This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa File: 018dea0d-42eb-4d58-8914-636d25ca3b3c.roa (raw, json) Hash identifier: rOHRjbuO7Hy8Ko9nb8Xpc6Saw20VIu6KULwXvpCtrcM= Subject key identifier: B7:88:61:7F:AD:4F:A5:AF:1B:AF:D1:73:4D:90:AA:07:4C:80:83:62 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 36F246A9C834DFA78821D9315C7281B817AE7694 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa Signing time: Wed 12 Nov 2025 00:00:09 +0000 ROA not before: Wed 12 Nov 2025 00:00:09 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:f2:46:a9:c8:34:df:a7:88:21:d9:31:5c:72:81:b8:17:ae:76:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:09 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=7c4da2fedfb2292f9e0f0148bb5b213f7ef00464358d62827e513091f6bb3f08, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:48:49:d8:14:fd:ca:a9:1a:89:21:be:c6:a1: a9:79:1d:f2:2d:fd:21:d1:8f:8e:76:06:44:ca:2b: a0:8e:7f:e1:dc:7c:08:52:71:77:71:1e:60:73:17: 3b:78:77:0e:dd:11:a0:a8:32:86:1d:c0:97:74:16: 18:18:ae:83:6f:73:1e:38:88:f3:20:b9:4a:76:dc: eb:4e:f2:a9:43:3e:4d:cd:aa:06:a6:5f:55:44:ca: 94:32:6f:ee:91:68:46:ce:59:66:41:28:9f:29:79: d7:c4:42:15:13:47:8f:20:96:c4:06:35:2a:e6:6a: 56:bf:92:b0:5a:26:40:2a:be:ec:ae:fc:1c:4c:17: 40:00:9d:a6:d8:2a:e4:52:95:43:14:fe:d7:c5:ad: 37:b6:8a:ee:55:41:70:30:7b:08:5b:d9:2d:0a:be: 8a:4c:71:db:ef:41:48:3a:b8:07:b1:73:46:e9:5e: e7:d5:c4:4c:4e:98:31:33:c0:ee:7d:be:2b:15:25: 74:ae:f4:24:07:2d:fc:4f:c9:47:00:8f:0f:ae:30: 79:c5:d1:a6:75:4d:05:7c:e1:3d:da:b7:0a:89:68: e1:c3:5e:32:84:e9:c9:52:25:88:c6:c2:1d:42:08: c1:c3:ed:58:55:7f:14:7a:99:3d:6e:04:f5:11:18: 16:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:88:61:7F:AD:4F:A5:AF:1B:AF:D1:73:4D:90:AA:07:4C:80:83:62 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:800::/38 Signature Algorithm: sha256WithRSAEncryption 1f:fd:eb:39:1a:2b:dc:8c:d3:c6:9d:2d:b4:26:d1:75:bc:42: 96:fd:35:b0:3b:c0:fd:70:5e:7f:3b:8b:04:b7:8d:7c:a3:4d: 5c:76:05:f6:5c:6f:7c:f9:de:07:75:a2:45:a6:eb:3f:1f:e4: 7e:bf:47:ea:ab:8a:8b:bf:95:c7:b4:07:fd:e6:0d:42:6e:8a: 1c:49:bd:78:c2:a8:db:72:a0:ef:fe:19:0c:d5:9e:b1:99:f8: 57:d5:d7:c6:f8:c0:58:ec:51:9b:1d:7b:ad:af:81:79:e4:f5: 38:b3:17:ee:9f:82:1a:11:33:32:c5:7a:26:cf:45:4c:fc:7c: e7:d6:20:32:3f:d3:74:4e:40:25:6e:0d:6c:8a:91:5a:d5:7b: e7:8b:8c:b3:a6:d8:85:b4:69:a2:8d:32:bb:7e:d7:7f:04:25: 92:cb:d2:7c:e8:79:7a:92:1b:fa:ae:cf:8e:c5:ea:e6:35:0e: 74:ef:af:71:e1:b5:ae:c0:04:82:c2:0d:d9:d0:1e:bb:20:85: f8:93:19:18:c4:b7:de:2d:f8:eb:36:c1:14:78:f5:e9:66:f1: 49:05:43:63:c6:40:1f:b6:dd:9f:05:23:1e:1a:cb:29:29:c6: f7:db:c0:95:00:c4:56:1a:80:35:28:fb:b8:d1:b6:41:8e:11: dc:03:bf:81 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNvJGqcg036eIIdkxXHKBuBeudpQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDAwOVoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAN2M0ZGEyZmVkZmIyMjkyZjllMGYw MTQ4YmI1YjIxM2Y3ZWYwMDQ2NDM1OGQ2MjgyN2U1MTMwOTFmNmJiM2YwODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkhJ2BT9yqkaiSG+xqGpeR3yLf0h 0Y+OdgZEyiugjn/h3HwIUnF3cR5gcxc7eHcO3RGgqDKGHcCXdBYYGK6Db3MeOIjz ILlKdtzrTvKpQz5NzaoGpl9VRMqUMm/ukWhGzllmQSifKXnXxEIVE0ePIJbEBjUq 5mpWv5KwWiZAKr7srvwcTBdAAJ2m2CrkUpVDFP7Xxa03toruVUFwMHsIW9ktCr6K THHb70FIOrgHsXNG6V7n1cRMTpgxM8Dufb4rFSV0rvQkBy38T8lHAI8PrjB5xdGm dU0FfOE92rcKiWjhw14yhOnJUiWIxsIdQgjBw+1YVX8Uepk9bgT1ERgWzwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLeIYX+tT6WvG6/Rc02QqgdMgINiMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzAxOGRlYTBkLTQyZWItNGQ1OC04OTE0LTYzNmQyNWNhM2IzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAgwDQYJKoZIhvcNAQELBQADggEBAB/96zkaK9yM08adLbQm 0XW8Qpb9NbA7wP1wXn87iwS3jXyjTVx2BfZcb3z53gd1okWm6z8f5H6/R+qriou/ lce0B/3mDUJuihxJvXjCqNtyoO/+GQzVnrGZ+FfV18b4wFjsUZsde62vgXnk9Tiz F+6fghoRMzLFeibPRUz8fOfWIDI/03ROQCVuDWyKkVrVe+eLjLOm2IW0aaKNMrt+ 138EJZLL0nzoeXqSG/quz47F6uY1DnTvr3Hhta7ABILCDdnQHrsghfiTGRjEt94t +Os2wRR49elm8UkFQ2PGQB+23Z8FIx4ayykpxvfbwJUAxFYagDUo+7jRtkGOEdwD v4E= -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:38 2025 by rpki-client