This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json) Hash identifier: 3i3JYt3okbA7ZYjsaY0Xac/tSdiNF9LeTZ1xj+IK6v4= Subject key identifier: 62:BC:DB:1D:0F:AD:FF:1F:97:94:64:70:6A:F1:0B:19:7E:B9:66:0B Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 54104803221A993B2CF5B863BDE4F9104FA50828 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa Signing time: Wed 12 Nov 2025 00:00:51 +0000 ROA not before: Wed 12 Nov 2025 00:00:51 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:10:48:03:22:1a:99:3b:2c:f5:b8:63:bd:e4:f9:10:4f:a5:08:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:51 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=129332700be043577f9b16e050c2930f111b813940df41b5d54583a62c71bcec, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:8d:6f:4a:75:75:80:04:ba:58:37:7a:0d:5f: 29:8d:86:88:4e:5c:b6:84:8b:e9:01:9a:2f:2d:2b: 62:07:ff:21:4b:68:fd:50:5d:85:50:c6:b3:12:79: 4a:6a:12:a5:70:38:93:0e:b0:5f:4d:81:db:94:1a: af:4c:96:e4:95:2d:0c:78:21:c6:ac:1e:71:ae:97: e9:c4:25:3a:c8:c5:fd:06:95:f5:09:a3:4f:af:da: 69:69:5a:02:80:ce:52:22:f2:cd:66:1f:31:0c:28: 73:9f:c9:82:f0:d9:16:c9:c1:53:d9:2c:83:8d:cf: 5a:2b:27:93:0e:24:3c:6b:aa:67:a8:2f:ea:4d:85: da:ce:b0:ed:d3:3f:79:99:4e:37:d8:0d:e6:5e:58: b2:73:05:cc:cd:e5:93:a3:a4:d5:3f:70:51:12:f3: 85:28:15:c9:19:65:2c:46:20:63:7c:14:de:f9:3c: 8a:af:9e:63:2b:8a:b6:da:93:75:22:5e:96:19:d6: 0f:fc:3d:d8:16:26:3b:e8:d9:ea:4a:77:89:13:d1: 21:2f:23:4d:60:c4:ca:cd:e0:df:9f:e8:c4:b0:54: 81:e8:f7:14:84:3c:7a:cb:ae:b6:74:73:c7:eb:a4: 9c:67:1b:3f:92:98:ea:c0:bc:b9:db:34:14:28:2e: 41:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:BC:DB:1D:0F:AD:FF:1F:97:94:64:70:6A:F1:0B:19:7E:B9:66:0B X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 07:53:ae:08:6c:22:8f:b2:54:d0:a1:9c:0a:e1:8b:46:b1:f3: 19:80:91:01:eb:77:22:79:2c:6d:d0:df:56:ee:29:fa:de:07: f3:b8:64:42:d7:29:22:9b:42:85:59:29:46:35:20:b7:a4:2c: ec:8e:7e:f8:8a:af:fb:54:c4:f1:d4:8a:94:72:2a:6e:c9:c7: 09:41:64:64:16:a4:b2:0c:77:e0:21:e0:89:74:2d:96:85:40: cc:00:21:bb:5f:bb:9c:59:f4:d4:a1:ca:44:4e:2e:93:a4:0b: 10:07:43:5d:51:70:dd:3a:84:ab:11:fe:ca:c1:67:ff:17:c9: ea:0d:16:bb:02:2a:95:e2:5a:f7:f1:ba:b5:7c:0c:9c:91:9f: 42:bf:00:ef:3d:6c:99:91:9c:4f:81:62:f8:32:e4:12:ed:cf: d9:eb:aa:02:22:fc:b9:f8:2c:d0:bf:ad:44:56:8b:06:1a:34: e0:94:9a:32:cb:75:81:72:9c:68:06:d7:63:8d:44:af:d1:29: b3:2c:42:7d:5f:96:85:69:4a:d0:be:7a:11:a2:3f:5e:63:b3: e0:4f:1b:0b:fb:0a:67:4b:80:d6:8b:5d:20:43:21:ad:c4:03: 0c:89:e7:6b:da:18:31:90:eb:1a:04:eb:8a:81:61:c2:43:39: 41:4f:af:3e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVBBIAyIamTss9bhjveT5EE+lCCgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDA1MVoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAMTI5MzMyNzAwYmUwNDM1NzdmOWIx NmUwNTBjMjkzMGYxMTFiODEzOTQwZGY0MWI1ZDU0NTgzYTYyYzcxYmNlYzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY1vSnV1gAS6WDd6DV8pjYaITly2 hIvpAZovLStiB/8hS2j9UF2FUMazEnlKahKlcDiTDrBfTYHblBqvTJbklS0MeCHG rB5xrpfpxCU6yMX9BpX1CaNPr9ppaVoCgM5SIvLNZh8xDChzn8mC8NkWycFT2SyD jc9aKyeTDiQ8a6pnqC/qTYXazrDt0z95mU432A3mXliycwXMzeWTo6TVP3BREvOF KBXJGWUsRiBjfBTe+TyKr55jK4q22pN1Il6WGdYP/D3YFiY76NnqSneJE9EhLyNN YMTKzeDfn+jEsFSB6PcUhDx6y662dHPH66ScZxs/kpjqwLy52zQUKC5B4wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGK82x0Prf8fl5RkcGrxCxl+uWYLMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBAAdTrghsIo+yVNChnArh i0ax8xmAkQHrdyJ5LG3Q31buKfreB/O4ZELXKSKbQoVZKUY1ILekLOyOfviKr/tU xPHUipRyKm7JxwlBZGQWpLIMd+Ah4Il0LZaFQMwAIbtfu5xZ9NShykROLpOkCxAH Q11RcN06hKsR/srBZ/8XyeoNFrsCKpXiWvfxurV8DJyRn0K/AO89bJmRnE+BYvgy 5BLtz9nrqgIi/Ln4LNC/rURWiwYaNOCUmjLLdYFynGgG12ONRK/RKbMsQn1floVp StC+ehGiP15js+BPGwv7CmdLgNaLXSBDIa3EAwyJ52vaGDGQ6xoE64qBYcJDOUFP rz4= -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:46 2025 by rpki-client