This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f8df2210-8a44-4a91-9d90-ec1a8e884747.roa File: f8df2210-8a44-4a91-9d90-ec1a8e884747.roa (raw, json) Hash identifier: o3JgmFECAriMZ7jqezoPdmnTsjRYfj832r1HFeOGBm0= Subject key identifier: 0E:55:34:81:F1:E6:44:C8:1F:97:61:62:25:C8:98:3D:12:65:7C:7E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 679426AEA0306AC32EEF7BBABC7CEB86CAF3BABF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f8df2210-8a44-4a91-9d90-ec1a8e884747.roa Signing time: Wed 03 Dec 2025 00:00:12 +0000 ROA not before: Wed 03 Dec 2025 00:00:12 +0000 ROA not after: Tue 03 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:800::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:94:26:ae:a0:30:6a:c3:2e:ef:7b:ba:bc:7c:eb:86:ca:f3:ba:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 3 00:00:12 2025 GMT Not After : Mar 3 23:59:59 2026 GMT Subject: serialNumber=e8c15a3fc5597de8022780bd3cb564bf8c5eef060670cc921783584e86a2825b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:86:1a:ff:b8:6d:e3:0c:b2:29:77:56:bd:9e: 93:59:7c:d2:f7:c9:5c:3c:89:78:14:e1:07:89:92: 7f:de:1a:3d:f0:52:a8:3a:c0:28:82:17:0d:7b:d4: ac:8a:96:5b:58:d6:1e:b6:09:79:99:d2:c6:bb:dd: 4d:1d:65:6d:19:0d:d5:54:53:72:b2:e8:c2:78:f1: b7:e4:46:22:43:a7:11:12:98:77:46:a6:1d:03:c0: 52:78:b5:0b:62:b5:a6:f8:00:35:43:b3:22:d3:0a: 2b:8e:e2:99:fb:f3:c9:b3:a5:2a:56:4d:0b:e9:6a: cf:4f:a9:d5:94:15:23:32:e6:e9:17:3a:2f:46:66: c4:ee:56:11:da:b7:89:b1:2a:40:1e:88:f0:9a:1d: 31:6f:24:f9:81:d4:00:0a:26:7f:70:58:74:a6:be: d8:74:6a:71:6c:f8:b6:92:6e:e1:80:3b:f7:24:13: 72:c7:dd:c6:d2:fd:0c:49:56:72:b8:15:5b:30:72: 94:91:4c:36:0e:7d:a2:fd:d2:aa:31:41:d7:ff:d2: 6c:f3:12:45:ee:a3:f4:e1:fa:64:f0:f2:5b:fa:1e: 09:43:78:2c:e4:bf:fe:ca:fc:b1:17:3a:69:23:99: d4:b1:21:db:cd:c8:37:08:8c:16:dc:ac:a4:09:fb: 3b:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:55:34:81:F1:E6:44:C8:1F:97:61:62:25:C8:98:3D:12:65:7C:7E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f8df2210-8a44-4a91-9d90-ec1a8e884747.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:800::/48 Signature Algorithm: sha256WithRSAEncryption 12:d9:48:5d:11:84:67:82:08:6b:2b:3a:3e:66:74:c4:e2:b7: 86:4c:0f:74:d7:f5:a1:2f:24:e3:79:7a:e9:39:c1:fd:0d:1f: 52:30:35:63:ff:1d:66:07:27:e3:64:b3:df:3b:3b:1c:ce:e7: aa:56:ed:d0:bd:04:b3:58:3b:59:8d:47:7e:17:25:0f:9f:83: 38:92:83:cc:50:4d:b6:90:53:68:51:d8:ab:84:bf:9f:5b:da: cb:51:56:24:0d:2b:13:01:72:1b:a6:88:5e:ae:c6:69:49:f8: ed:8a:89:58:c6:78:d8:e6:49:ef:37:a2:f3:ab:d3:9e:44:44: 15:96:06:66:63:4c:fd:ec:d1:44:df:7c:f1:0a:83:28:e3:1b: 7e:fc:3a:f4:a6:7e:6c:c9:91:2f:45:56:dc:69:a1:ef:59:9f: 95:be:42:54:eb:a7:7b:61:08:7e:8c:93:4b:77:04:5a:3c:84: f4:6e:7e:79:41:5f:cd:a8:3d:5a:00:b0:af:8f:2a:4e:4a:09: e0:98:57:70:cc:74:06:ed:61:f3:e1:b9:7a:95:2c:09:18:a4: 4e:b1:77:af:07:c5:ff:2a:15:a0:66:92:f0:2d:7d:76:9b:61: 92:76:81:4b:63:59:f3:a2:4f:8e:30:d5:cf:7c:70:5b:8f:c5: b7:d2:67:95 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZ5QmrqAwasMu73u6vHzrhsrzur8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwMzAwMDAxMloX DTI2MDMwMzIzNTk1OVowejFJMEcGA1UEBRNAZThjMTVhM2ZjNTU5N2RlODAyMjc4 MGJkM2NiNTY0YmY4YzVlZWYwNjA2NzBjYzkyMTc4MzU4NGU4NmEyODI1YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYYa/7ht4wyyKXdWvZ6TWXzS98lc PIl4FOEHiZJ/3ho98FKoOsAoghcNe9SsipZbWNYetgl5mdLGu91NHWVtGQ3VVFNy sujCePG35EYiQ6cREph3RqYdA8BSeLULYrWm+AA1Q7Mi0worjuKZ+/PJs6UqVk0L 6WrPT6nVlBUjMubpFzovRmbE7lYR2reJsSpAHojwmh0xbyT5gdQACiZ/cFh0pr7Y dGpxbPi2km7hgDv3JBNyx93G0v0MSVZyuBVbMHKUkUw2Dn2i/dKqMUHX/9Js8xJF 7qP04fpk8PJb+h4JQ3gs5L/+yvyxFzppI5nUsSHbzcg3CIwW3KykCfs7QQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFA5VNIHx5kTIH5dhYiXImD0SZXx+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y4ZGYyMjEwLThhNDQtNGE5MS05ZDkwLWVjMWE4ZTg4NDc0Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7AgAMA0GCSqGSIb3DQEBCwUAA4IBAQAS2UhdEYRngghrKzo+ ZnTE4reGTA901/WhLyTjeXrpOcH9DR9SMDVj/x1mByfjZLPfOzsczueqVu3QvQSz WDtZjUd+FyUPn4M4koPMUE22kFNoUdirhL+fW9rLUVYkDSsTAXIbpohersZpSfjt iolYxnjY5knvN6Lzq9OeREQVlgZmY0z97NFE33zxCoMo4xt+/Dr0pn5syZEvRVbc aaHvWZ+VvkJU66d7YQh+jJNLdwRaPIT0bn55QV/NqD1aALCvjypOSgngmFdwzHQG 7WHz4bl6lSwJGKROsXevB8X/KhWgZpLwLX12m2GSdoFLY1nzok+OMNXPfHBbj8W3 0meV -----END CERTIFICATE-----Generated at Sat Dec 6 14:20:29 2025 by rpki-client