This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa File: ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa (raw, json) Hash identifier: CbRF/73e6g/6bmAeTKXKr613+MLTyyT39Xfx4iCLCy8= Subject key identifier: 96:3E:99:72:F3:9C:58:1F:6B:05:92:C6:71:2C:71:A4:B5:04:9A:AF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 581B670281C78C3817BE2B836F5A478EA17CEB2F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa Signing time: Sun 30 Nov 2025 00:00:53 +0000 ROA not before: Sun 30 Nov 2025 00:00:53 +0000 ROA not after: Sat 28 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:28c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:1b:67:02:81:c7:8c:38:17:be:2b:83:6f:5a:47:8e:a1:7c:eb:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 30 00:00:53 2025 GMT Not After : Feb 28 23:59:59 2026 GMT Subject: serialNumber=7bceda6149d62ca6cd53958a0bb99bc5d20dddfb5d556a79b1c4a920ee4ba9dd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d9:b7:75:45:ab:71:13:f4:56:a8:00:a5:0b: da:5d:05:fa:2b:6b:97:59:bc:b7:e6:9c:0e:c2:7a: 1e:d9:51:cd:f3:c8:aa:f4:42:a9:1f:bd:07:03:f3: cb:12:ad:be:d3:4c:70:50:f8:13:5d:10:3b:f5:3e: 56:e4:bd:51:e9:f6:3a:2b:da:af:b5:a7:0f:6a:35: cb:f9:c4:71:9b:df:86:97:5e:c0:d8:c3:3c:2f:24: ca:96:b1:0d:2d:74:84:8a:85:06:b8:49:ea:59:e7: a5:4c:a2:b9:83:6d:f1:0f:9c:a2:64:d0:03:22:18: 1c:98:4a:1d:06:e0:aa:45:82:7d:52:47:74:ef:ad: 59:a8:d8:fb:1a:aa:3d:2b:cf:d7:a4:fb:1d:77:71: 8e:99:78:04:83:a5:19:f7:80:c1:2e:ea:5e:15:6b: 90:0d:b6:56:40:6a:fd:d3:a7:39:85:9f:51:98:92: ff:cd:a9:e9:35:b8:05:c5:ca:c9:5f:de:89:2f:99: 70:fd:fa:37:57:8c:a5:d9:16:7b:29:7a:8d:65:12: d7:b9:c6:31:bc:5e:71:9f:a1:66:d9:3c:8b:ad:5e: 0f:0f:bc:ed:6a:38:9b:ee:30:f3:6c:72:ed:29:3f: 2a:bb:2b:e9:31:bb:78:7a:60:de:74:b5:a7:66:36: 66:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:3E:99:72:F3:9C:58:1F:6B:05:92:C6:71:2C:71:A4:B5:04:9A:AF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:28c0::/48 Signature Algorithm: sha256WithRSAEncryption b0:27:25:85:76:ac:db:2d:f1:74:35:8b:54:65:93:39:60:1c: 3a:05:4a:67:d1:7a:83:ad:61:17:33:73:e3:50:5f:30:8e:f6: d7:2a:76:75:d2:e0:47:1e:04:fa:05:3f:86:85:1f:06:8d:17: b5:96:58:16:4f:cd:c9:81:f7:b8:6c:f5:95:ee:25:a6:7b:ab: 22:4f:67:9f:b8:01:85:8d:85:a4:4e:b3:10:2b:e7:c6:b6:95: ab:5c:ec:d5:dc:24:11:87:1e:ba:86:95:ce:c3:e7:3f:6c:1a: 7e:26:a7:5a:02:41:03:59:a0:85:94:f8:34:6d:55:d9:ce:b9: 09:e1:4b:83:47:6e:7f:55:e6:41:91:25:e2:9e:7d:29:d9:3b: 11:00:05:ee:e0:b9:87:9d:50:3e:6c:55:40:87:a7:90:f4:51: d2:0d:c0:b6:00:52:b7:75:19:d4:8d:e1:8f:6d:25:c5:a8:30: ee:d6:34:f6:9c:83:e5:13:e5:f8:6c:e3:9d:81:4f:e0:66:93: 48:e8:ec:37:40:52:3e:f2:a8:50:b6:a9:23:28:ab:6f:4b:6a: 03:e2:4c:61:03:d7:75:fd:8c:77:10:66:f2:71:55:74:2f:a6: d7:93:fd:df:81:c3:23:71:05:d5:94:a4:6e:a7:76:5b:00:65: fe:c3:9d:43 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWBtnAoHHjDgXviuDb1pHjqF86y8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEzMDAwMDA1M1oX DTI2MDIyODIzNTk1OVowejFJMEcGA1UEBRNAN2JjZWRhNjE0OWQ2MmNhNmNkNTM5 NThhMGJiOTliYzVkMjBkZGRmYjVkNTU2YTc5YjFjNGE5MjBlZTRiYTlkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtm3dUWrcRP0VqgApQvaXQX6K2uX Wby35pwOwnoe2VHN88iq9EKpH70HA/PLEq2+00xwUPgTXRA79T5W5L1R6fY6K9qv tacPajXL+cRxm9+Gl17A2MM8LyTKlrENLXSEioUGuEnqWeelTKK5g23xD5yiZNAD IhgcmEodBuCqRYJ9Ukd0761ZqNj7Gqo9K8/XpPsdd3GOmXgEg6UZ94DBLupeFWuQ DbZWQGr906c5hZ9RmJL/zanpNbgFxcrJX96JL5lw/fo3V4yl2RZ7KXqNZRLXucYx vF5xn6Fm2TyLrV4PD7ztajib7jDzbHLtKT8quyvpMbt4emDedLWnZjZmLQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJY+mXLznFgfawWSxnEscaS1BJqvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmN2FlYjliLTRmYzQtNDRlOC1hYTM1LWI5MjY5OGE2YzMzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOCjAMA0GCSqGSIb3DQEBCwUAA4IBAQCwJyWFdqzbLfF0NYtU ZZM5YBw6BUpn0XqDrWEXM3PjUF8wjvbXKnZ10uBHHgT6BT+GhR8GjRe1llgWT83J gfe4bPWV7iWme6siT2efuAGFjYWkTrMQK+fGtpWrXOzV3CQRhx66hpXOw+c/bBp+ JqdaAkEDWaCFlPg0bVXZzrkJ4UuDR25/VeZBkSXinn0p2TsRAAXu4LmHnVA+bFVA h6eQ9FHSDcC2AFK3dRnUjeGPbSXFqDDu1jT2nIPlE+X4bOOdgU/gZpNI6Ow3QFI+ 8qhQtqkjKKtvS2oD4kxhA9d1/Yx3EGbycVV0L6bXk/3fgcMjcQXVlKRup3ZbAGX+ w51D -----END CERTIFICATE-----Generated at Sat Dec 6 10:59:17 2025 by rpki-client