This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa File: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (raw, json) Hash identifier: BOVyTnH1VYW7aZ3rztuM5ohy/l7hZrCHdLFn/QgZI2Y= Subject key identifier: D8:F2:ED:02:39:72:3F:50:49:CC:F0:6E:C0:75:B1:36:BA:83:76:7F Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 16B3BE0F9C28A7BEB5909ED8E568AEBD073C74E2 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa Signing time: Sat 06 Dec 2025 00:10:06 +0000 ROA not before: Sat 06 Dec 2025 00:10:06 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:b3:be:0f:9c:28:a7:be:b5:90:9e:d8:e5:68:ae:bd:07:3c:74:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 6 00:10:06 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=6bbb8bfaafb7e832de5dfa09de34a23395251d2ad02fe14afd54b483cd651c2d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f6:dd:ba:ec:ce:ef:52:b3:8d:6e:b6:18:2b: 25:12:e0:d2:64:c6:36:d0:8b:6e:7f:8d:de:b2:84: 56:c6:19:1d:26:61:ff:f5:f2:75:f4:8b:eb:21:58: 4a:10:57:34:0f:cc:3f:d0:49:b5:12:b8:d1:6d:d0: 56:2f:e6:9e:9c:c9:66:ef:1b:3e:72:5b:91:7c:cf: 55:71:b2:be:70:0d:8d:c3:d6:e1:46:c2:48:43:0a: 60:b3:19:dd:9e:1f:3e:6c:c2:7a:72:5e:2b:cd:8d: a7:69:04:1a:9b:2a:14:8a:70:6e:ed:92:3e:d3:ca: 32:09:ca:2a:52:b6:8b:c1:e5:bc:de:49:13:92:77: c8:57:50:c9:e4:74:bb:e6:2a:7c:fb:ac:9c:b0:4b: b7:ce:b3:d7:bf:10:46:ab:3a:9e:e2:4e:e7:19:d9: a2:84:6b:cc:93:d6:09:ea:71:04:ff:42:b3:3f:b5: 2c:1e:5a:d0:8d:b5:b0:fb:bf:c9:dc:92:7d:de:ac: e9:70:e5:c3:60:0a:72:86:3c:d1:67:d9:e1:da:a5: 6d:57:7b:68:fe:c8:d6:cb:5f:23:3c:d1:17:b8:18: 1d:5d:88:a9:f6:c1:c5:75:e8:b8:d6:ac:e1:d4:a6: 1a:70:4a:e5:02:69:84:3c:8d:74:27:57:b4:75:d9: f6:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:F2:ED:02:39:72:3F:50:49:CC:F0:6E:C0:75:B1:36:BA:83:76:7F X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:4000::/40 Signature Algorithm: sha256WithRSAEncryption a7:3a:4e:70:92:ad:31:ca:c8:b9:31:fb:46:2d:f0:cf:a6:c2: 5a:b8:b7:4b:16:e5:eb:c6:e2:ee:64:46:a6:9c:0f:ae:0d:df: 9a:17:f2:8d:a0:0a:b3:63:d7:7c:bc:83:ce:38:47:e3:e7:a5: f9:a3:2d:fc:8e:d5:a1:de:b4:63:ef:97:43:3b:59:97:3a:08: d1:a3:e5:a1:45:c0:d0:58:19:f3:8e:35:cb:ea:6e:28:bf:5c: 1a:79:9c:16:27:f3:cd:0f:df:da:f7:80:2c:7b:36:8f:78:d6: cf:3f:f7:b2:d2:d1:98:93:66:ab:10:fd:91:c3:a7:d4:7d:3d: 2c:80:ba:88:ec:1f:96:1f:70:85:9e:e1:41:76:1f:c2:3f:fe: f3:03:f9:46:9b:38:81:69:d5:d0:e0:49:a7:0d:d1:a6:08:e3: 81:0f:6f:51:b4:2d:d4:2e:99:a9:10:a1:66:d7:6d:e3:0e:9c: d1:01:da:3c:f0:77:50:f1:82:c4:b3:c2:a6:78:55:af:0e:8e: 4c:82:74:e8:9d:36:3d:ee:d0:59:50:6b:91:60:fe:28:1c:c8: 68:b8:e4:bf:98:81:f3:9e:ff:b8:eb:9a:3f:13:69:f7:fa:60: d3:48:5f:0a:3f:5d:8f:62:35:20:4e:da:85:c7:cb:ee:23:86: 29:b1:d5:b5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFrO+D5wop761kJ7Y5WiuvQc8dOIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNjAwMTAwNloX DTI2MDMwNjIzNTk1OVowejFJMEcGA1UEBRNANmJiYjhiZmFhZmI3ZTgzMmRlNWRm YTA5ZGUzNGEyMzM5NTI1MWQyYWQwMmZlMTRhZmQ1NGI0ODNjZDY1MWMyZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPbduuzO71KzjW62GCslEuDSZMY2 0Ituf43esoRWxhkdJmH/9fJ19IvrIVhKEFc0D8w/0Em1ErjRbdBWL+aenMlm7xs+ cluRfM9VcbK+cA2Nw9bhRsJIQwpgsxndnh8+bMJ6cl4rzY2naQQamyoUinBu7ZI+ 08oyCcoqUraLweW83kkTknfIV1DJ5HS75ip8+6ycsEu3zrPXvxBGqzqe4k7nGdmi hGvMk9YJ6nEE/0KzP7UsHlrQjbWw+7/J3JJ93qzpcOXDYApyhjzRZ9nh2qVtV3to /sjWy18jPNEXuBgdXYip9sHFdei41qzh1KYacErlAmmEPI10J1e0ddn2BQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNjy7QI5cj9QSczwbsB1sTa6g3Z/MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjZjE3ZTYxLWIwNDktNDM4Yy04YWFmLTJkNDcxNGI1MTg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+kAwDQYJKoZIhvcNAQELBQADggEBAKc6TnCSrTHKyLkx+0Yt 8M+mwlq4t0sW5evG4u5kRqacD64N35oX8o2gCrNj13y8g844R+PnpfmjLfyO1aHe tGPvl0M7WZc6CNGj5aFFwNBYGfOONcvqbii/XBp5nBYn880P39r3gCx7No941s8/ 97LS0ZiTZqsQ/ZHDp9R9PSyAuojsH5YfcIWe4UF2H8I//vMD+UabOIFp1dDgSacN 0aYI44EPb1G0LdQumakQoWbXbeMOnNEB2jzwd1DxgsSzwqZ4Va8OjkyCdOidNj3u 0FlQa5Fg/igcyGi45L+YgfOe/7jrmj8Taff6YNNIXwo/XY9iNSBO2oXHy+4jhimx 1bU= -----END CERTIFICATE-----Generated at Sat Dec 6 13:06:30 2025 by rpki-client