This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json) Hash identifier: 85USFsqEMBod0bN06wcE03tX8+QKAgWRaxIJJgW4WhQ= Subject key identifier: 0D:91:C5:EA:55:38:BD:B3:2F:91:C0:23:20:D0:BA:67:5A:AB:5E:49 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4A439CE27785CFF07398A7F9E9449D530EC3FDA8 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa Signing time: Wed 12 Nov 2025 00:00:14 +0000 ROA not before: Wed 12 Nov 2025 00:00:14 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:43:9c:e2:77:85:cf:f0:73:98:a7:f9:e9:44:9d:53:0e:c3:fd:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:14 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=c603199cbaededf9aebe5c087a02d485317c4b230773cd24801b12ef5a467087, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:05:45:88:24:c4:24:e3:f0:1a:ee:e7:6d:89: e7:a9:6c:ba:6b:ff:5f:48:aa:92:31:c0:72:e7:ba: 36:fb:88:8d:a2:92:49:1b:0c:90:08:05:8f:44:56: d3:83:24:25:be:8f:8e:fe:72:92:7d:0d:2f:a6:45: 20:50:a1:89:21:c6:56:57:45:f1:98:23:47:85:5c: 5f:a0:cf:26:f2:01:08:14:eb:90:68:2f:d6:99:89: 48:45:f5:84:e1:f2:9f:6f:2a:44:7b:89:9a:aa:f8: fb:ce:fe:cb:0e:2f:75:96:3a:81:2d:9f:04:b7:6a: 8e:fa:9c:88:75:63:77:92:84:f3:d5:d9:dc:82:e4: e6:e3:af:46:cf:59:6e:82:97:30:5f:d2:61:b5:2c: 54:76:a6:0a:2f:84:00:94:90:3d:2f:11:4c:36:9a: 0b:81:bf:a1:5b:48:3e:04:f9:78:a4:08:a2:d9:f8: cf:29:eb:ed:f4:4e:44:c7:d1:8b:58:c1:9b:6f:a9: 23:61:d1:74:7f:d1:ef:26:85:32:39:88:da:20:e4: e7:d5:4b:00:8b:5d:33:cd:e8:e0:5b:0b:7c:be:e0: 8e:05:70:19:41:2a:11:14:b8:d4:ac:db:ff:64:1c: 55:1b:0e:49:10:27:86:16:6c:64:91:03:c9:3d:0f: 70:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:91:C5:EA:55:38:BD:B3:2F:91:C0:23:20:D0:BA:67:5A:AB:5E:49 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:4000::/40 Signature Algorithm: sha256WithRSAEncryption 6d:86:a8:5a:eb:fd:91:57:38:2d:9b:71:68:85:a4:22:98:1f: 53:2a:74:c9:29:01:0c:82:d0:b8:45:fc:9d:07:23:cd:3e:b3: 3f:c1:12:da:25:08:fa:ff:b1:5f:af:c3:f2:93:50:d5:68:28: 26:71:84:44:6d:12:24:e4:ff:79:e9:32:37:80:84:53:90:e4: 07:b7:c5:b4:bc:20:62:31:83:11:83:4d:e8:63:5a:a8:bf:98: 8f:af:a8:12:d4:e6:00:e4:a2:bb:0c:66:ba:26:7d:8b:48:a3: 0a:27:d6:63:dd:a5:23:5d:5f:ab:88:35:34:c5:72:49:06:02: d4:80:19:f8:f7:86:c8:68:db:25:b4:9b:79:24:d1:ca:de:3c: e0:cf:7b:40:75:b9:7f:17:87:01:da:ef:85:45:72:06:e7:45: 54:93:96:05:b7:0b:f1:6d:ac:e9:51:dc:45:3f:88:54:c7:05: 37:cc:46:f4:05:93:27:47:c0:01:04:11:75:60:14:fa:c4:af: 31:e5:fd:8a:17:12:df:39:e7:54:f2:82:d8:22:5e:c4:7d:b2: 4c:ce:87:f5:00:12:d6:3b:05:00:64:96:e4:e0:17:7c:09:e6: 6a:fb:03:e6:ff:59:40:b7:30:a2:1a:ab:52:a2:a8:1f:58:ce: 4e:95:b3:62 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSkOc4neFz/BzmKf56USdUw7D/agwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDAxNFoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAYzYwMzE5OWNiYWVkZWRmOWFlYmU1 YzA4N2EwMmQ0ODUzMTdjNGIyMzA3NzNjZDI0ODAxYjEyZWY1YTQ2NzA4NzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgVFiCTEJOPwGu7nbYnnqWy6a/9f SKqSMcBy57o2+4iNopJJGwyQCAWPRFbTgyQlvo+O/nKSfQ0vpkUgUKGJIcZWV0Xx mCNHhVxfoM8m8gEIFOuQaC/WmYlIRfWE4fKfbypEe4maqvj7zv7LDi91ljqBLZ8E t2qO+pyIdWN3koTz1dncguTm469Gz1lugpcwX9JhtSxUdqYKL4QAlJA9LxFMNpoL gb+hW0g+BPl4pAii2fjPKevt9E5Ex9GLWMGbb6kjYdF0f9HvJoUyOYjaIOTn1UsA i10zzejgWwt8vuCOBXAZQSoRFLjUrNv/ZBxVGw5JECeGFmxkkQPJPQ9wLwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA2RxepVOL2zL5HAIyDQumdaq15JMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBAG2GqFrr/ZFXOC2bcWiF pCKYH1MqdMkpAQyC0LhF/J0HI80+sz/BEtolCPr/sV+vw/KTUNVoKCZxhERtEiTk /3npMjeAhFOQ5Ae3xbS8IGIxgxGDTehjWqi/mI+vqBLU5gDkorsMZromfYtIowon 1mPdpSNdX6uINTTFckkGAtSAGfj3hsho2yW0m3kk0crePODPe0B1uX8XhwHa74VF cgbnRVSTlgW3C/FtrOlR3EU/iFTHBTfMRvQFkydHwAEEEXVgFPrErzHl/YoXEt85 51TygtgiXsR9skzOh/UAEtY7BQBkluTgF3wJ5mr7A+b/WUC3MKIaq1KiqB9Yzk6V s2I= -----END CERTIFICATE-----Generated at Sat Dec 6 10:57:50 2025 by rpki-client