This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa File: 3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa (raw, json) Hash identifier: OKpnsf6UGTaT1NG1RYx1qdBY9TSJQqRzfvmUIaNjoqw= Subject key identifier: A5:59:9F:A2:18:2C:9A:9C:A1:C9:79:F0:F4:27:E8:8E:F7:A4:0A:BD Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 3CF2409605A0D2BE7969BA7DF36013F94B9C28FA Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa Signing time: Sat 06 Dec 2025 00:00:32 +0000 ROA not before: Sat 06 Dec 2025 00:00:32 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:f2:40:96:05:a0:d2:be:79:69:ba:7d:f3:60:13:f9:4b:9c:28:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Dec 6 00:00:32 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=e31ae11b79bd6ee5229388416323947e69b6d708985eb4856d19acdb4b389413, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b5:13:eb:f7:f5:52:c1:5f:fd:24:2b:46:ed: 9c:e7:00:5b:1b:06:12:9b:41:2b:2a:a1:12:01:5f: 46:88:e7:b4:a0:55:15:c5:31:a3:81:43:90:cd:80: 4e:bb:84:aa:88:55:6b:9f:e6:c9:be:74:b1:90:39: 61:15:c4:5f:fa:9d:0d:9d:6c:2a:da:b9:20:96:46: 9e:ee:50:81:cc:4d:64:6c:7a:3a:9f:01:85:9b:15: 3a:44:39:39:62:37:20:1d:a9:1a:7c:95:24:fa:5a: bb:aa:58:c5:4a:dc:ad:cf:a1:cc:43:22:a4:58:45: f9:e8:64:59:76:0f:0c:3e:73:be:7e:1b:91:06:69: 20:04:9b:9d:69:75:cd:7b:fa:85:96:65:24:7a:16: 75:5a:ba:2d:4e:63:f4:05:28:98:d3:ba:de:e2:7c: 7e:56:bc:e7:e9:eb:38:20:8a:93:fb:bd:67:f8:bd: f8:d9:be:82:9f:f6:9b:dc:da:40:c6:10:36:ad:7b: f6:86:77:37:a7:2c:b4:53:2d:f6:e4:90:c9:de:7c: f7:47:63:1f:ad:3c:2d:cb:40:ca:55:b7:17:6e:f4: 1c:79:00:32:83:7b:d1:f5:9a:ce:cb:7b:b2:60:1b: fd:8c:58:b8:86:aa:25:36:46:72:58:31:cf:e0:ef: c2:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:59:9F:A2:18:2C:9A:9C:A1:C9:79:F0:F4:27:E8:8E:F7:A4:0A:BD X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.224.0/21 Signature Algorithm: sha256WithRSAEncryption b9:6e:06:dd:34:bb:40:e8:02:73:66:fd:38:1f:2b:b0:9a:6f: cd:fd:3f:25:e1:a0:5f:95:ef:60:9b:0f:fa:f4:45:4e:bd:b0: 93:4c:ab:81:30:ec:df:35:b6:c3:b7:7a:01:07:8c:f0:2a:3e: 42:e7:40:20:0c:0c:a2:f7:79:1a:5c:9a:71:f2:84:b4:c6:7e: 01:ca:0f:79:61:cf:7f:9b:fb:d1:ae:6d:9e:84:ee:65:b5:b6: 9e:a5:8c:57:db:9a:31:4a:f3:33:fd:ff:95:6e:e3:f7:f9:c9: 01:44:21:e2:50:70:c7:2a:9e:59:27:80:3f:f1:bb:af:65:a2: 1e:5c:5a:de:d8:ab:c8:4b:78:3d:35:fe:97:4d:bb:8b:6f:6d: 82:be:ec:d0:eb:e6:96:81:af:4b:e8:e3:e2:f0:3e:71:a7:89: 49:8a:4e:b6:4f:42:cb:14:e6:18:3f:2f:ad:87:1b:20:f2:e1: 80:e7:69:93:1f:a6:0f:88:28:c8:02:8d:85:c7:ec:1f:92:0f: 6f:19:77:de:65:27:bb:7a:15:d4:06:fd:da:80:45:c8:ce:d2: f5:30:b7:52:d9:9f:f6:05:7f:49:ed:f4:77:ea:4c:35:25:37: 88:0d:26:80:98:79:e9:99:47:19:cd:5f:b0:54:d3:a6:41:0a: 09:68:e2:f5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUPPJAlgWg0r55abp982AT+UucKPowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTIwNjAwMDAzMloX DTI2MDMwNjIzNTk1OVowejFJMEcGA1UEBRNAZTMxYWUxMWI3OWJkNmVlNTIyOTM4 ODQxNjMyMzk0N2U2OWI2ZDcwODk4NWViNDg1NmQxOWFjZGI0YjM4OTQxMzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27UT6/f1UsFf/SQrRu2c5wBbGwYS m0ErKqESAV9GiOe0oFUVxTGjgUOQzYBOu4SqiFVrn+bJvnSxkDlhFcRf+p0NnWwq 2rkglkae7lCBzE1kbHo6nwGFmxU6RDk5YjcgHakafJUk+lq7qljFStytz6HMQyKk WEX56GRZdg8MPnO+fhuRBmkgBJudaXXNe/qFlmUkehZ1WrotTmP0BSiY07re4nx+ Vrzn6es4IIqT+71n+L342b6Cn/ab3NpAxhA2rXv2hnc3pyy0Uy325JDJ3nz3R2Mf rTwty0DKVbcXbvQceQAyg3vR9ZrOy3uyYBv9jFi4hqolNkZyWDHP4O/CUQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKVZn6IYLJqcocl58PQn6I73pAq9MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzNiOTQwZDE0LWI4YzQtNGMzZC05NzhmLWExYTNiN2EwYTgyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDryngMA0GCSqGSIb3DQEBCwUAA4IBAQC5bgbdNLtA6AJzZv04Hyuw mm/N/T8l4aBfle9gmw/69EVOvbCTTKuBMOzfNbbDt3oBB4zwKj5C50AgDAyi93ka XJpx8oS0xn4Byg95Yc9/m/vRrm2ehO5ltbaepYxX25oxSvMz/f+VbuP3+ckBRCHi UHDHKp5ZJ4A/8buvZaIeXFre2KvIS3g9Nf6XTbuLb22CvuzQ6+aWga9L6OPi8D5x p4lJik62T0LLFOYYPy+thxsg8uGA52mTH6YPiCjIAo2Fx+wfkg9vGXfeZSe7ehXU Bv3agEXIztL1MLdS2Z/2BX9J7fR36kw1JTeIDSaAmHnpmUcZzV+wVNOmQQoJaOL1 -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:48 2025 by rpki-client