This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa File: 7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa (raw, json) Hash identifier: QYvcIZoAmSaHgxwYpiFJPj7SKxKJmkMoFKKlcHR5pao= Subject key identifier: F8:7D:88:12:50:2D:7B:D6:1C:40:02:D7:39:4F:2D:0A:E2:A8:B8:26 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0558942FD4ECE9A02F55E132BD57A20E608C230C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa Signing time: Wed 12 Nov 2025 00:00:53 +0000 ROA not before: Wed 12 Nov 2025 00:00:53 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:58:94:2f:d4:ec:e9:a0:2f:55:e1:32:bd:57:a2:0e:60:8c:23:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:53 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=70f210139798ac481eb2e142e62d9424c876d459b864c333ad0122a0e67ab6ce, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:23:49:35:d5:ef:13:24:89:14:c0:84:13:07: a2:d9:cf:9f:1c:d4:56:d7:4d:69:f9:4a:64:9c:c6: 1f:7c:e2:0e:4d:4f:e2:42:d3:1c:2d:66:d8:d9:16: fb:0a:be:c5:57:e3:0d:6a:62:d1:4f:01:38:e4:49: 18:9e:fe:6a:84:f9:bb:ab:c6:36:1f:11:f0:29:ae: 17:2f:e2:3c:2c:3e:6c:ee:e5:2b:c0:ab:64:ff:94: d2:41:13:3e:37:03:1c:ec:8d:a8:3d:9f:9a:17:ef: 9a:b3:b1:4b:f4:29:63:12:77:6f:88:4a:4d:24:8d: 22:65:64:3f:4b:fd:f1:a1:4d:a9:a8:9b:63:64:bc: 04:0b:50:ac:33:d6:29:95:b9:b5:3e:25:6b:df:6e: ab:6e:7d:a2:b8:7f:b5:a2:2c:66:70:78:b3:84:3c: 25:95:b7:2c:9f:6a:7f:67:f7:41:ee:91:05:2d:9c: 9c:e6:82:14:12:97:e0:0e:0c:42:28:08:82:63:19: ec:a1:3a:5c:23:3a:6f:87:65:26:d3:b9:dd:96:3d: 36:d7:e3:dd:18:78:f9:aa:06:d9:92:f2:be:e0:1b: 19:4f:be:7b:c3:d1:41:e6:95:ae:93:c1:39:28:73: 9b:56:99:ef:a1:7b:19:eb:16:a9:04:72:a1:53:54: 18:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:7D:88:12:50:2D:7B:D6:1C:40:02:D7:39:4F:2D:0A:E2:A8:B8:26 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 98:00:5a:f3:93:b8:4a:ae:be:a7:c9:bd:5e:4d:43:78:1b:83: 9e:aa:d1:91:ae:54:cf:f5:c0:f7:81:80:c6:f8:5a:d6:4a:1c: 86:aa:fe:28:f3:8e:50:38:48:89:0a:37:d6:05:98:14:06:7b: 1a:6c:c4:76:8c:4b:b5:34:e4:2a:c3:32:37:b0:7b:24:a2:30: a4:60:ab:67:c7:87:34:48:df:23:2b:4b:5d:fa:ae:74:b1:3b: 9d:72:5c:0d:89:bb:80:7e:8d:cb:15:7c:7b:54:b6:a5:05:f9: 19:2d:13:41:84:33:47:46:e5:08:f9:27:09:08:fa:c0:d2:2a: 9c:b9:d4:07:31:22:29:1f:0b:93:8f:6e:13:a3:b3:48:81:12: 31:c8:2a:55:a1:ff:76:f3:2a:4a:7b:f7:a2:5e:44:ed:2b:98: 19:71:fe:e8:26:6f:19:f5:4f:95:53:60:fe:0d:87:05:70:59: d5:91:93:22:2f:1e:b7:fd:79:70:4a:33:c8:cc:c7:d7:2e:df: bc:cb:47:01:93:8b:7e:d2:6f:05:a8:38:7e:13:28:ea:70:54: 6b:6f:68:45:6c:5e:98:5e:45:76:0c:25:05:1f:fb:86:c0:ad: d4:9c:d0:bf:c3:9a:b1:ed:ed:cc:e2:67:2a:ee:9d:f8:9b:37: 81:96:ce:8c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBViUL9Ts6aAvVeEyvVeiDmCMIwwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDA1M1oX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNANzBmMjEwMTM5Nzk4YWM0ODFlYjJl MTQyZTYyZDk0MjRjODc2ZDQ1OWI4NjRjMzMzYWQwMTIyYTBlNjdhYjZjZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCNJNdXvEySJFMCEEwei2c+fHNRW 101p+UpknMYffOIOTU/iQtMcLWbY2Rb7Cr7FV+MNamLRTwE45EkYnv5qhPm7q8Y2 HxHwKa4XL+I8LD5s7uUrwKtk/5TSQRM+NwMc7I2oPZ+aF++as7FL9CljEndviEpN JI0iZWQ/S/3xoU2pqJtjZLwEC1CsM9Yplbm1PiVr326rbn2iuH+1oixmcHizhDwl lbcsn2p/Z/dB7pEFLZyc5oIUEpfgDgxCKAiCYxnsoTpcIzpvh2Um07ndlj021+Pd GHj5qgbZkvK+4BsZT757w9FB5pWuk8E5KHObVpnvoXsZ6xapBHKhU1QY0wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPh9iBJQLXvWHEAC1zlPLQriqLgmMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjYmEyMmE1LWRjNjEtNDQxMy1hZWQyLThmYjRjYzhlM2E0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBAJgAWvOTuEquvqfJvV5N Q3gbg56q0ZGuVM/1wPeBgMb4WtZKHIaq/ijzjlA4SIkKN9YFmBQGexpsxHaMS7U0 5CrDMjeweySiMKRgq2fHhzRI3yMrS136rnSxO51yXA2Ju4B+jcsVfHtUtqUF+Rkt E0GEM0dG5Qj5JwkI+sDSKpy51AcxIikfC5OPbhOjs0iBEjHIKlWh/3bzKkp796Je RO0rmBlx/ugmbxn1T5VTYP4NhwVwWdWRkyIvHrf9eXBKM8jMx9cu37zLRwGTi37S bwWoOH4TKOpwVGtvaEVsXpheRXYMJQUf+4bArdSc0L/DmrHt7cziZyrunfibN4GW zow= -----END CERTIFICATE-----Generated at Sat Dec 6 11:48:33 2025 by rpki-client