This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa File: 29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa (raw, json) Hash identifier: cocaKlKfG3S05FeULSta2hzddlnuVKm2o6Z7VqoRjJ4= Subject key identifier: 31:03:0E:A6:5F:B9:36:2C:B5:87:66:E0:0A:B8:A6:6C:94:8D:86:ED Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 07693C19FA853567B914057601E96085543254D1 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa Signing time: Wed 12 Nov 2025 00:00:08 +0000 ROA not before: Wed 12 Nov 2025 00:00:08 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:69:3c:19:fa:85:35:67:b9:14:05:76:01:e9:60:85:54:32:54:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:08 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=7cc5818c00ab0ce867f07388e48660750d76e60305423128dd392f6ff061e953, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1f:a8:ed:87:62:f3:95:aa:fd:88:1f:57:d3: 00:72:43:d5:0f:45:ba:83:d2:70:f0:f1:71:f2:2b: 81:86:46:75:d9:20:a0:92:12:47:00:17:c1:cf:03: 3d:2b:4f:6c:d6:0b:ec:22:8e:56:9d:e2:53:b0:cc: 04:57:59:05:e4:f0:50:6d:dd:a3:bd:6e:98:17:32: fb:26:00:c8:cb:38:81:de:bd:57:db:04:15:a4:a9: 3c:cb:18:43:b5:22:c9:93:af:32:78:7c:04:23:8d: 96:a4:09:02:bd:90:da:d7:8a:0b:e6:d7:fb:19:1b: 1c:fb:36:db:f3:32:e4:09:bf:4e:4b:bd:45:4b:01: da:8f:79:5f:2d:2e:ae:92:a5:e3:f8:3b:01:b3:b8: f1:e9:27:e0:2e:a2:00:6a:c2:db:c9:f4:a6:71:6a: 64:ee:73:df:38:16:05:99:5f:a5:b0:f1:cb:9d:78: 3a:89:c1:00:85:68:3a:dd:1b:f9:b3:b7:07:e4:e5: fa:14:b2:dc:c0:51:06:71:de:2a:34:35:77:8f:89: 52:2e:30:b3:e9:c9:91:d3:f9:ab:f6:a3:50:e5:29: dc:2e:49:3c:54:fc:39:69:98:05:2d:ba:5f:b4:ea: c1:a8:77:cd:e6:45:11:07:b5:9f:b0:82:b2:88:27: 6f:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:03:0E:A6:5F:B9:36:2C:B5:87:66:E0:0A:B8:A6:6C:94:8D:86:ED X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:c00::/38 Signature Algorithm: sha256WithRSAEncryption b7:bb:da:bb:57:34:bc:8e:73:4a:41:ed:b2:ad:75:72:e9:b2: 93:95:2e:0c:87:33:57:62:06:03:36:2f:41:c7:c2:ec:77:28: ce:b3:2b:fe:84:02:41:d7:27:22:33:4d:e7:de:40:17:e3:7c: ee:ee:98:4b:2d:36:f4:13:29:38:31:59:b2:f5:79:5d:dd:83: be:14:6c:87:96:93:97:e5:41:78:ca:55:17:f1:dc:11:73:47: 24:5c:17:41:93:af:df:6f:4c:1a:f2:60:cd:95:56:da:0d:1d: f9:72:52:f1:94:2f:dd:f0:b1:4f:a4:5a:3a:87:e7:30:b0:bb: 30:54:79:31:6f:68:85:2c:9a:67:91:c0:6e:77:3d:b1:91:a5: 1f:a9:30:2e:b6:08:d4:d6:3c:fe:d4:25:c0:5c:67:46:86:3c: 28:38:a0:15:35:a0:33:ac:d1:16:16:bf:ce:4f:ff:17:cd:e5: b4:c2:f8:7a:8b:34:21:c0:f5:70:40:ce:57:89:c3:b3:f1:c1: 46:6a:d1:a1:35:62:0f:78:e4:df:27:11:e9:27:5e:2f:a1:28: ce:0d:ea:2e:cc:f2:1d:21:34:f0:be:85:a4:bc:46:3c:81:ed: 4c:73:00:bc:2e:71:bc:14:33:e1:b6:ad:a0:e6:51:df:fe:68: 88:4a:92:cf -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUB2k8GfqFNWe5FAV2AelghVQyVNEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDAwOFoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAN2NjNTgxOGMwMGFiMGNlODY3ZjA3 Mzg4ZTQ4NjYwNzUwZDc2ZTYwMzA1NDIzMTI4ZGQzOTJmNmZmMDYxZTk1MzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx+o7Ydi85Wq/YgfV9MAckPVD0W6 g9Jw8PFx8iuBhkZ12SCgkhJHABfBzwM9K09s1gvsIo5WneJTsMwEV1kF5PBQbd2j vW6YFzL7JgDIyziB3r1X2wQVpKk8yxhDtSLJk68yeHwEI42WpAkCvZDa14oL5tf7 GRsc+zbb8zLkCb9OS71FSwHaj3lfLS6ukqXj+DsBs7jx6SfgLqIAasLbyfSmcWpk 7nPfOBYFmV+lsPHLnXg6icEAhWg63Rv5s7cH5OX6FLLcwFEGcd4qNDV3j4lSLjCz 6cmR0/mr9qNQ5SncLkk8VPw5aZgFLbpftOrBqHfN5kURB7WfsIKyiCdv2QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDEDDqZfuTYstYdm4Aq4pmyUjYbtMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI5ZmU0NDU0LWY3YTgtNDJmZC04YzM1LTc3YTZkNmY4ZTYwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAwwDQYJKoZIhvcNAQELBQADggEBALe72rtXNLyOc0pB7bKt dXLpspOVLgyHM1diBgM2L0HHwux3KM6zK/6EAkHXJyIzTefeQBfjfO7umEstNvQT KTgxWbL1eV3dg74UbIeWk5flQXjKVRfx3BFzRyRcF0GTr99vTBryYM2VVtoNHfly UvGUL93wsU+kWjqH5zCwuzBUeTFvaIUsmmeRwG53PbGRpR+pMC62CNTWPP7UJcBc Z0aGPCg4oBU1oDOs0RYWv85P/xfN5bTC+HqLNCHA9XBAzleJw7PxwUZq0aE1Yg94 5N8nEeknXi+hKM4N6i7M8h0hNPC+haS8RjyB7UxzALwucbwUM+G2raDmUd/+aIhK ks8= -----END CERTIFICATE-----Generated at Sat Dec 6 10:55:03 2025 by rpki-client