This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa File: fcc4293c-b24f-4fac-9395-546f748b3b13.roa (raw, json) Hash identifier: VqizH8nSH4M3Eap701XPPBCXcClnkjme0T3z9MCgsvw= Subject key identifier: 01:01:B0:7B:38:EF:88:80:CC:31:82:76:E5:D6:75:36:C6:DE:33:7A Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 418ACD7C83313D5B89B771E0E898128AB852CA24 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa Signing time: Wed 12 Nov 2025 00:00:15 +0000 ROA not before: Wed 12 Nov 2025 00:00:15 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:10:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:8a:cd:7c:83:31:3d:5b:89:b7:71:e0:e8:98:12:8a:b8:52:ca:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 12 00:00:15 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=43e071348bf58572dad931d5bbf5fe05ec1bd1e5e2066ff2bfef69f600355798, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:4e:43:70:ee:78:61:84:47:c5:4a:09:03:64: b7:20:c4:51:8d:51:eb:b3:33:7f:5c:f9:f4:aa:b2: a8:e2:06:9f:a5:1e:33:f1:b6:f4:08:85:29:f6:40: 46:03:8f:1b:bb:67:fa:9b:d3:03:43:33:ee:0f:4b: 40:60:96:9b:fb:c5:94:5f:28:34:3e:56:eb:6a:1e: fc:d9:55:ae:65:7b:b4:7f:d0:28:4f:81:49:5a:ee: 7d:c6:58:9f:5b:cc:9a:15:0d:68:06:0b:47:e5:a6: 38:fa:fb:51:b5:5a:8d:3f:96:0a:c5:48:89:b4:f5: cb:2a:00:df:39:c3:2b:52:59:48:ff:8f:02:22:f5: 9d:f2:f4:b7:c7:df:07:6a:cb:c7:08:c3:3f:95:47: 19:f2:04:c0:1f:eb:63:67:bf:d7:20:17:ed:5b:3f: 63:b6:0c:22:d4:ac:e3:db:0c:01:31:b8:bd:3a:81: 8e:56:7a:46:ad:03:37:22:ae:83:39:bc:01:8c:2b: 96:d2:b0:fc:49:de:70:e1:80:e9:d4:26:f2:25:46: 25:be:64:1a:69:ea:af:2c:c0:7b:9c:28:f9:ec:81: ad:f4:64:a6:d7:71:7f:92:48:8f:5c:32:04:ed:47: e7:f9:dd:04:2f:a2:99:a2:be:70:11:7f:1d:d6:21: 89:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:01:B0:7B:38:EF:88:80:CC:31:82:76:E5:D6:75:36:C6:DE:33:7A X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/38 Signature Algorithm: sha256WithRSAEncryption 48:9a:47:05:d8:ab:a7:6c:c1:bc:b3:7c:6e:ac:50:e9:1a:96: ad:07:fe:c3:41:58:a9:9e:eb:86:90:39:a9:25:5c:93:d8:50: 30:bc:f5:28:9f:77:ed:9c:07:81:6a:14:01:b8:9d:50:22:23: 0b:98:80:c9:f6:7f:d4:ad:6f:50:5c:43:da:0e:fc:6b:01:94: c4:6d:f4:90:05:e7:2d:69:27:ed:2d:c6:87:25:c4:64:dd:db: c7:c5:a1:fb:44:4b:0c:ee:8b:8e:04:48:ed:8f:1f:bf:d8:45: 35:16:cd:d6:49:3c:98:90:28:5b:f3:3c:18:06:09:76:65:2a: a2:12:51:61:b2:ff:4a:c9:d3:25:cf:1d:aa:99:fe:fc:e7:64: 7f:8c:47:6f:5d:a2:4b:f3:e9:70:cd:98:f6:51:63:62:8b:24: f9:8e:bb:f1:0f:74:30:54:99:81:98:1e:cd:37:fa:39:5a:a3: 5e:5e:8f:2e:00:d5:e1:13:fb:2d:49:08:4f:c7:e5:69:6a:5d: 74:26:5b:a4:84:02:11:4c:ce:a1:f7:c9:e3:c6:ed:16:4f:39: 15:ba:41:08:3e:92:73:f9:f6:d3:2b:b8:c0:a7:dd:4a:46:28: 6b:57:83:50:13:02:62:f8:79:f5:9d:24:29:fa:3e:a3:8e:90: f4:77:44:0a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQYrNfIMxPVuJt3Hg6JgSirhSyiQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMjAwMDAxNVoX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNANDNlMDcxMzQ4YmY1ODU3MmRhZDkz MWQ1YmJmNWZlMDVlYzFiZDFlNWUyMDY2ZmYyYmZlZjY5ZjYwMDM1NTc5ODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE5DcO54YYRHxUoJA2S3IMRRjVHr szN/XPn0qrKo4gafpR4z8bb0CIUp9kBGA48bu2f6m9MDQzPuD0tAYJab+8WUXyg0 Plbrah782VWuZXu0f9AoT4FJWu59xlifW8yaFQ1oBgtH5aY4+vtRtVqNP5YKxUiJ tPXLKgDfOcMrUllI/48CIvWd8vS3x98HasvHCMM/lUcZ8gTAH+tjZ7/XIBftWz9j tgwi1Kzj2wwBMbi9OoGOVnpGrQM3Iq6DObwBjCuW0rD8Sd5w4YDp1CbyJUYlvmQa aeqvLMB7nCj57IGt9GSm13F/kkiPXDIE7Ufn+d0EL6KZor5wEX8d1iGJpQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAEBsHs474iAzDGCduXWdTbG3jN6MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2ZjYzQyOTNjLWIyNGYtNGZhYy05Mzk1LTU0NmY3NDhiM2IxMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAEiaRwXYq6dswbyzfG6s UOkalq0H/sNBWKme64aQOaklXJPYUDC89Sifd+2cB4FqFAG4nVAiIwuYgMn2f9St b1BcQ9oO/GsBlMRt9JAF5y1pJ+0txoclxGTd28fFoftESwzui44ESO2PH7/YRTUW zdZJPJiQKFvzPBgGCXZlKqISUWGy/0rJ0yXPHaqZ/vznZH+MR29dokvz6XDNmPZR Y2KLJPmOu/EPdDBUmYGYHs03+jlao15ejy4A1eET+y1JCE/H5WlqXXQmW6SEAhFM zqH3yePG7RZPORW6QQg+knP59tMruMCn3UpGKGtXg1ATAmL4efWdJCn6PqOOkPR3 RAo= -----END CERTIFICATE-----Generated at Sat Dec 6 12:50:15 2025 by rpki-client