This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: M3HD7bzIJdB8a4Cs2vkcHBLAoPDK9mihXpG6EjVPuNw= Subject key identifier: 71:DA:11:02:AA:F0:3C:EF:F3:32:B0:69:8C:5D:53:7F:EB:2E:CD:9D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0B9AE0DCEA86E080A151F4F5C442F341856E701E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Sat 06 Dec 2025 00:10:04 +0000 ROA not before: Sat 06 Dec 2025 00:10:04 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:9a:e0:dc:ea:86:e0:80:a1:51:f4:f5:c4:42:f3:41:85:6e:70:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 6 00:10:04 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=68005f5e07bd7278a72916222be02dbf8b1e9996ffcb8f24749bbf2205e4ab48, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:c5:dd:60:e2:f2:39:d0:3f:34:5d:be:ff:d0: 58:a0:66:23:4a:3e:b3:06:d9:19:3f:e8:2e:d8:b0: c4:de:f0:f1:4d:34:4e:83:b4:24:c4:a4:e5:e3:f8: cc:73:ed:d4:c7:4f:d4:9b:f4:15:13:0e:3b:a2:0e: 2a:c7:99:92:d7:c9:2b:c9:5b:ec:80:b5:45:56:75: c5:87:de:a7:98:e8:57:f8:34:6f:ef:63:b5:d7:1e: 36:95:41:d7:de:ec:17:13:2a:03:d8:eb:0d:6a:d8: 28:77:53:7a:c5:c6:65:b3:b2:ff:c7:ee:49:9d:89: bf:55:82:95:ce:01:43:bd:40:f4:cc:79:e8:92:b6: 4d:68:68:fb:b3:b9:a6:d4:80:84:74:ca:86:6b:86: 9e:9e:0b:6c:aa:b9:b0:64:4d:be:94:d1:f9:ad:ee: 96:af:3a:7a:0c:96:a6:69:68:4a:61:1c:91:a9:98: 8c:98:d3:30:a9:37:49:69:7d:e9:d8:98:f2:59:1f: e5:17:43:2c:13:43:2e:9c:8a:49:f7:f3:0f:4b:7e: 64:de:0e:3c:34:6e:ae:d8:40:48:d1:a2:8d:57:5f: a8:ac:74:56:cc:24:bc:39:e7:50:28:d9:d5:72:11: 66:6c:93:d4:75:ee:94:ec:04:b0:98:9c:7e:c4:0a: db:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:DA:11:02:AA:F0:3C:EF:F3:32:B0:69:8C:5D:53:7F:EB:2E:CD:9D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 04:9c:2c:a8:4e:55:da:67:0d:82:77:56:67:36:6a:c1:4d:d7: 7b:62:ba:f5:cf:1d:e5:79:1f:80:9c:9c:e6:3a:a4:cd:d9:1f: 92:8e:b4:1a:cd:ed:63:91:f7:a2:63:d0:6b:02:f4:46:44:39: ba:b7:31:a0:c8:39:fc:2f:13:48:ae:52:a9:16:c3:e8:8e:18: 57:aa:20:82:8c:09:33:f3:f7:ae:5d:8f:d2:e8:93:8f:f8:f1: 4a:d4:7f:bd:b1:d0:72:83:cb:a4:ce:d3:8e:d3:77:48:ee:cb: 9b:73:9f:c1:80:de:48:ec:30:67:f1:47:49:a6:77:b2:d1:bc: 50:6a:dd:48:27:4c:2d:5a:54:85:d2:18:bf:7e:d8:a9:0c:dd: ce:79:85:62:c4:ec:b5:d3:2d:5e:6b:2e:28:bd:33:b7:0d:34: 8e:65:d9:98:3e:0d:62:b7:ba:10:5d:73:7c:4c:4b:74:b2:8e: 0e:1f:49:a2:d1:4c:9c:15:d4:de:21:a8:6c:13:bd:37:6f:d7: 2a:52:c1:03:8a:1c:f4:ad:8b:96:f6:f2:76:0b:e6:05:04:a0: f4:f5:13:a3:d6:40:7e:36:79:f2:21:71:6d:29:b8:0c:7e:61: 30:b5:97:b6:58:34:24:66:0e:bf:67:e3:7b:26:7e:1e:dd:ec: aa:2e:a9:3b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUC5rg3OqG4IChUfT1xELzQYVucB4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNjAwMTAwNFoX DTI2MDMwNjIzNTk1OVowejFJMEcGA1UEBRNANjgwMDVmNWUwN2JkNzI3OGE3Mjkx NjIyMmJlMDJkYmY4YjFlOTk5NmZmY2I4ZjI0NzQ5YmJmMjIwNWU0YWI0ODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcXdYOLyOdA/NF2+/9BYoGYjSj6z BtkZP+gu2LDE3vDxTTROg7QkxKTl4/jMc+3Ux0/Um/QVEw47og4qx5mS18kryVvs gLVFVnXFh96nmOhX+DRv72O11x42lUHX3uwXEyoD2OsNatgod1N6xcZls7L/x+5J nYm/VYKVzgFDvUD0zHnokrZNaGj7s7mm1ICEdMqGa4aengtsqrmwZE2+lNH5re6W rzp6DJamaWhKYRyRqZiMmNMwqTdJaX3p2JjyWR/lF0MsE0MunIpJ9/MPS35k3g48 NG6u2EBI0aKNV1+orHRWzCS8OedQKNnVchFmbJPUde6U7ASwmJx+xArbNwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHHaEQKq8Dzv8zKwaYxdU3/rLs2dMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQAEnCyoTlXaZw2Cd1ZnNmrB Tdd7Yrr1zx3leR+AnJzmOqTN2R+SjrQaze1jkfeiY9BrAvRGRDm6tzGgyDn8LxNI rlKpFsPojhhXqiCCjAkz8/euXY/S6JOP+PFK1H+9sdByg8ukztOO03dI7subc5/B gN5I7DBn8UdJpney0bxQat1IJ0wtWlSF0hi/ftipDN3OeYVixOy10y1eay4ovTO3 DTSOZdmYPg1it7oQXXN8TEt0so4OH0mi0UycFdTeIahsE703b9cqUsEDihz0rYuW 9vJ2C+YFBKD09ROj1kB+NnnyIXFtKbgMfmEwtZe2WDQkZg6/Z+N7Jn4e3eyqLqk7 -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:39 2025 by rpki-client