This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa File: 453c01e0-c333-4283-987c-be2c8b71798c.roa (raw, json) Hash identifier: zx8kFOwG+2MvATOkdHTWVxxtXFlpTccmPRyVyXhvoSc= Subject key identifier: 56:26:F6:F8:14:3D:D7:80:F6:88:32:B9:E1:FA:1F:6C:F7:07:65:A9 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 58BF4A2FC8E867C5982D1F09AA82D949BF896ED7 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa Signing time: Wed 12 Nov 2025 00:00:08 +0000 ROA not before: Wed 12 Nov 2025 00:00:08 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:bf:4a:2f:c8:e8:67:c5:98:2d:1f:09:aa:82:d9:49:bf:89:6e:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:08 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=aae50ba77883348397882e16f9f8471a09b902037863906903ea0dc43b2158f6, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:89:af:53:c6:1f:ab:3a:d6:ba:59:ef:48:f0: c1:dc:0f:d7:95:ed:7e:ab:98:fe:14:75:aa:21:c5: 83:bd:f2:07:d1:6c:d8:31:e1:78:1d:63:61:68:b6: 8d:26:eb:98:a4:34:74:bb:f8:34:e8:75:b8:ce:e4: a9:b1:fe:fd:89:01:11:5b:0e:3e:de:91:97:98:e4: a5:9e:6e:0e:63:b6:bc:79:38:c6:5b:15:08:a4:bb: 6f:a3:19:b3:cc:8d:d9:6f:23:2a:d5:0f:88:55:0d: 93:6e:ef:5d:f5:29:85:46:9f:8c:11:66:1d:53:70: 99:dd:27:54:1f:47:8f:68:11:d0:c6:94:2a:cb:81: 46:73:ec:e9:5d:f0:c4:ce:55:11:3d:63:26:a4:a1: 7b:ef:1e:85:46:ef:e8:06:dd:ae:55:d5:29:54:55: c5:11:11:5e:b6:6d:06:2c:d6:3e:9b:c9:88:62:dc: c3:0a:74:cd:8f:bf:65:3d:48:7a:b8:7c:c9:dc:ae: 48:2d:05:4d:fa:1c:3a:32:b6:0a:1e:af:64:2a:ca: c4:2d:54:b1:bd:88:6d:56:ab:f3:df:e3:8c:97:6a: ce:1f:15:ce:cc:6a:30:4d:46:d6:03:7f:db:7d:66: 37:dd:59:99:a0:49:ee:a9:71:4f:52:58:af:b3:51: 65:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:26:F6:F8:14:3D:D7:80:F6:88:32:B9:E1:FA:1F:6C:F7:07:65:A9 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 40:00:66:40:89:5c:a0:e8:62:3f:7b:14:64:55:87:eb:ca:03: bb:04:d7:da:fb:31:2e:35:8a:60:9e:27:07:74:86:f5:f4:59: c6:4d:c6:d4:04:85:e3:0f:18:55:5d:81:b5:b3:66:87:36:a1: a9:32:69:e0:a0:4a:a9:9c:f1:58:c2:46:87:a5:df:ca:7c:6f: dd:77:d8:b1:8e:c1:65:5e:82:06:d8:49:f6:23:a8:d7:53:ea: bc:28:6d:40:ea:b6:4e:71:5f:24:0a:12:86:1c:0f:34:e0:39: 53:9c:16:53:99:f8:f0:32:76:c2:30:72:65:cb:10:0a:d5:85: 27:78:c6:05:63:23:82:cc:2b:16:38:c9:6a:9e:6b:7a:15:72: 7d:e0:30:59:63:e3:4c:f2:1d:28:f0:b7:18:38:20:2b:a8:a7: bb:73:51:9e:2c:1f:70:47:6a:34:7d:60:81:9b:f1:30:74:71: ab:54:d7:23:7c:7e:f9:fb:33:8b:0c:7e:27:6f:c4:54:5b:81: d0:32:34:ff:5f:d3:0a:29:66:8c:ba:0a:5d:9e:45:43:86:54: b6:97:12:13:6b:d8:76:af:e3:d9:97:76:b3:6e:34:ef:e1:e3: 04:84:67:77:da:b9:86:79:e4:56:8e:23:0e:a1:88:ec:65:cd: ec:68:cb:3e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWL9KL8joZ8WYLR8JqoLZSb+JbtcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDAwOFoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAYWFlNTBiYTc3ODgzMzQ4Mzk3ODgy ZTE2ZjlmODQ3MWEwOWI5MDIwMzc4NjM5MDY5MDNlYTBkYzQzYjIxNThmNjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqomvU8YfqzrWulnvSPDB3A/Xle1+ q5j+FHWqIcWDvfIH0WzYMeF4HWNhaLaNJuuYpDR0u/g06HW4zuSpsf79iQERWw4+ 3pGXmOSlnm4OY7a8eTjGWxUIpLtvoxmzzI3ZbyMq1Q+IVQ2Tbu9d9SmFRp+MEWYd U3CZ3SdUH0ePaBHQxpQqy4FGc+zpXfDEzlURPWMmpKF77x6FRu/oBt2uVdUpVFXF ERFetm0GLNY+m8mIYtzDCnTNj79lPUh6uHzJ3K5ILQVN+hw6MrYKHq9kKsrELVSx vYhtVqvz3+OMl2rOHxXOzGowTUbWA3/bfWY33VmZoEnuqXFPUlivs1FltwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFYm9vgUPdeA9ogyueH6H2z3B2WpMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzQ1M2MwMWUwLWMzMzMtNDI4My05ODdjLWJlMmM4YjcxNzk4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4DAMA0GCSqGSIb3DQEBCwUAA4IBAQBAAGZAiVyg6GI/exRk VYfrygO7BNfa+zEuNYpgnicHdIb19FnGTcbUBIXjDxhVXYG1s2aHNqGpMmngoEqp nPFYwkaHpd/KfG/dd9ixjsFlXoIG2En2I6jXU+q8KG1A6rZOcV8kChKGHA804DlT nBZTmfjwMnbCMHJlyxAK1YUneMYFYyOCzCsWOMlqnmt6FXJ94DBZY+NM8h0o8LcY OCArqKe7c1GeLB9wR2o0fWCBm/EwdHGrVNcjfH75+zOLDH4nb8RUW4HQMjT/X9MK KWaMugpdnkVDhlS2lxITa9h2r+PZl3azbjTv4eMEhGd32rmGeeRWjiMOoYjsZc3s aMs+ -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:50 2025 by rpki-client