This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: 5/dXc6JsS7wzh+Mc8Mc6k0FXXEJF+Hu41Zf5FEaxhMg= Subject key identifier: CC:59:9A:59:3D:B8:0D:97:49:56:60:66:14:79:D2:86:95:53:2F:52 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 07E039EDBCED6F64C6EAE89769D243CF88F0DE9D Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Tue 18 Nov 2025 00:00:09 +0000 ROA not before: Tue 18 Nov 2025 00:00:09 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Dec 2025 00:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:e0:39:ed:bc:ed:6f:64:c6:ea:e8:97:69:d2:43:cf:88:f0:de:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Nov 18 00:00:09 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=9bc39e13b6c0e54ecd59a558366567e36e627f3ad8296d144584aea4034abd0a, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:1a:89:dd:49:41:de:0d:28:93:bf:67:f2:0a: d1:88:cd:66:8e:0c:ab:ba:7b:d3:28:46:dc:74:01: 02:7a:26:fb:d9:b8:e6:10:fa:1c:b7:ad:f1:74:8b: 24:aa:d8:0f:5b:6d:ec:e5:7c:48:aa:fa:85:f3:31: a9:de:b7:74:00:76:71:a8:27:f8:77:72:3a:bd:d6: ab:21:18:23:cc:f8:03:f7:dc:d2:aa:0b:fb:80:8a: 05:4b:e1:86:16:c0:9c:44:2f:ff:22:8b:c1:83:c2: 50:6e:40:12:dd:31:b0:a8:4e:86:ff:a7:f4:c2:fb: 70:e5:45:c5:d4:df:10:89:ce:db:8b:0f:47:4b:fb: 55:73:a8:98:cf:6c:39:73:a7:e8:01:7c:a0:4b:44: da:82:e9:bc:5c:21:ee:ac:6a:bc:03:98:62:d0:d5: 20:51:d1:4b:f7:48:d7:75:c2:ab:1f:5b:3d:db:07: 32:61:fe:ec:f2:9d:2f:eb:c5:a2:3f:7b:76:f8:5a: 3b:7c:f2:96:80:c4:9a:21:87:73:04:ab:3e:87:3e: 12:a4:fa:99:c0:38:c4:c1:99:d3:16:7e:9c:f1:b1: 21:ae:36:13:8d:b8:14:98:18:b5:1e:08:b8:a0:8c: 44:78:48:1d:08:80:d2:3d:3b:12:6e:eb:0a:62:da: b9:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:59:9A:59:3D:B8:0D:97:49:56:60:66:14:79:D2:86:95:53:2F:52 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 17:36:37:fe:48:bf:f7:36:83:42:e5:a0:7d:65:57:cf:a6:1a: d4:b7:06:8e:98:44:f1:3e:55:46:eb:f8:b1:2f:eb:da:89:9f: 5b:22:a6:69:7d:07:01:62:98:b2:71:19:14:77:37:e3:8e:ff: 52:20:26:d1:07:c3:64:76:15:84:51:da:e6:81:c5:b9:0f:7d: 0f:db:40:67:07:cd:92:75:16:bf:30:d1:d3:fb:ca:f9:5c:06: 10:4a:97:0f:3a:f9:3c:57:5e:a1:c2:0d:00:3d:e9:76:7c:ab: f7:4a:94:8e:fa:6e:a8:66:b1:5e:29:2f:40:53:2a:04:5d:5d: a7:4c:8d:e2:c1:6d:5e:46:ab:a7:33:84:75:88:1d:f4:73:ee: 6c:2a:0f:cd:6d:1a:99:3c:92:85:5c:4f:07:db:bc:87:e7:cb: 26:df:b4:af:dc:14:34:0f:79:f2:8f:b2:d8:5e:8f:de:f9:1c: 47:56:8a:88:b1:9c:fb:ad:2f:ba:85:02:4e:89:f8:11:19:60: c7:4f:92:27:8b:54:15:e1:f6:70:36:6c:17:a4:47:32:c6:dd: 5a:46:85:c8:a3:9f:9a:10:21:c2:1a:48:b1:47:2b:07:2e:8d: 40:61:74:d5:1b:2b:9d:ab:45:6f:20:fc:a9:e2:dd:1a:7a:c8: 00:9c:37:86 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUB+A57bztb2TG6uiXadJDz4jw3p0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTExODAwMDAwOVoX DTI2MDIxNjIzNTk1OVowejFJMEcGA1UEBRNAOWJjMzllMTNiNmMwZTU0ZWNkNTlh NTU4MzY2NTY3ZTM2ZTYyN2YzYWQ4Mjk2ZDE0NDU4NGFlYTQwMzRhYmQwYTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohqJ3UlB3g0ok79n8grRiM1mjgyr unvTKEbcdAECeib72bjmEPoct63xdIskqtgPW23s5XxIqvqF8zGp3rd0AHZxqCf4 d3I6vdarIRgjzPgD99zSqgv7gIoFS+GGFsCcRC//IovBg8JQbkAS3TGwqE6G/6f0 wvtw5UXF1N8Qic7biw9HS/tVc6iYz2w5c6foAXygS0Tagum8XCHurGq8A5hi0NUg UdFL90jXdcKrH1s92wcyYf7s8p0v68WiP3t2+Fo7fPKWgMSaIYdzBKs+hz4SpPqZ wDjEwZnTFn6c8bEhrjYTjbgUmBi1Hgi4oIxEeEgdCIDSPTsSbusKYtq5swIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMxZmlk9uA2XSVZgZhR50oaVUy9SMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQAXNjf+SL/3NoNC5aB9ZVfP phrUtwaOmETxPlVG6/ixL+vaiZ9bIqZpfQcBYpiycRkUdzfjjv9SICbRB8NkdhWE UdrmgcW5D30P20BnB82SdRa/MNHT+8r5XAYQSpcPOvk8V16hwg0APel2fKv3SpSO +m6oZrFeKS9AUyoEXV2nTI3iwW1eRqunM4R1iB30c+5sKg/NbRqZPJKFXE8H27yH 58sm37Sv3BQ0D3nyj7LYXo/e+RxHVoqIsZz7rS+6hQJOifgRGWDHT5Ini1QV4fZw NmwXpEcyxt1aRoXIo5+aECHCGkixRysHLo1AYXTVGyudq0VvIPyp4t0aesgAnDeG -----END CERTIFICATE-----Generated at Sat Dec 6 19:01:04 2025 by rpki-client