This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa File: 0ae05889-eb6d-414c-88e9-bc293171f532.roa (raw, json) Hash identifier: cwXpeh2KZpQyS0oBN8wCwN3ybxrGUnLSNlQLRjXFwvg= Subject key identifier: 1F:80:A8:89:3E:17:DE:7D:E6:BD:E0:36:DA:89:D1:D5:DA:4F:A1:E5 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7134243C8B64A1E05614E51E13A1B1E21E0B521C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa Signing time: Sat 06 Dec 2025 00:10:06 +0000 ROA not before: Sat 06 Dec 2025 00:10:06 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:34:24:3c:8b:64:a1:e0:56:14:e5:1e:13:a1:b1:e2:1e:0b:52:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 6 00:10:06 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=ddfaf1bb4319af1ed16d810cb500f6f272291e26ed075f1ded27f2c5b5442a64, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:17:b5:f2:0b:81:7e:b8:a3:7e:a4:75:85:02: d2:a7:e9:aa:b3:1f:68:83:d8:69:25:05:c5:de:fe: 20:0a:8d:6a:11:98:dc:bf:3f:5f:1a:0a:ac:6c:36: 5d:ec:ac:f2:e8:90:b6:7d:bf:46:2c:01:f3:62:8f: b3:88:73:74:ce:fd:c2:36:3c:64:48:8e:f5:14:ae: 96:90:76:87:e5:e2:5a:d0:d7:60:f8:0a:e1:04:7c: 75:2e:bc:98:32:8e:9b:5b:f8:fe:53:69:57:b3:4a: 29:5f:be:80:ab:4b:73:0e:ef:bb:28:0e:e5:01:d9: 41:28:4a:5e:25:b2:21:2c:e3:31:c7:dd:1b:a4:77: 71:4c:d7:5d:1f:27:6b:a4:0c:ae:71:f8:4c:3a:7c: df:c4:63:a9:db:20:64:61:4d:b3:d6:03:87:a6:5a: 0c:ea:da:22:0b:eb:04:8a:ac:a6:85:b9:5c:76:1b: f3:17:1b:51:8f:d0:fe:b9:70:bd:e5:e5:33:e0:b9: 63:ca:97:cb:f2:f6:d1:ab:8d:44:fe:35:c6:ca:90: 92:ef:a0:bf:22:a6:4a:bd:de:53:3b:8b:73:17:d1: 7a:a9:68:c2:41:6f:a9:50:6e:c3:14:b6:36:92:46: 83:cc:1d:59:27:3e:94:97:53:62:84:f9:6f:c6:a3: 6a:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:80:A8:89:3E:17:DE:7D:E6:BD:E0:36:DA:89:D1:D5:DA:4F:A1:E5 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:4000::/40 Signature Algorithm: sha256WithRSAEncryption a8:a7:3e:64:72:fd:54:4a:bb:cd:f1:50:5e:61:62:e9:bb:cd: 6d:8f:5a:ab:59:f2:4b:04:95:67:4b:0c:62:58:31:a6:3f:3d: d8:bb:2e:bf:0a:af:0d:1d:7d:bf:b7:26:33:d6:df:66:bc:55: 6e:ea:78:7b:49:49:48:39:70:26:39:45:57:e8:be:23:e8:03: 0a:26:c8:ed:d6:9e:a2:8b:d6:79:f2:7b:5e:c0:b3:dd:ed:a1: d9:8b:2c:af:2f:d4:be:be:f0:2e:8d:d9:b6:08:f4:35:fd:fd: bc:d5:cf:8d:47:75:fd:b2:f5:10:f9:8c:59:1c:31:18:f9:23: 67:26:2d:be:7e:fe:2c:cd:de:c9:27:39:bc:8c:0c:d1:59:f1: 4e:7a:f3:51:ec:59:b5:0f:3b:57:f1:4e:6e:6e:05:0f:5a:e8: da:2e:b2:8c:dd:dd:76:05:49:1f:39:46:74:87:9e:5e:f8:4a: 44:0d:c3:12:fa:38:4b:c6:ba:e9:4a:31:8b:4a:a9:21:e2:fc: 6b:b1:76:ad:11:9f:69:f0:cd:81:7b:1d:88:0c:66:b5:cc:80: 11:3c:79:32:cd:35:16:27:b8:fa:b3:5e:6e:1c:62:18:d6:4e: 2d:1e:4d:b7:44:89:77:bb:c7:1f:1f:60:5c:e3:cf:78:18:d5: a4:70:bb:5f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcTQkPItkoeBWFOUeE6Gx4h4LUhwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNjAwMTAwNloX DTI2MDMwNjIzNTk1OVowejFJMEcGA1UEBRNAZGRmYWYxYmI0MzE5YWYxZWQxNmQ4 MTBjYjUwMGY2ZjI3MjI5MWUyNmVkMDc1ZjFkZWQyN2YyYzViNTQ0MmE2NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhe18guBfrijfqR1hQLSp+mqsx9o g9hpJQXF3v4gCo1qEZjcvz9fGgqsbDZd7Kzy6JC2fb9GLAHzYo+ziHN0zv3CNjxk SI71FK6WkHaH5eJa0Ndg+ArhBHx1LryYMo6bW/j+U2lXs0opX76Aq0tzDu+7KA7l AdlBKEpeJbIhLOMxx90bpHdxTNddHydrpAyucfhMOnzfxGOp2yBkYU2z1gOHploM 6toiC+sEiqymhblcdhvzFxtRj9D+uXC95eUz4LljypfL8vbRq41E/jXGypCS76C/ IqZKvd5TO4tzF9F6qWjCQW+pUG7DFLY2kkaDzB1ZJz6Ul1NihPlvxqNquQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB+AqIk+F9595r3gNtqJ0dXaT6HlMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBhZTA1ODg5LWViNmQtNDE0Yy04OGU5LWJjMjkzMTcxZjUzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+UAwDQYJKoZIhvcNAQELBQADggEBAKinPmRy/VRKu83xUF5h Yum7zW2PWqtZ8ksElWdLDGJYMaY/Pdi7Lr8Krw0dfb+3JjPW32a8VW7qeHtJSUg5 cCY5RVfoviPoAwomyO3WnqKL1nnye17As93todmLLK8v1L6+8C6N2bYI9DX9/bzV z41Hdf2y9RD5jFkcMRj5I2cmLb5+/izN3sknObyMDNFZ8U5681HsWbUPO1fxTm5u BQ9a6Nousozd3XYFSR85RnSHnl74SkQNwxL6OEvGuulKMYtKqSHi/Guxdq0Rn2nw zYF7HYgMZrXMgBE8eTLNNRYnuPqzXm4cYhjWTi0eTbdEiXe7xx8fYFzjz3gY1aRw u18= -----END CERTIFICATE-----Generated at Sat Dec 6 14:42:19 2025 by rpki-client