This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: NGKKnbbBUB8sz79ZUAPnIDPnkxrcL6tceDOqkm/KB+Y= Subject key identifier: 22:7B:4B:82:46:CD:F4:96:FE:72:12:C1:A0:D7:FF:61:3F:30:C8:2A Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 72557D45363ED1FF7424FF4A549A402C049D7306 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Sat 06 Dec 2025 00:10:06 +0000 ROA not before: Sat 06 Dec 2025 00:10:06 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:55:7d:45:36:3e:d1:ff:74:24:ff:4a:54:9a:40:2c:04:9d:73:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 6 00:10:06 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=4b27981a3787747252d26ddd10a18372ae5e81df18fb5776b6b44aad9f0227c9, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:a9:63:00:17:3d:e2:95:27:49:50:0c:19:7e: b4:da:90:19:52:39:74:eb:92:b1:2f:d2:48:94:c6: d9:92:36:1d:98:af:57:fd:e6:51:72:e2:bc:b4:f9: 05:a0:96:d9:ad:69:45:33:ca:ca:ac:bd:f8:d7:3e: 86:b1:b0:17:71:c6:5f:a0:df:1f:46:57:fb:d6:be: 69:0d:44:9d:4e:c1:b6:20:57:be:db:2a:91:60:4b: d3:61:85:03:15:14:ef:f9:73:16:74:06:48:e7:42: 69:09:ac:51:6e:44:29:35:30:59:1d:09:d7:d0:1a: 0c:28:61:03:e9:b2:55:ef:9a:88:66:5b:82:08:b9: 30:ec:52:34:9c:de:af:a9:42:37:0a:69:92:a0:7c: 1f:d0:83:07:d6:a2:75:68:6f:32:6e:e7:92:d4:db: 5e:08:d7:5b:ec:45:2d:bf:d9:2e:5e:f2:2c:08:ff: 3e:c3:e3:f7:10:71:10:a8:c9:89:6d:04:cf:09:ba: ee:c3:42:93:b1:52:e1:95:9b:25:4a:d8:b4:0e:4a: eb:bb:84:35:fc:f3:9b:94:71:db:25:c0:3e:df:76: 33:49:3c:a0:70:71:e7:b5:fa:f2:b2:ca:88:7b:12: 99:d9:cf:5f:76:82:25:b7:96:d4:1d:4e:20:d7:88: 11:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:7B:4B:82:46:CD:F4:96:FE:72:12:C1:A0:D7:FF:61:3F:30:C8:2A X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption 56:a9:b4:fc:5f:f2:37:9b:a8:a1:50:d2:1a:97:63:36:67:6e: 0f:4f:c2:02:5e:d8:4f:28:6b:b2:3d:e8:b1:8f:e7:d2:71:ac: 84:63:90:00:7c:48:e3:6f:a8:da:d7:4d:0c:6d:95:41:2d:62: 13:ab:c1:15:f1:27:c7:79:82:5d:5e:91:27:3d:66:2f:d7:59: b6:cc:11:1f:21:25:4a:e0:24:76:b7:4a:e1:c9:08:15:29:ca: fc:b5:b8:a8:12:a4:b5:2f:98:e9:51:2f:97:12:26:48:ac:c4: 08:a7:f1:47:0f:27:77:c7:6e:f1:62:28:55:95:c4:f6:eb:f3: 92:4c:99:e0:1a:b7:b2:a3:fb:31:1e:f1:6e:36:f7:33:aa:b2: 60:1b:00:05:69:d7:78:1b:06:48:ed:3a:10:eb:21:c8:a4:d9: bb:e8:c2:c8:15:ea:9b:86:85:18:a7:46:09:b3:ac:97:6c:5d: 16:4a:d9:9d:51:af:17:73:52:e3:79:be:09:93:28:4b:9a:f8: 30:3c:17:e0:1b:79:bd:cc:b0:2b:c9:a7:1a:78:ea:79:a3:63: 67:23:80:a8:fe:bf:f7:fb:d2:45:f5:0d:de:00:4c:cd:76:cf: 9c:5c:ff:6b:59:f1:15:dd:5c:7c:06:ae:78:5a:8e:ec:be:3e: 33:34:e8:b6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUclV9RTY+0f90JP9KVJpALASdcwYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNjAwMTAwNloX DTI2MDMwNjIzNTk1OVowejFJMEcGA1UEBRNANGIyNzk4MWEzNzg3NzQ3MjUyZDI2 ZGRkMTBhMTgzNzJhZTVlODFkZjE4ZmI1Nzc2YjZiNDRhYWQ5ZjAyMjdjOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKljABc94pUnSVAMGX602pAZUjl0 65KxL9JIlMbZkjYdmK9X/eZRcuK8tPkFoJbZrWlFM8rKrL341z6GsbAXccZfoN8f Rlf71r5pDUSdTsG2IFe+2yqRYEvTYYUDFRTv+XMWdAZI50JpCaxRbkQpNTBZHQnX 0BoMKGED6bJV75qIZluCCLkw7FI0nN6vqUI3CmmSoHwf0IMH1qJ1aG8ybueS1Nte CNdb7EUtv9kuXvIsCP8+w+P3EHEQqMmJbQTPCbruw0KTsVLhlZslSti0Dkrru4Q1 /POblHHbJcA+33YzSTygcHHntfryssqIexKZ2c9fdoIlt5bUHU4g14gRsQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCJ7S4JGzfSW/nISwaDX/2E/MMgqMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBAFaptPxf8jebqKFQ0hqX YzZnbg9PwgJe2E8oa7I96LGP59JxrIRjkAB8SONvqNrXTQxtlUEtYhOrwRXxJ8d5 gl1ekSc9Zi/XWbbMER8hJUrgJHa3SuHJCBUpyvy1uKgSpLUvmOlRL5cSJkisxAin 8UcPJ3fHbvFiKFWVxPbr85JMmeAat7Kj+zEe8W429zOqsmAbAAVp13gbBkjtOhDr Icik2bvowsgV6puGhRinRgmzrJdsXRZK2Z1RrxdzUuN5vgmTKEua+DA8F+Abeb3M sCvJpxp46nmjY2cjgKj+v/f70kX1Dd4ATM12z5xc/2tZ8RXdXHwGrnhajuy+PjM0 6LY= -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:45 2025 by rpki-client