This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa File: 8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa (raw, json) Hash identifier: bxw2Dfnx+UCV0yJ4F+9B+j5FxZQBZOUAmtYNvCchqcY= Subject key identifier: 3E:24:F3:3D:96:25:F1:D0:DF:7A:95:3F:21:0D:45:BA:46:CB:C4:64 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1B95FAD37E349399E10DE6729617807B2AA202A6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa Signing time: Wed 12 Nov 2025 00:00:14 +0000 ROA not before: Wed 12 Nov 2025 00:00:14 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:95:fa:d3:7e:34:93:99:e1:0d:e6:72:96:17:80:7b:2a:a2:02:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:14 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=da9658c1b33cbc381bd4002cda9dea7db4510b1780a96ed49a9936b2b6be613f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:8a:8a:4e:89:b8:29:8e:e8:e6:d4:da:06:13: 7c:9c:5a:09:15:91:c2:b9:70:01:a3:f0:e0:c3:54: 2e:8e:67:dd:05:66:7c:c3:57:25:94:9a:eb:97:cc: dd:52:8c:37:59:7a:60:82:01:87:e9:0b:05:67:0a: 1a:04:e7:1b:42:ed:4f:a8:43:02:ca:ae:e3:ef:c7: 7c:f4:fc:1c:c9:51:0e:35:66:57:8a:42:c9:27:07: fe:92:fd:32:4f:26:a0:e0:bb:41:78:65:ac:8d:8d: 2a:c1:93:4b:14:f7:e4:64:f6:9b:cb:6b:ea:1f:71: ad:1d:9a:a4:9c:4d:47:db:b0:62:15:cf:8e:03:a7: 46:b5:7d:23:7d:64:ca:19:d5:19:3d:6e:d4:66:19: c9:8b:e1:1d:27:8b:7b:bb:67:13:b0:1a:e0:03:74: 95:fa:66:d9:c6:57:31:c3:31:ea:8c:8d:e6:0f:75: 85:82:bc:22:98:97:93:b7:f4:6a:f5:a2:e9:bf:ae: c2:ae:47:2b:17:d5:71:c5:63:51:84:c2:a5:89:1d: f6:c6:48:16:e3:6a:20:24:34:23:4e:6e:37:7f:f3: 89:50:fb:06:a0:76:85:ca:b4:92:09:53:e7:ba:09: 35:22:26:f1:3f:1c:48:1e:d9:6a:70:e8:44:1b:6c: 85:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:24:F3:3D:96:25:F1:D0:DF:7A:95:3F:21:0D:45:BA:46:CB:C4:64 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:400::/38 Signature Algorithm: sha256WithRSAEncryption a3:b2:84:18:b3:55:05:c7:51:7b:93:87:15:97:03:dc:ab:64: 9e:be:a0:19:b7:c9:90:de:2c:44:b4:b8:a6:c3:25:bf:25:3a: bf:72:37:e7:96:54:e2:3b:94:8e:f6:1f:ee:6e:ac:48:ba:d9: 9d:b4:23:d5:36:71:31:76:21:c2:14:08:3a:4a:1b:bc:20:54: b5:fe:d1:04:b0:7f:24:3f:5b:0b:0e:18:ea:a0:a1:65:6b:54: 79:17:c2:57:d2:3c:d1:48:5f:98:35:66:b0:e2:91:66:3b:3e: bb:ff:15:86:e4:6b:80:5e:ab:a7:19:31:a2:11:52:89:dd:1b: ba:b5:da:59:14:10:39:ba:f7:91:fd:c8:0f:01:70:50:a0:ca: 03:86:8f:4c:77:64:df:91:ff:a7:14:21:7b:13:2e:76:15:38: fc:65:d4:bd:db:13:66:fb:ba:dc:0d:3e:5c:85:61:f3:1d:a5: 16:fa:f1:ea:1f:e7:8c:cb:70:a3:fe:be:60:83:2b:6c:ac:24: 39:1e:bd:bf:6e:3c:cb:eb:95:d7:7f:50:90:e1:c2:16:31:83: c7:f4:f0:3e:51:86:2c:1f:ea:ee:2e:9a:66:92:0d:3d:3a:5d: 86:54:4b:7e:69:d3:b1:05:29:d5:a8:f7:34:fa:b4:90:8d:64: 86:9e:cc:14 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG5X60340k5nhDeZylheAeyqiAqYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDAxNFoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAZGE5NjU4YzFiMzNjYmMzODFiZDQw MDJjZGE5ZGVhN2RiNDUxMGIxNzgwYTk2ZWQ0OWE5OTM2YjJiNmJlNjEzZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIqKTom4KY7o5tTaBhN8nFoJFZHC uXABo/Dgw1QujmfdBWZ8w1cllJrrl8zdUow3WXpgggGH6QsFZwoaBOcbQu1PqEMC yq7j78d89PwcyVEONWZXikLJJwf+kv0yTyag4LtBeGWsjY0qwZNLFPfkZPaby2vq H3GtHZqknE1H27BiFc+OA6dGtX0jfWTKGdUZPW7UZhnJi+EdJ4t7u2cTsBrgA3SV +mbZxlcxwzHqjI3mD3WFgrwimJeTt/Rq9aLpv67CrkcrF9VxxWNRhMKliR32xkgW 42ogJDQjTm43f/OJUPsGoHaFyrSSCVPnugk1IibxPxxIHtlqcOhEG2yFOQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD4k8z2WJfHQ33qVPyENRbpGy8RkMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzhiZjMxMWU5LWQyN2YtNDZmYS04ZjA1LTJlZDZiMTc2YjViOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAQwDQYJKoZIhvcNAQELBQADggEBAKOyhBizVQXHUXuThxWX A9yrZJ6+oBm3yZDeLES0uKbDJb8lOr9yN+eWVOI7lI72H+5urEi62Z20I9U2cTF2 IcIUCDpKG7wgVLX+0QSwfyQ/WwsOGOqgoWVrVHkXwlfSPNFIX5g1ZrDikWY7Prv/ FYbka4Beq6cZMaIRUondG7q12lkUEDm695H9yA8BcFCgygOGj0x3ZN+R/6cUIXsT LnYVOPxl1L3bE2b7utwNPlyFYfMdpRb68eof54zLcKP+vmCDK2ysJDkevb9uPMvr ldd/UJDhwhYxg8f08D5Rhiwf6u4ummaSDT06XYZUS35p07EFKdWo9zT6tJCNZIae zBQ= -----END CERTIFICATE-----Generated at Sat Dec 6 12:45:34 2025 by rpki-client