This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: mnMvQYdAbSRRbDZHXyfM/f8XdM80z72GugupasAKoQg= Subject key identifier: AA:6D:95:47:CA:C4:1C:64:D8:F5:1E:05:9E:E8:67:7F:98:65:7A:90 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 49E4F3492192AD9DCEAD0EC8ECFE6D54D4DB3398 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Fri 05 Dec 2025 00:00:36 +0000 ROA not before: Fri 05 Dec 2025 00:00:36 +0000 ROA not after: Thu 05 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:00:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:e4:f3:49:21:92:ad:9d:ce:ad:0e:c8:ec:fe:6d:54:d4:db:33:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Dec 5 00:00:36 2025 GMT Not After : Mar 5 23:59:59 2026 GMT Subject: serialNumber=b7d356ff14c365f0c2395a62fcc34daf78961158473444a287e2dbbed1a9c33b, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:1c:93:f7:12:57:36:a1:dd:05:c0:f9:ab:2c: 51:21:d5:bd:a2:40:2e:2a:b3:db:3e:55:70:f6:5e: 51:69:e7:6c:e6:55:fc:f8:57:7e:50:ce:f6:cd:22: 6a:18:f4:d5:ce:e7:24:22:35:0c:d3:27:61:54:66: 17:7e:a6:af:82:ae:7c:b9:8b:5a:6e:99:0b:7c:fd: 19:c3:e8:94:9d:bd:02:1d:a7:b2:8a:09:92:be:45: d3:4c:af:38:80:07:da:71:6f:38:dc:b6:7b:c8:5e: fa:40:f9:7e:f1:c4:e7:38:0d:37:c3:d8:de:00:68: 65:a8:61:5a:5f:ef:02:34:25:40:d8:be:15:2f:d7: 7d:d8:74:4a:d1:7e:0e:08:75:ee:88:f2:02:ac:88: d0:1c:01:88:dc:48:63:eb:16:26:52:b7:0b:4a:c4: cc:5d:cf:08:b6:f6:b5:3f:ad:3e:0d:d9:9a:63:04: e9:97:72:8b:47:d5:53:e5:20:d7:10:8a:4b:97:88: 89:81:3a:87:dd:34:c9:48:0b:fa:82:6a:23:c7:c9: af:95:e7:dd:79:b3:02:21:92:23:66:6c:72:3e:2a: 86:60:a9:6a:cc:d2:34:87:35:61:6a:d0:42:75:9e: 3a:96:4a:e5:1b:43:a4:7f:36:5a:ac:f2:be:81:42: 63:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:6D:95:47:CA:C4:1C:64:D8:F5:1E:05:9E:E8:67:7F:98:65:7A:90 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption a5:30:9c:fd:37:1b:ee:b9:ce:37:8b:19:4d:8d:15:07:b6:e7: 6b:86:a8:ad:26:bb:b6:68:b5:38:c3:25:1c:03:7d:79:4f:66: 29:2b:64:35:c5:03:1b:04:40:21:4d:9e:e3:5a:16:ca:89:47: b9:90:75:83:e5:89:3d:1b:fd:ae:f6:db:89:36:e5:cf:a3:ac: 32:06:1e:5e:19:61:74:74:fa:9b:aa:72:b2:22:25:64:36:4e: de:1f:dd:80:a6:59:7b:a8:6c:c4:f3:a8:7b:40:5f:16:d1:5b: 43:91:83:ef:59:5d:22:1d:94:67:2f:4a:bc:85:c4:6e:f5:50: 0f:7d:51:4f:8b:25:5f:9e:24:ae:1c:b0:2c:93:14:ec:68:30: c9:19:48:6e:d9:b7:eb:7b:cc:b4:f2:ef:b2:56:7d:2f:4c:da: 17:8a:39:fd:c8:93:11:24:0e:ac:5a:73:71:92:d2:75:a9:56: 8d:b8:a7:41:41:72:11:a0:4e:d1:c3:35:89:c4:69:5f:3f:18: 31:2f:02:27:10:d2:db:bf:4e:97:a4:82:c1:8c:36:53:61:88: 8f:f6:59:2e:d0:eb:1a:d3:7f:3d:7c:53:15:33:86:e3:6b:b9: c6:2f:d3:6a:13:a7:f5:ff:a8:26:64:d9:17:c9:6e:68:3f:b7: df:8d:d8:d9 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSeTzSSGSrZ3OrQ7I7P5tVNTbM5gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTIwNTAwMDAzNloX DTI2MDMwNTIzNTk1OVowejFJMEcGA1UEBRNAYjdkMzU2ZmYxNGMzNjVmMGMyMzk1 YTYyZmNjMzRkYWY3ODk2MTE1ODQ3MzQ0NGEyODdlMmRiYmVkMWE5YzMzYjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RyT9xJXNqHdBcD5qyxRIdW9okAu KrPbPlVw9l5Raeds5lX8+Fd+UM72zSJqGPTVzuckIjUM0ydhVGYXfqavgq58uYta bpkLfP0Zw+iUnb0CHaeyigmSvkXTTK84gAfacW843LZ7yF76QPl+8cTnOA03w9je AGhlqGFaX+8CNCVA2L4VL9d92HRK0X4OCHXuiPICrIjQHAGI3Ehj6xYmUrcLSsTM Xc8Itva1P60+DdmaYwTpl3KLR9VT5SDXEIpLl4iJgTqH3TTJSAv6gmojx8mvlefd ebMCIZIjZmxyPiqGYKlqzNI0hzVhatBCdZ46lkrlG0OkfzZarPK+gUJj7QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKptlUfKxBxk2PUeBZ7oZ3+YZXqQMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQClMJz9Nxvuuc43ixlNjRUH tudrhqitJru2aLU4wyUcA315T2YpK2Q1xQMbBEAhTZ7jWhbKiUe5kHWD5Yk9G/2u 9tuJNuXPo6wyBh5eGWF0dPqbqnKyIiVkNk7eH92Apll7qGzE86h7QF8W0VtDkYPv WV0iHZRnL0q8hcRu9VAPfVFPiyVfniSuHLAskxTsaDDJGUhu2bfre8y08u+yVn0v TNoXijn9yJMRJA6sWnNxktJ1qVaNuKdBQXIRoE7RwzWJxGlfPxgxLwInENLbv06X pILBjDZTYYiP9lku0Osa0389fFMVM4bja7nGL9NqE6f1/6gmZNkXyW5oP7ffjdjZ -----END CERTIFICATE-----Generated at Sat Dec 6 23:35:16 2025 by rpki-client