This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json) Hash identifier: oRMC73atnOLdJQYq1+ZewXf3AYhKXQV29YIIc2Dfte4= Subject key identifier: 79:7D:AD:2F:F5:98:BE:BC:DA:82:82:8C:B5:E9:AA:E1:71:7D:37:C3 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 489C51A13B0A3F90E8409B1382A2DC154979F10C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa Signing time: Sun 07 Dec 2025 00:00:24 +0000 ROA not before: Sun 07 Dec 2025 00:00:24 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Dec 2025 00:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:9c:51:a1:3b:0a:3f:90:e8:40:9b:13:82:a2:dc:15:49:79:f1:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 7 00:00:24 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=f1f8cdd59eab348ccfbe378321c5330eedc91ffd7e7d5188255eba98b93b52de, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:cd:de:30:05:96:aa:18:c4:6a:e6:c6:fe:7c: c5:b5:30:97:a9:6e:10:55:50:e9:56:2e:c3:e9:13: cf:3a:93:d0:ea:7e:b1:9d:dc:cf:cc:28:c1:45:a4: 6d:05:9b:02:74:c3:33:f2:5d:ff:ab:cb:60:e2:0b: a4:e4:8f:91:8a:d8:8f:23:8e:42:fa:73:22:a3:14: 1c:4f:12:e0:c0:28:1b:a3:31:24:77:d4:79:c6:26: 2e:49:86:ec:48:f5:94:92:e7:79:15:37:18:07:c2: 21:70:79:ef:8a:c7:92:4b:67:80:cb:13:22:af:0f: b0:3d:8b:14:23:31:b4:9f:09:a5:14:86:20:e1:e0: 17:d9:0f:66:40:01:fd:ec:c1:4f:c5:81:98:52:6e: c9:14:bd:a0:ef:f7:44:dd:79:7a:3c:38:1d:7a:70: 09:f5:6d:48:f8:c8:95:ec:60:06:b2:31:d2:c0:61: 48:75:99:a8:ee:5d:6f:bc:3f:bb:34:e4:e6:0e:b5: d2:39:43:17:3b:1f:80:26:2e:72:af:ee:e6:1c:1e: 92:cd:ef:d6:b9:f5:54:ee:78:0d:f7:4d:08:c3:2a: 8a:cf:c0:03:d9:2f:eb:b3:75:03:53:30:2d:74:72: e1:f2:2d:5c:1a:bb:a4:8a:85:cb:56:93:f7:c3:ed: ee:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:7D:AD:2F:F5:98:BE:BC:DA:82:82:8C:B5:E9:AA:E1:71:7D:37:C3 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 89:07:41:64:f1:ae:3a:02:6f:d3:cd:90:f9:72:16:c6:9b:2f: 33:58:71:7d:8f:bd:67:5b:98:d4:66:2a:9b:61:30:5d:a8:bc: 14:48:0c:c6:3f:37:e9:62:ef:80:e9:46:e3:56:dd:8e:b8:32: 29:7a:6f:0b:b0:16:d2:b9:87:34:4d:10:90:d0:04:bf:3b:f8: 32:63:3f:f7:a5:1f:82:32:13:23:95:c5:5a:af:c1:b4:9d:34: 19:22:48:17:4b:64:29:40:e3:d8:4b:1a:d6:67:55:a6:f6:f9: 1d:23:5e:2c:cf:95:2e:b3:aa:a6:13:dc:62:3b:b5:5d:e8:c9: 0d:93:b8:6e:69:67:75:86:c3:79:5b:40:54:8f:6e:d8:6a:63: 9d:ff:15:dd:6f:98:79:4a:3b:7f:9b:a9:a2:fc:3a:be:2c:17: 2c:d9:19:67:27:6f:ca:5e:76:f1:bc:7a:15:70:b0:0d:33:d3: 46:47:72:5d:15:ed:ea:15:53:da:df:28:f6:28:82:d6:fa:b3: ad:4d:8e:c5:e7:b7:25:01:ab:16:31:fa:53:11:d2:d8:55:de: 2c:35:0a:d9:e3:34:73:a8:bf:5a:9f:6f:a2:19:a7:d5:74:7d: 5d:2c:9b:91:01:d5:26:e4:67:14:14:6d:ea:d2:a1:73:6b:2d: 9d:bf:1b:27 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSJxRoTsKP5DoQJsTgqLcFUl58QwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNzAwMDAyNFoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAZjFmOGNkZDU5ZWFiMzQ4Y2NmYmUz NzgzMjFjNTMzMGVlZGM5MWZmZDdlN2Q1MTg4MjU1ZWJhOThiOTNiNTJkZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu83eMAWWqhjEaubG/nzFtTCXqW4Q VVDpVi7D6RPPOpPQ6n6xndzPzCjBRaRtBZsCdMMz8l3/q8tg4guk5I+RitiPI45C +nMioxQcTxLgwCgbozEkd9R5xiYuSYbsSPWUkud5FTcYB8IhcHnviseSS2eAyxMi rw+wPYsUIzG0nwmlFIYg4eAX2Q9mQAH97MFPxYGYUm7JFL2g7/dE3Xl6PDgdenAJ 9W1I+MiV7GAGsjHSwGFIdZmo7l1vvD+7NOTmDrXSOUMXOx+AJi5yr+7mHB6Sze/W ufVU7ngN900IwyqKz8AD2S/rs3UDUzAtdHLh8i1cGrukioXLVpP3w+3ujQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHl9rS/1mL682oKCjLXpquFxfTfDMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBAIkHQWTxrjoCb9PNkPly FsabLzNYcX2PvWdbmNRmKpthMF2ovBRIDMY/N+li74DpRuNW3Y64Mil6bwuwFtK5 hzRNEJDQBL87+DJjP/elH4IyEyOVxVqvwbSdNBkiSBdLZClA49hLGtZnVab2+R0j XizPlS6zqqYT3GI7tV3oyQ2TuG5pZ3WGw3lbQFSPbthqY53/Fd1vmHlKO3+bqaL8 Or4sFyzZGWcnb8pedvG8ehVwsA0z00ZHcl0V7eoVU9rfKPYogtb6s61NjsXntyUB qxYx+lMR0thV3iw1CtnjNHOov1qfb6IZp9V0fV0sm5EB1SbkZxQUberSoXNrLZ2/ Gyc= -----END CERTIFICATE-----Generated at Mon Dec 15 17:07:41 2025 by rpki-client