This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa File: c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa (raw, json) Hash identifier: cnI2/2sTX2AtPyLqXYhpSOeC0Gx3JedHh1yrd3lYyp4= Subject key identifier: F1:EF:07:A1:11:80:58:6F:22:B2:7D:AD:59:67:90:B3:19:3B:40:CC Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 102C1D2CB0ECB9E8972BC6BA0427D4DAC9524564 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa Signing time: Sun 07 Dec 2025 00:00:43 +0000 ROA not before: Sun 07 Dec 2025 00:00:43 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Dec 2025 00:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:2c:1d:2c:b0:ec:b9:e8:97:2b:c6:ba:04:27:d4:da:c9:52:45:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 7 00:00:43 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=27d232be180772365a353fe1db85d46ce194883bb34aa026858219504672749f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:08:6c:21:21:17:1b:a5:0b:74:04:3b:2c:e8: 98:3a:3c:4c:76:de:8c:05:53:74:3d:b8:05:c7:5a: 28:43:ad:83:c9:ab:a5:d1:34:66:56:bd:eb:2e:22: bd:b6:55:cc:be:39:8c:c1:f9:b6:53:9d:f1:f5:df: 9c:b1:81:0e:b9:bd:18:e1:e8:c7:ee:5a:3d:9d:c3: 2d:0f:c9:e2:21:8b:97:3b:ab:06:15:57:71:1f:45: 42:13:c3:c1:66:89:02:2a:de:c6:1c:6e:68:eb:72: d5:39:d2:4f:a8:19:84:c5:8d:e6:f6:21:85:b3:ce: 5b:c2:3c:47:53:01:db:88:3b:58:be:b2:c4:fa:65: a7:34:66:6f:98:2e:2d:09:83:de:87:fa:0a:6b:a1: 3c:47:e2:e6:54:21:3b:57:4d:65:78:9c:a4:70:c9: 80:a4:81:2d:11:5e:18:08:33:50:db:a1:af:81:72: bd:10:7a:5d:38:04:ea:1b:aa:00:f0:88:88:c4:41: d1:75:96:dc:43:25:25:ec:9a:f9:cc:5a:1c:e6:b0: 77:ea:04:63:0c:6f:85:cd:d5:3f:a0:8a:99:97:c7: 56:eb:7b:5f:f9:1a:38:9c:42:9e:d0:ee:3b:bb:ae: 78:dd:4d:f8:a5:4c:d1:99:f7:8d:4d:fc:02:fb:1b: a0:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:EF:07:A1:11:80:58:6F:22:B2:7D:AD:59:67:90:B3:19:3B:40:CC X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:40c0::/48 Signature Algorithm: sha256WithRSAEncryption b6:f6:d8:fe:1e:2c:eb:3f:6d:55:f5:20:4f:b4:78:4a:1e:cb: 41:53:f7:4c:3a:3b:d3:fc:09:c4:46:05:6a:15:25:dd:21:06: ad:c0:0d:5d:94:73:55:2a:ad:00:61:08:43:65:bb:80:ba:36: 01:56:d8:d5:32:6f:9a:9b:1b:b4:54:ce:1b:8e:4d:cf:e5:6d: a0:4c:47:8b:e6:b2:9e:d6:8c:90:de:f5:f4:dd:59:7a:8f:00: 6f:b9:57:f2:58:4a:e8:b2:df:73:a9:be:eb:1c:6e:9c:39:78: 76:8e:69:59:4d:3f:09:68:68:da:8f:3f:9c:e2:ee:e2:0f:66: 24:ca:dd:94:3a:7e:e9:e5:05:16:c5:30:47:8e:6b:f5:4a:1f: 2e:4a:0f:ca:a9:a0:4f:8b:3b:c6:88:6c:18:00:b9:d0:26:f1: 92:ab:9c:48:47:86:dc:a5:85:09:31:f6:64:7a:8b:b2:0d:30: 06:6e:ca:fe:8b:69:50:30:1c:0a:2c:45:c2:b6:89:5a:2d:2e: 53:81:a5:a0:d2:ae:24:10:77:50:b2:f3:24:50:c8:2a:df:24: 81:09:3f:d3:b5:47:64:40:34:ea:69:28:e7:4a:a4:35:9b:7a: 14:4c:ea:9e:fc:f2:6e:8f:15:84:05:f1:48:e7:ea:67:27:51: 62:3f:17:b4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUECwdLLDsueiXK8a6BCfU2slSRWQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNzAwMDA0M1oX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAMjdkMjMyYmUxODA3NzIzNjVhMzUz ZmUxZGI4NWQ0NmNlMTk0ODgzYmIzNGFhMDI2ODU4MjE5NTA0NjcyNzQ5ZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QhsISEXG6ULdAQ7LOiYOjxMdt6M BVN0PbgFx1ooQ62Dyaul0TRmVr3rLiK9tlXMvjmMwfm2U53x9d+csYEOub0Y4ejH 7lo9ncMtD8niIYuXO6sGFVdxH0VCE8PBZokCKt7GHG5o63LVOdJPqBmExY3m9iGF s85bwjxHUwHbiDtYvrLE+mWnNGZvmC4tCYPeh/oKa6E8R+LmVCE7V01leJykcMmA pIEtEV4YCDNQ26GvgXK9EHpdOATqG6oA8IiIxEHRdZbcQyUl7Jr5zFoc5rB36gRj DG+FzdU/oIqZl8dW63tf+Ro4nEKe0O47u6543U34pUzRmfeNTfwC+xugMQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPHvB6ERgFhvIrJ9rVlnkLMZO0DMMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M5ZjdkYmQyLTFjN2UtNDJlOC1hN2Y5LTAwYmQ3NmU3MDI0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0DAMA0GCSqGSIb3DQEBCwUAA4IBAQC29tj+HizrP21V9SBP tHhKHstBU/dMOjvT/AnERgVqFSXdIQatwA1dlHNVKq0AYQhDZbuAujYBVtjVMm+a mxu0VM4bjk3P5W2gTEeL5rKe1oyQ3vX03Vl6jwBvuVfyWErost9zqb7rHG6cOXh2 jmlZTT8JaGjajz+c4u7iD2Ykyt2UOn7p5QUWxTBHjmv1Sh8uSg/KqaBPizvGiGwY ALnQJvGSq5xIR4bcpYUJMfZkeouyDTAGbsr+i2lQMBwKLEXCtolaLS5TgaWg0q4k EHdQsvMkUMgq3ySBCT/TtUdkQDTqaSjnSqQ1m3oUTOqe/PJujxWEBfFI5+pnJ1Fi Pxe0 -----END CERTIFICATE-----Generated at Mon Dec 15 17:04:56 2025 by rpki-client