This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/671d95a3-c003-4a86-88c6-405cd8ceff9e.roa File: 671d95a3-c003-4a86-88c6-405cd8ceff9e.roa (raw, json) Hash identifier: kwpeGkLJMP8pK9BWwdG+FHCSwMgbEn5H8ldou52M94Q= Subject key identifier: 0E:A6:64:95:B4:AB:0E:06:81:EF:D3:B2:B3:F6:11:44:AF:98:A4:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B245687BE99875A5907C4766EAD8F488A0FD3A5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/671d95a3-c003-4a86-88c6-405cd8ceff9e.roa Signing time: Wed 10 Dec 2025 00:00:34 +0000 ROA not before: Wed 10 Dec 2025 00:00:34 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 17:37:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:24:56:87:be:99:87:5a:59:07:c4:76:6e:ad:8f:48:8a:0f:d3:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 10 00:00:34 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d74c363c7de61e8b33f59666419cda0d7a97dab0b9ac21c4936e0c9c4ef849e3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:2e:64:4c:3d:11:8d:50:f3:a0:fa:56:46:2e: 7e:d8:8f:cc:48:13:d8:3f:06:6d:fb:62:08:da:10: 11:ba:e8:ab:36:56:66:18:60:07:34:3f:b4:13:ca: 0a:50:e0:bc:49:e1:96:0f:6b:38:c8:c2:44:3d:4b: 07:15:5d:d9:c4:d5:8e:89:86:e4:c8:75:ca:cf:48: f8:79:d7:a3:42:72:25:d6:14:6e:86:cd:e2:5d:c0: 77:a3:74:be:37:46:cc:85:59:0b:18:ae:ba:db:b9: bc:73:d6:78:3c:7d:70:5c:41:a4:01:71:38:3d:71: 49:97:85:cd:b8:d4:46:74:c7:39:2f:e6:80:68:98: 8d:cc:63:18:39:c4:18:59:1e:c1:82:9d:b7:8d:55: 10:a0:8c:af:f9:2f:fb:50:69:e1:cb:f2:53:14:a4: ba:3b:4f:16:99:21:85:f8:52:4e:c4:19:6d:c4:c2: 78:25:cf:c2:ac:ef:82:3c:15:96:9a:3d:b1:87:f4: 3e:b4:2a:4d:df:5f:57:f9:03:e4:02:f0:2c:76:de: 1f:7c:ef:3e:a7:42:3f:70:da:87:ff:bd:d1:08:a3: 21:63:c7:99:f3:e7:25:41:9e:f9:1c:99:7f:6c:fc: 50:e3:ca:24:c1:eb:da:9d:2f:3f:b0:15:e6:b0:a4: 8a:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:A6:64:95:B4:AB:0E:06:81:EF:D3:B2:B3:F6:11:44:AF:98:A4:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/671d95a3-c003-4a86-88c6-405cd8ceff9e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:c800::/40 Signature Algorithm: sha256WithRSAEncryption 5f:c5:41:47:50:9d:af:86:13:22:8b:eb:d4:ff:dd:b5:e5:f7: 07:f7:8a:51:f9:64:6d:5b:06:4c:78:d5:5d:b0:56:e0:b8:43: 63:16:26:d5:75:46:ee:0a:91:b1:13:1f:76:51:9f:dc:63:74: aa:2b:23:1a:ac:3a:91:da:e0:20:a6:cf:31:dd:d8:00:19:40: 62:1c:96:fe:bf:33:db:3a:f5:52:e4:28:01:1e:5f:af:55:44: 0b:85:99:82:23:3b:17:b7:92:03:40:60:61:6e:1e:be:46:72: 3d:1e:4b:55:ad:ad:02:87:31:ff:7d:16:cf:ac:e7:f0:40:57: 3d:c2:da:c3:d9:ca:5d:cf:98:0a:f7:ad:4a:78:5e:86:6a:5b: 9f:26:6d:db:b0:2b:ab:d2:57:bc:87:cb:2c:52:db:95:90:3b: c0:ee:69:6d:0c:fd:53:86:52:a8:64:24:74:da:6f:07:26:34: 52:5e:85:b0:67:a6:87:3e:9d:bf:3b:cc:1c:f7:ce:f6:59:b0: 2d:e4:94:07:bb:0c:f2:40:29:6a:67:1b:f6:a6:2a:64:24:f7: 37:25:24:02:84:7e:25:35:9c:90:34:55:bd:7d:bc:92:f1:3a: 67:df:9c:14:c0:15:f0:9e:a4:6a:20:70:d6:ba:90:56:11:e9: 81:91:f0:6c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeyRWh76Zh1pZB8R2bq2PSIoP06UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIxMDAwMDAzNFoX DTI2MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZDc0YzM2M2M3ZGU2MWU4YjMzZjU5 NjY2NDE5Y2RhMGQ3YTk3ZGFiMGI5YWMyMWM0OTM2ZTBjOWM0ZWY4NDllMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui5kTD0RjVDzoPpWRi5+2I/MSBPY PwZt+2II2hARuuirNlZmGGAHND+0E8oKUOC8SeGWD2s4yMJEPUsHFV3ZxNWOiYbk yHXKz0j4edejQnIl1hRuhs3iXcB3o3S+N0bMhVkLGK6627m8c9Z4PH1wXEGkAXE4 PXFJl4XNuNRGdMc5L+aAaJiNzGMYOcQYWR7Bgp23jVUQoIyv+S/7UGnhy/JTFKS6 O08WmSGF+FJOxBltxMJ4Jc/CrO+CPBWWmj2xh/Q+tCpN319X+QPkAvAsdt4ffO8+ p0I/cNqH/73RCKMhY8eZ8+clQZ75HJl/bPxQ48okwevanS8/sBXmsKSK5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA6mZJW0qw4Gge/TsrP2EUSvmKRYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3MWQ5NWEzLWMwMDMtNGE4Ni04OGM2LTQwNWNkOGNlZmY5ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba78gwDQYJKoZIhvcNAQELBQADggEBAF/FQUdQna+GEyKL69T/ 3bXl9wf3ilH5ZG1bBkx41V2wVuC4Q2MWJtV1Ru4KkbETH3ZRn9xjdKorIxqsOpHa 4CCmzzHd2AAZQGIclv6/M9s69VLkKAEeX69VRAuFmYIjOxe3kgNAYGFuHr5Gcj0e S1WtrQKHMf99Fs+s5/BAVz3C2sPZyl3PmAr3rUp4XoZqW58mbduwK6vSV7yHyyxS 25WQO8DuaW0M/VOGUqhkJHTabwcmNFJehbBnpoc+nb87zBz3zvZZsC3klAe7DPJA KWpnG/amKmQk9zclJAKEfiU1nJA0Vb19vJLxOmffnBTAFfCepGogcNa6kFYR6YGR 8Gw= -----END CERTIFICATE-----Generated at Sat Dec 20 13:54:13 2025 by rpki-client