This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa File: fb17f286-f77e-445f-a084-0fef8b29ef6e.roa (raw, json) Hash identifier: d0c6sVx4ITrM+Ja1AT3WT0tMB0vFhEC/2C1ErzEEtt4= Subject key identifier: 29:E1:AB:EE:57:8B:18:57:B5:D4:82:67:79:C8:88:D3:E2:6E:D6:A5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 34861443F6C92672B86FBD0249861D563CAC5B48 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa Signing time: Sat 06 Dec 2025 00:00:33 +0000 ROA not before: Sat 06 Dec 2025 00:00:33 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:86:14:43:f6:c9:26:72:b8:6f:bd:02:49:86:1d:56:3c:ac:5b:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 6 00:00:33 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=8357765664c3feea0cd268ed91ff0eef0d9b3d9993f294f1458280688c4f95f4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:3a:17:99:e5:3a:f5:18:65:c7:26:e7:96:33: ac:ed:b7:a9:34:95:88:98:61:65:03:4a:3f:d2:f8: d9:4b:25:14:f3:84:3f:b2:d0:f4:7f:2f:4f:34:47: 49:73:75:46:7a:bf:e2:71:35:6b:38:8e:54:f6:98: 9f:d8:9c:5a:48:78:8e:4e:60:23:b3:e5:97:f5:b7: d6:ae:90:f3:61:ea:4c:95:60:78:b7:c5:1b:31:6d: 9e:0f:61:88:01:16:71:d2:d1:e6:e5:ae:da:91:ed: b0:92:1e:14:56:be:01:5b:9b:17:91:09:98:df:21: 2b:35:e8:b2:aa:87:97:79:e5:38:7f:cb:81:55:c9: 46:6e:32:10:90:39:8f:fb:5f:a5:28:fe:e8:0f:88: cb:36:1c:36:e9:9b:fb:6b:8d:6d:08:d5:1f:0e:25: 66:41:77:f7:41:ac:5c:ac:cd:03:1d:fc:eb:d9:2b: b1:35:0e:14:c4:31:de:f7:7b:05:bd:cf:b5:56:2f: 74:72:4e:7a:70:4f:25:3d:bd:be:fe:42:72:72:a3: d9:6c:de:17:79:d8:7a:49:5e:56:8d:d4:8e:94:d0: 76:0a:af:cf:a4:ec:29:0a:a0:2b:1e:a3:14:e7:a1: 6d:87:30:b7:d7:e5:56:6c:93:45:ca:02:fa:4d:a9: 3c:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:E1:AB:EE:57:8B:18:57:B5:D4:82:67:79:C8:88:D3:E2:6E:D6:A5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:800::/40 Signature Algorithm: sha256WithRSAEncryption ac:3f:ad:09:c1:1e:51:5a:75:15:63:8a:98:2b:b7:74:7e:03: 23:85:ff:bd:22:63:6f:9e:10:23:6a:ac:c1:c0:a2:32:53:f6: 10:29:79:c2:4d:44:be:b9:56:3f:e4:b1:46:4a:8b:37:6d:ff: 6f:d4:87:27:f8:4a:b9:a7:cc:e4:e6:d9:42:a3:8c:9c:f5:80: 89:13:70:9a:8c:51:4d:ed:3a:cc:90:38:d9:3d:be:cb:4a:18: bf:62:e6:c5:4e:41:61:94:75:af:14:ad:24:7e:aa:5c:c8:53: 7d:c8:2e:30:a1:d2:e4:46:cc:94:f0:b3:0d:74:4b:33:07:b3: 0d:e7:92:74:82:21:ed:d0:8e:a8:3c:57:2b:61:d5:0c:bc:1a: 0f:73:24:fb:6c:f0:5c:40:df:83:14:24:86:58:3d:98:22:82: 57:85:55:33:c3:0a:0b:5c:88:b7:ce:d9:ae:bc:98:58:a7:c6: 44:be:df:4c:68:b3:a9:36:90:98:77:7f:c1:79:d5:16:93:7b: 4a:bf:05:c5:40:85:71:c1:ff:a0:d9:1a:62:30:b0:99:3d:db: 03:c9:a4:93:f4:18:3f:9a:72:dd:7e:3c:c2:ff:ff:68:2a:6e: 30:ee:0c:28:3a:81:29:3b:43:c2:e9:31:25:56:ab:9c:ca:a8: b6:8b:24:a0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNIYUQ/bJJnK4b70CSYYdVjysW0gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwNjAwMDAzM1oX DTI2MDMwNjIzNTk1OVowejFJMEcGA1UEBRNAODM1Nzc2NTY2NGMzZmVlYTBjZDI2 OGVkOTFmZjBlZWYwZDliM2Q5OTkzZjI5NGYxNDU4MjgwNjg4YzRmOTVmNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDoXmeU69RhlxybnljOs7bepNJWI mGFlA0o/0vjZSyUU84Q/stD0fy9PNEdJc3VGer/icTVrOI5U9pif2JxaSHiOTmAj s+WX9bfWrpDzYepMlWB4t8UbMW2eD2GIARZx0tHm5a7ake2wkh4UVr4BW5sXkQmY 3yErNeiyqoeXeeU4f8uBVclGbjIQkDmP+1+lKP7oD4jLNhw26Zv7a41tCNUfDiVm QXf3QaxcrM0DHfzr2SuxNQ4UxDHe93sFvc+1Vi90ck56cE8lPb2+/kJycqPZbN4X edh6SV5WjdSOlNB2Cq/PpOwpCqArHqMU56FthzC31+VWbJNFygL6Tak8kwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCnhq+5XixhXtdSCZ3nIiNPibtalMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiMTdmMjg2LWY3N2UtNDQ1Zi1hMDg0LTBmZWY4YjI5ZWY2ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauAgwDQYJKoZIhvcNAQELBQADggEBAKw/rQnBHlFadRVjipgr t3R+AyOF/70iY2+eECNqrMHAojJT9hApecJNRL65Vj/ksUZKizdt/2/Uhyf4Srmn zOTm2UKjjJz1gIkTcJqMUU3tOsyQONk9vstKGL9i5sVOQWGUda8UrSR+qlzIU33I LjCh0uRGzJTwsw10SzMHsw3nknSCIe3Qjqg8Vyth1Qy8Gg9zJPts8FxA34MUJIZY PZgigleFVTPDCgtciLfO2a68mFinxkS+30xos6k2kJh3f8F51RaTe0q/BcVAhXHB /6DZGmIwsJk92wPJpJP0GD+act1+PML//2gqbjDuDCg6gSk7Q8LpMSVWq5zKqLaL JKA= -----END CERTIFICATE-----Generated at Sat Dec 6 10:57:47 2025 by rpki-client