This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31f4f319-e479-493d-8b78-4861fcc44015.roa File: 31f4f319-e479-493d-8b78-4861fcc44015.roa (raw, json) Hash identifier: 6gKGAZ/wpppEVo5snY2cA7Ojp+90vSmRJ1tfir9ZX9g= Subject key identifier: C5:1A:70:06:44:3C:F6:82:67:D4:A8:BC:A8:CF:9D:40:A2:04:11:83 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E09514705F8C749C9BAEB634BA837DD74D561DB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31f4f319-e479-493d-8b78-4861fcc44015.roa Signing time: Sun 07 Dec 2025 00:00:36 +0000 ROA not before: Sun 07 Dec 2025 00:00:36 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.52.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 17:37:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:09:51:47:05:f8:c7:49:c9:ba:eb:63:4b:a8:37:dd:74:d5:61:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 7 00:00:36 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=2d2e822b33f9d795309859964b4ed28e84f9927dace13ca4a2169bfe729a6697, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ce:bf:a1:86:12:a8:70:31:0e:70:e7:1e:10: 1a:50:6d:ce:f7:17:56:f9:95:7d:27:40:0c:c5:23: 2e:a5:00:47:f4:c5:9f:82:5e:69:87:bc:02:ec:63: 73:21:6c:63:d9:90:c0:39:bb:68:15:c8:7c:42:1f: 5f:5c:93:6f:77:f3:88:aa:bd:d5:9c:28:49:51:04: 84:f6:af:c0:56:9f:b3:e7:2e:64:66:e5:d0:78:ed: 1b:bd:e8:84:9d:70:5d:e7:6e:ac:0b:06:c6:03:41: 88:8c:df:0f:4b:be:ba:65:fe:4e:c5:24:5e:b9:dc: 3e:6d:85:f8:10:e8:fb:52:e1:02:68:00:c7:e1:83: 3e:4c:af:51:1d:1e:e1:61:95:25:39:c7:b7:65:3b: bd:47:16:4d:40:4d:07:b9:4a:40:19:c2:42:38:65: aa:88:01:e7:2b:51:34:59:ee:c4:3e:62:35:4f:04: b0:85:d5:8d:74:4a:ef:10:92:c4:06:0e:7a:a5:2f: 1c:f3:63:15:c5:89:6c:5d:69:ca:0f:41:7e:e7:97: 19:a2:6a:8a:ea:ab:6e:b7:9e:51:16:80:36:a1:51: 86:59:a3:22:b6:60:22:f8:05:86:b0:f5:c9:fa:0e: fd:ed:91:ee:19:21:87:e4:7e:28:a4:2e:5a:21:aa: d8:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:1A:70:06:44:3C:F6:82:67:D4:A8:BC:A8:CF:9D:40:A2:04:11:83 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31f4f319-e479-493d-8b78-4861fcc44015.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.52.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:c8:62:11:66:90:9d:7c:20:22:51:21:31:9a:d2:92:9a:fd: e6:f6:a0:f9:8f:a0:2b:79:23:e7:80:29:5c:84:6e:12:49:6a: b1:80:ff:90:f1:7a:37:e7:10:1a:37:b9:39:d7:6a:ab:39:f4: 42:24:0d:72:8c:b4:1b:c4:78:fd:d2:43:3e:5a:5b:bc:65:4a: da:52:9f:69:57:03:8d:93:ea:3c:cd:bd:13:85:a8:6d:7c:4e: 92:e0:24:63:63:c8:2c:ae:30:d8:9b:11:16:86:ba:48:ac:5f: 79:62:be:be:89:d6:1f:17:98:6b:1d:ce:85:36:e1:2f:c4:d2: 90:bd:a5:a5:20:f9:d3:a0:ab:01:46:d2:82:41:d6:99:85:8c: 73:e2:d5:8f:51:ba:ac:7a:4d:29:f6:e6:09:84:a9:e5:c2:84: c0:d9:81:d8:8a:4a:43:3f:f8:12:40:d8:9c:aa:91:c2:56:5b: 3a:38:ff:c6:e0:2d:8a:1e:b2:ec:ee:fd:93:42:59:a0:49:ce: a0:16:e5:d9:63:65:00:e8:47:25:6d:6c:bc:41:39:73:e9:df: 0a:a6:93:ca:9e:d5:af:8b:44:a5:85:01:6d:61:70:6f:d3:ba: 2e:23:30:c9:15:fe:66:16:d7:0b:9d:d4:47:82:9d:f6:03:69: b5:98:c2:43 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUPglRRwX4x0nJuutjS6g33XTVYdswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwNzAwMDAzNloX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAMmQyZTgyMmIzM2Y5ZDc5NTMwOTg1 OTk2NGI0ZWQyOGU4NGY5OTI3ZGFjZTEzY2E0YTIxNjliZmU3MjlhNjY5NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv86/oYYSqHAxDnDnHhAaUG3O9xdW +ZV9J0AMxSMupQBH9MWfgl5ph7wC7GNzIWxj2ZDAObtoFch8Qh9fXJNvd/OIqr3V nChJUQSE9q/AVp+z5y5kZuXQeO0bveiEnXBd526sCwbGA0GIjN8PS766Zf5OxSRe udw+bYX4EOj7UuECaADH4YM+TK9RHR7hYZUlOce3ZTu9RxZNQE0HuUpAGcJCOGWq iAHnK1E0We7EPmI1TwSwhdWNdErvEJLEBg56pS8c82MVxYlsXWnKD0F+55cZomqK 6qtut55RFoA2oVGGWaMitmAi+AWGsPXJ+g797ZHuGSGH5H4opC5aIarYowIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMUacAZEPPaCZ9SovKjPnUCiBBGDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMxZjRmMzE5LWU0NzktNDkzZC04Yjc4LTQ4NjFmY2M0NDAxNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A0MA0GCSqGSIb3DQEBCwUAA4IBAQB8yGIRZpCdfCAiUSExmtKS mv3m9qD5j6AreSPngClchG4SSWqxgP+Q8Xo35xAaN7k512qrOfRCJA1yjLQbxHj9 0kM+Wlu8ZUraUp9pVwONk+o8zb0ThahtfE6S4CRjY8gsrjDYmxEWhrpIrF95Yr6+ idYfF5hrHc6FNuEvxNKQvaWlIPnToKsBRtKCQdaZhYxz4tWPUbqsek0p9uYJhKnl woTA2YHYikpDP/gSQNicqpHCVls6OP/G4C2KHrLs7v2TQlmgSc6gFuXZY2UA6Ecl bWy8QTlz6d8KppPKntWvi0SlhQFtYXBv07ouIzDJFf5mFtcLndRHgp32A2m1mMJD -----END CERTIFICATE-----Generated at Sat Dec 20 16:01:12 2025 by rpki-client