This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa File: c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa (raw, json) Hash identifier: QseDkVwJMcZhZsTyiyCW14dnlDqcpG2HW+azNRv2Rzw= Subject key identifier: A9:29:C4:EF:91:BA:95:C2:9B:CF:C2:D0:58:2A:55:A9:54:03:31:DF Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 45CA021F2D2C962BC77F74FD2380BD20FB5CC7FA Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa Signing time: Wed 12 Nov 2025 00:00:10 +0000 ROA not before: Wed 12 Nov 2025 00:00:10 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:ca:02:1f:2d:2c:96:2b:c7:7f:74:fd:23:80:bd:20:fb:5c:c7:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:10 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=988556bf2117ee8ecd7e5360ef4802f062e886eda0234d8eea9deb4d2de4ef4f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:71:fb:a4:28:fa:49:9c:e9:3c:26:d7:51:e7: b4:9f:df:41:64:f9:53:c7:70:da:3b:b6:31:43:15: 4d:70:b8:76:a3:c3:83:81:e5:c4:b8:e9:85:ae:ad: 92:7e:b3:82:7c:a7:3f:55:7e:68:60:ac:76:ed:d9: fc:55:16:1f:d0:ab:32:31:e9:d0:52:cd:88:a3:44: 6c:90:96:8d:f6:b3:ac:5b:c4:34:91:67:00:6c:e2: 1a:0c:54:79:92:bb:d3:ee:34:f4:08:17:3e:66:dd: fb:f1:6d:99:35:f5:0d:86:e2:2b:63:d2:d1:b3:cb: 7f:72:d8:0b:59:93:8f:2d:75:8b:de:45:70:8e:47: 55:ba:d0:59:a5:f4:56:c5:fb:25:a4:d8:a4:67:94: ae:58:d9:36:bf:69:ab:62:2e:1d:b9:5e:4f:e9:19: a5:12:fe:ad:fe:08:1e:04:b0:57:fb:4a:b4:ad:68: 3d:74:8c:b1:e7:93:32:f2:43:cc:85:dc:26:82:19: c6:94:80:00:1a:87:4b:51:f5:ea:bc:35:24:e8:3a: 22:6e:55:0b:42:8f:c1:9a:5f:77:1f:fe:49:6c:1c: 62:b8:9e:2a:de:97:60:44:c6:6a:06:b7:ac:ae:37: 5a:77:61:14:80:16:cd:31:d1:bd:0c:5b:39:3d:b1: 25:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:29:C4:EF:91:BA:95:C2:9B:CF:C2:D0:58:2A:55:A9:54:03:31:DF X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:40c0::/48 Signature Algorithm: sha256WithRSAEncryption a1:f3:be:d7:3c:3c:37:b3:70:09:44:e0:f9:35:22:f7:f8:82: bf:71:43:d6:c5:15:8b:76:f3:cf:c9:5e:d1:f3:7c:28:c5:af: e4:d0:9e:85:78:fc:9e:b0:2e:a0:74:c3:55:5b:fd:72:d7:bf: ed:46:6d:c8:8d:50:ca:81:48:b8:a2:4b:f0:68:a5:48:b1:9d: 1c:55:07:fc:6e:c5:7a:90:f2:c7:2a:15:d5:84:a8:36:c3:c9: ca:60:fc:5e:fb:f3:ee:18:d0:fc:c5:9c:e2:c8:a3:73:9b:c6: 79:ed:78:d6:6d:71:a7:01:78:65:77:b6:99:fb:bb:d1:d7:9b: f4:8f:3e:e5:a7:7e:1c:fb:76:3b:33:c6:6d:c3:87:86:b5:d7: 93:be:f9:27:ea:8e:67:d7:69:09:13:ed:d0:c9:6e:5b:b7:5f: d4:74:c8:ee:03:14:6a:b3:02:8b:f5:6a:95:0c:7b:4e:ab:5b: be:80:28:e1:ec:a2:53:7b:33:21:c7:ab:95:0a:da:5d:d2:d1: f1:f0:f6:56:1d:32:34:81:58:2b:fd:0d:16:b1:87:e6:78:ab: c4:26:0b:39:45:97:78:94:e8:a4:8b:42:0a:5e:56:eb:3a:9f: f4:6f:9d:06:ce:81:4c:0b:1d:65:80:fb:18:9f:b4:76:b1:dd: fc:d9:a9:f9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURcoCHy0slivHf3T9I4C9IPtcx/owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDAxMFoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNAOTg4NTU2YmYyMTE3ZWU4ZWNkN2U1 MzYwZWY0ODAyZjA2MmU4ODZlZGEwMjM0ZDhlZWE5ZGViNGQyZGU0ZWY0ZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHH7pCj6SZzpPCbXUee0n99BZPlT x3DaO7YxQxVNcLh2o8ODgeXEuOmFrq2SfrOCfKc/VX5oYKx27dn8VRYf0KsyMenQ Us2Io0RskJaN9rOsW8Q0kWcAbOIaDFR5krvT7jT0CBc+Zt378W2ZNfUNhuIrY9LR s8t/ctgLWZOPLXWL3kVwjkdVutBZpfRWxfslpNikZ5SuWNk2v2mrYi4duV5P6Rml Ev6t/ggeBLBX+0q0rWg9dIyx55My8kPMhdwmghnGlIAAGodLUfXqvDUk6DoiblUL Qo/Bml93H/5JbBxiuJ4q3pdgRMZqBresrjdad2EUgBbNMdG9DFs5PbElawIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKkpxO+RupXCm8/C0FgqValUAzHfMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M5ZjdkYmQyLTFjN2UtNDJlOC1hN2Y5LTAwYmQ3NmU3MDI0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0DAMA0GCSqGSIb3DQEBCwUAA4IBAQCh877XPDw3s3AJROD5 NSL3+IK/cUPWxRWLdvPPyV7R83woxa/k0J6FePyesC6gdMNVW/1y17/tRm3IjVDK gUi4okvwaKVIsZ0cVQf8bsV6kPLHKhXVhKg2w8nKYPxe+/PuGND8xZziyKNzm8Z5 7XjWbXGnAXhld7aZ+7vR15v0jz7lp34c+3Y7M8Ztw4eGtdeTvvkn6o5n12kJE+3Q yW5bt1/UdMjuAxRqswKL9WqVDHtOq1u+gCjh7KJTezMhx6uVCtpd0tHx8PZWHTI0 gVgr/Q0WsYfmeKvEJgs5RZd4lOiki0IKXlbrOp/0b50GzoFMCx1lgPsYn7R2sd38 2an5 -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:44 2025 by rpki-client