This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa File: 2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa (raw, json) Hash identifier: 3TCoeMgyQZ105dl1yxtBRlmKtn+eGvM0lLYZ5Z6/OOs= Subject key identifier: CE:7F:70:7B:E0:41:3B:CA:60:56:3E:23:23:54:25:EB:0A:23:03:A0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1FAFF719D2B36E0B00A72269574D7A680269425B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa Signing time: Mon 08 Dec 2025 00:00:04 +0000 ROA not before: Mon 08 Dec 2025 00:00:04 +0000 ROA not after: Sun 08 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 17:38:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:af:f7:19:d2:b3:6e:0b:00:a7:22:69:57:4d:7a:68:02:69:42:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 8 00:00:04 2025 GMT Not After : Mar 8 23:59:59 2026 GMT Subject: serialNumber=4827728f32f19595ab71fb1878cc9ae056bc4af730f8c4fb31e2852058d21466, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:57:70:13:fc:5d:2f:19:8f:69:ed:4b:e1:64: 4e:88:c5:c3:e8:be:78:dd:9c:1c:9b:c1:65:28:e4: 72:f4:f5:00:fb:01:5e:84:a3:15:bc:c5:58:f3:85: c9:c8:ed:31:ad:d1:73:36:2f:b6:c9:e1:8c:02:97: 84:ba:09:58:a3:3f:e9:9d:c5:4f:73:c9:7d:02:cb: c7:4a:ed:7b:29:35:2f:da:24:8c:25:e5:03:58:a0: 74:73:07:81:69:b0:ee:54:9c:cc:92:65:be:58:10: c7:79:3c:3b:e1:da:7d:e0:5a:5e:27:76:47:b4:ad: 83:da:dc:1c:9c:a3:3d:d8:55:e6:bd:9e:57:67:9a: 3e:d7:a9:52:4f:65:34:ff:b3:32:92:e3:af:ff:b9: e5:84:f1:ed:36:45:b0:8f:45:d4:5d:29:48:9c:26: d4:63:ac:65:39:3b:d8:d6:65:0c:46:a7:1b:b6:0c: 47:92:52:e3:db:7a:41:11:c4:c1:8b:be:d1:4c:4c: ca:6a:48:37:e0:5f:28:f9:b3:62:53:9f:2e:2e:a7: 70:7a:23:22:f2:f8:1c:1d:0e:b0:6c:fc:90:d0:9e: 6c:a0:a4:fa:21:fe:2c:29:13:fa:2f:51:76:07:ef: 53:c1:93:f7:13:91:d0:b5:77:33:9f:cc:d1:16:3f: 2f:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:7F:70:7B:E0:41:3B:CA:60:56:3E:23:23:54:25:EB:0A:23:03:A0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:800::/40 Signature Algorithm: sha256WithRSAEncryption 79:24:ab:5b:ac:cf:01:da:b0:8a:4b:13:44:bb:a2:b4:40:df: 0b:f2:d2:08:80:06:8b:ec:14:f5:0d:f4:49:b2:35:2e:c6:ff: 40:68:6f:ee:69:7c:44:bb:cd:67:60:cb:3a:70:55:e9:8d:ba: 54:8b:13:f9:77:c0:64:bc:42:e4:38:3e:b3:e7:9d:67:b0:b2: c2:f3:c3:90:ca:eb:a4:ef:a3:fb:58:b6:03:fd:7d:96:69:9e: f1:54:2f:95:ac:ce:a3:81:a6:23:65:c1:35:bc:32:de:3e:3d: db:1b:a6:0a:e7:a0:db:88:31:81:b4:c1:1f:ce:a0:15:be:c7: 59:a4:09:ed:43:fb:4a:11:2d:c2:48:12:95:14:11:18:8e:26: 6c:17:d8:bd:47:0d:8f:7e:35:e3:b3:92:24:03:d9:2e:e6:1e: e9:24:a0:9f:ab:d6:e1:ce:70:b7:6d:06:57:4c:7e:db:ce:80: 74:ba:e0:79:7f:b1:b1:ab:67:5f:12:7b:15:cb:05:dc:6d:8a: 2c:b6:5d:1b:c4:9b:89:c4:cf:df:e0:4c:7a:93:46:25:50:e9: b6:57:f1:1f:9c:ca:36:d1:87:77:68:87:26:e0:f5:ea:b2:5c: 39:68:fc:56:6d:81:1c:d9:a5:5b:01:70:c8:ec:7f:60:cc:a6: de:2a:09:59 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUH6/3GdKzbgsApyJpV016aAJpQlswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwODAwMDAwNFoX DTI2MDMwODIzNTk1OVowejFJMEcGA1UEBRNANDgyNzcyOGYzMmYxOTU5NWFiNzFm YjE4NzhjYzlhZTA1NmJjNGFmNzMwZjhjNGZiMzFlMjg1MjA1OGQyMTQ2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqldwE/xdLxmPae1L4WROiMXD6L54 3Zwcm8FlKORy9PUA+wFehKMVvMVY84XJyO0xrdFzNi+2yeGMApeEuglYoz/pncVP c8l9AsvHSu17KTUv2iSMJeUDWKB0cweBabDuVJzMkmW+WBDHeTw74dp94FpeJ3ZH tK2D2twcnKM92FXmvZ5XZ5o+16lST2U0/7MykuOv/7nlhPHtNkWwj0XUXSlInCbU Y6xlOTvY1mUMRqcbtgxHklLj23pBEcTBi77RTEzKakg34F8o+bNiU58uLqdweiMi 8vgcHQ6wbPyQ0J5soKT6If4sKRP6L1F2B+9TwZP3E5HQtXczn8zRFj8vjQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM5/cHvgQTvKYFY+IyNUJesKIwOgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJjY2MyZmVjLWE3ZDItNDllZC04NDk3LTc1MzM4YzFiNTY4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7QgwDQYJKoZIhvcNAQELBQADggEBAHkkq1uszwHasIpLE0S7 orRA3wvy0giABovsFPUN9EmyNS7G/0Bob+5pfES7zWdgyzpwVemNulSLE/l3wGS8 QuQ4PrPnnWewssLzw5DK66Tvo/tYtgP9fZZpnvFUL5WszqOBpiNlwTW8Mt4+Pdsb pgrnoNuIMYG0wR/OoBW+x1mkCe1D+0oRLcJIEpUUERiOJmwX2L1HDY9+NeOzkiQD 2S7mHukkoJ+r1uHOcLdtBldMftvOgHS64Hl/sbGrZ18SexXLBdxtiiy2XRvEm4nE z9/gTHqTRiVQ6bZX8R+cyjbRh3dohybg9eqyXDlo/FZtgRzZpVsBcMjsf2DMpt4q CVk= -----END CERTIFICATE-----Generated at Mon Dec 22 00:55:23 2025 by rpki-client