This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa File: 205af9d8-3799-4d38-b1fb-da840e362ff1.roa (raw, json) Hash identifier: 1CmYpE+ak58Qjs5uHUXmqVAtng2HYCHp2VMqCnJBRGA= Subject key identifier: 31:51:81:E8:7F:03:F0:85:94:50:EE:29:43:E8:28:6D:7D:AA:1C:9A Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 275A0DE2A8D176F1DB9BABBE98CF4055834D8D1D Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa Signing time: Wed 12 Nov 2025 00:00:51 +0000 ROA not before: Wed 12 Nov 2025 00:00:51 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:5a:0d:e2:a8:d1:76:f1:db:9b:ab:be:98:cf:40:55:83:4d:8d:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:51 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=a5389b7992abb9c7efd3ae26b00a909b0eb2a0dad9cc837e26d73d523967e122, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:6f:fc:26:87:c9:f1:82:f6:0b:bd:73:5c:09: 1e:a1:27:c4:68:f3:82:e8:2e:a2:9d:8e:f1:b3:f2: f0:7a:fc:02:6e:89:c6:cb:10:b5:cf:e3:8d:5a:c4: e1:0f:eb:13:23:06:12:4b:2a:e7:45:b7:75:8b:e3: cb:fd:80:c8:d3:33:ba:5b:f5:0e:16:82:21:ff:e4: ff:13:f6:87:27:b3:45:02:42:01:5c:4b:e6:fd:41: 7c:68:54:c9:b4:e6:11:bc:aa:79:2b:88:27:68:d3: 9f:34:09:bc:48:1e:41:b4:10:00:68:49:63:ef:02: 04:c8:32:a7:7f:df:35:67:57:b5:56:bb:a0:db:9a: 31:3d:cc:ff:72:6c:7e:ba:c6:23:a6:74:bf:90:90: 98:7c:8c:95:3c:8d:a3:b6:06:b0:21:69:1e:8b:d9: 40:74:84:08:4a:6f:bd:b2:44:43:16:8c:d9:e0:7e: 8a:4c:63:2d:1c:c6:0f:f8:6c:b4:cb:23:1d:90:32: 2f:ce:76:64:d6:bc:a7:51:2a:ae:06:67:41:c0:c1: a3:d0:6d:d8:80:5b:c4:37:21:54:a1:bc:e4:ad:7a: 91:bb:8b:80:cd:6c:60:80:d2:ca:e2:a6:b8:ca:1b: 56:f6:e0:86:3a:75:f2:16:9f:66:00:4c:bb:a8:c1: bc:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:51:81:E8:7F:03:F0:85:94:50:EE:29:43:E8:28:6D:7D:AA:1C:9A X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/36 Signature Algorithm: sha256WithRSAEncryption 99:25:cc:34:2f:a5:f2:7c:6a:be:b8:b1:e8:31:38:f5:59:34: 4d:87:c2:16:8f:b7:f9:f3:fa:a9:32:20:91:0f:98:6b:b0:1f: 11:4e:91:fe:51:94:15:77:0c:60:c0:58:e0:2b:e5:1b:d0:12: 50:b8:7a:63:8e:86:a5:4e:21:53:01:44:ec:8e:f6:db:f7:d7: b4:4d:e1:a7:99:13:3a:d7:53:79:2c:30:a6:5a:97:d2:23:ab: 2e:8c:d5:25:3e:c5:72:c2:32:f2:3f:d0:19:0b:81:a8:fc:5b: c8:e5:5b:18:f0:88:06:ef:b6:da:b8:60:0c:a2:88:c8:93:b1: da:4b:d2:59:e0:90:20:37:0b:57:48:95:c4:07:f4:a8:43:37: 68:27:0f:c3:1f:b0:ec:d3:e8:a0:77:68:08:e4:5c:12:96:8a: 15:50:ac:f7:a6:58:88:bd:4c:aa:65:72:94:e6:91:8b:64:41: ec:e2:6d:1a:cb:ce:fd:0b:16:d4:bb:33:29:2a:ad:2d:7c:09: 70:ff:e2:27:30:81:a0:06:c5:bd:51:5a:d9:86:9a:96:86:a4: 29:4e:35:0f:ee:e2:53:9c:ca:f6:b3:21:97:50:0c:fe:7b:a2: 1a:de:be:31:43:54:44:08:e6:90:5f:a5:ff:78:3f:65:58:a9: 77:67:21:7f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ1oN4qjRdvHbm6u+mM9AVYNNjR0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDA1MVoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAYTUzODliNzk5MmFiYjljN2VmZDNh ZTI2YjAwYTkwOWIwZWIyYTBkYWQ5Y2M4MzdlMjZkNzNkNTIzOTY3ZTEyMjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2/8JofJ8YL2C71zXAkeoSfEaPOC 6C6inY7xs/LwevwCbonGyxC1z+ONWsThD+sTIwYSSyrnRbd1i+PL/YDI0zO6W/UO FoIh/+T/E/aHJ7NFAkIBXEvm/UF8aFTJtOYRvKp5K4gnaNOfNAm8SB5BtBAAaElj 7wIEyDKnf981Z1e1Vrug25oxPcz/cmx+usYjpnS/kJCYfIyVPI2jtgawIWkei9lA dIQISm+9skRDFozZ4H6KTGMtHMYP+Gy0yyMdkDIvznZk1rynUSquBmdBwMGj0G3Y gFvENyFUobzkrXqRu4uAzWxggNLK4qa4yhtW9uCGOnXyFp9mAEy7qMG8QQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDFRgeh/A/CFlFDuKUPoKG19qhyaMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIwNWFmOWQ4LTM3OTktNGQzOC1iMWZiLWRhODQwZTM2MmZmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAJklzDQvpfJ8ar64segx OPVZNE2HwhaPt/nz+qkyIJEPmGuwHxFOkf5RlBV3DGDAWOAr5RvQElC4emOOhqVO IVMBROyO9tv317RN4aeZEzrXU3ksMKZal9Ijqy6M1SU+xXLCMvI/0BkLgaj8W8jl WxjwiAbvttq4YAyiiMiTsdpL0lngkCA3C1dIlcQH9KhDN2gnD8MfsOzT6KB3aAjk XBKWihVQrPemWIi9TKplcpTmkYtkQezibRrLzv0LFtS7MykqrS18CXD/4icwgaAG xb1RWtmGmpaGpClONQ/u4lOcyvazIZdQDP57ohrevjFDVEQI5pBfpf94P2VYqXdn IX8= -----END CERTIFICATE-----Generated at Sat Dec 6 10:53:16 2025 by rpki-client