:f2:ae:be:0d:ee:a2:37:ec:ea:3c:47:08:a3:4f: a8:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:11:8D:65:7D:62:04:DA:DB:B8:EB:E8:12:E1:B6:DF:72:E1:FA:3F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2020::/48 Signature Algorithm: sha256WithRSAEncryption a6:15:8d:8c:6d:95:78:81:89:91:3f:31:f7:21:6b:1f:7c:61: f2:06:e8:b4:0c:0b:92:d4:43:56:56:41:e9:7c:cd:d4:98:61: 23:63:d1:68:ed:4a:ca:9e:35:a3:27:8b:ad:c9:06:2c:63:c2: 45:a1:f5:8c:2e:80:c2:5e:ef:dc:e7:d7:7b:8f:58:46:12:c1: 07:2c:04:db:da:f1:f8:9e:8f:d6:28:75:92:97:3a:59:48:2e: f8:b2:ae:70:b0:62:9a:59:71:f9:7b:f7:3f:c7:fe:fa:4d:45: 87:ac:e8:87:43:4f:60:18:89:2f:dd:0a:17:cd:3e:53:2f:69: 8d:22:5a:2e:9f:a9:95:3c:e3:cb:5b:aa:d5:81:37:d8:33:75: 13:5d:af:6e:c9:b0:6a:6b:a7:9d:2a:eb:e7:34:1e:98:da:2f: 2a:b3:d9:51:6a:5d:51:71:8d:c2:02:18:13:f3:5e:ec:3b:70: aa:f8:c7:0e:01:57:a1:95:22:55:fd:17:2a:6d:48:f6:03:3a: e5:61:e4:3d:92:bd:e4:1f:ef:7c:f4:63:59:50:8a:6b:30:88: f2:0a:54:84:fc:f2:df:b9:7f:19:65:f9:dd:84:b1:ec:74:7e: b5:a7:3c:e3:fa:ae:13:ea:c7:9f:40:b8:f4:98:e8:df:45:0f: 80:26:da:6f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUX5XOoNpzDmLGArIDzVtDscjHXiswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMjAwMjAwNVoX DTI2MDMwMjIzNTk1OVowejFJMEcGA1UEBRNAMjgyYTdlNTA2NDE2ODVlYjUwODVl ZDJiNTNiMWE2M2UyYjY0MTA3YWFmMGQyNWRkNzhkMDIzYWQ3YWEwYWQyYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx/5p1GNkkodHZt9UgMjyaRgct2A rQrxi4nQqf3lnwOF6dq55LkCkWbJZDM2kfdoazFrnaWmhfvNcfLdalMZGFplEgh9 Fnf3bT1lW0+yFmtmrSKUJiZPJPiQZpAMXrCA0/ent3CO2gVvIpCij8OnCRWyYGgS 4ORVUS5TSPSktN+wb2tWWYksKOrtpzNlkS2l9kR7rLErlO5yMEqWmDmvTeDqJJU9 bXEQ5GwOwy7PontPzLtMEe/5r2j05ru0a8LsE4AZ7+5sJeOcIqou47Gd3exxh9J3 7xX8V/ZdU2tVH7Yls+gKGt1SlKFw0GeTU6+l8q6+De6iN+zqPEcIo0+oVQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLwRjWV9YgTa27jr6BLhtt9y4fo/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzYmEzMjUxLWE1MDItNGNmOC05YmM1LTQ0OWIxMzc2YmUwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSAgMA0GCSqGSIb3DQEBCwUAA4IBAQCmFY2MbZV4gYmRPzH3 IWsffGHyBui0DAuS1ENWVkHpfM3UmGEjY9Fo7UrKnjWjJ4utyQYsY8JFofWMLoDC Xu/c59d7j1hGEsEHLATb2vH4no/WKHWSlzpZSC74sq5wsGKaWXH5e/c/x/76TUWH rOiHQ09gGIkv3QoXzT5TL2mNIloun6mVPOPLW6rVgTfYM3UTXa9uybBqa6edKuvn NB6Y2i8qs9lRal1RcY3CAhgT817sO3Cq+McOAVehlSJV/RcqbUj2AzrlYeQ9kr3k H+989GNZUIprMIjyClSE/PLfuX8ZZfndhLHsdH61pzzj+q4T6sefQLj0mOjfRQ+A Jtpv -----END CERTIFICATE-----Generated at Sat Dec 6 12:06:32 2025 by rpki-client