This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b4623a6-3162-48fd-9091-235f75f6c97d.roa File: 9b4623a6-3162-48fd-9091-235f75f6c97d.roa (raw, json) Hash identifier: R+/wCpvzzEyVL5kxypwnG1n04ikFcLnwmwvViZqWjp4= Subject key identifier: BE:FD:69:4C:65:29:4E:BA:43:EF:50:87:78:76:0E:98:5A:01:C6:70 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5F853BA6D9ACEECC22A8DF8FACA591BCD0A15F4E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b4623a6-3162-48fd-9091-235f75f6c97d.roa Signing time: Sat 29 Nov 2025 00:00:35 +0000 ROA not before: Sat 29 Nov 2025 00:00:35 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daf4:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 17:38:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:85:3b:a6:d9:ac:ee:cc:22:a8:df:8f:ac:a5:91:bc:d0:a1:5f:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 29 00:00:35 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=006b213d829a3a53bf12a9a9a3ad106cfc5719f37d0d3e5c52f65e3ee77b401c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:16:89:91:c9:37:58:a1:c3:57:2c:c8:8f:99: 9c:4b:cd:74:24:bb:a2:1c:ef:6b:21:9e:ca:c6:76: 74:61:4c:bc:62:25:3e:83:f5:f5:d8:1a:56:3a:c3: f9:97:8b:96:26:bf:d2:07:d9:a1:8f:eb:10:c0:92: 37:53:6f:a9:02:96:16:5a:bd:ce:98:10:8f:96:85: 83:6b:9c:57:9f:27:0b:31:78:b2:02:bc:d1:f0:39: cb:a7:06:91:03:96:be:87:ec:f3:dd:90:5e:ba:73: 16:c8:a0:d0:7f:5a:a2:50:c0:cc:ca:45:be:28:ab: 32:91:eb:ba:96:9b:12:66:2c:35:ca:06:c5:c9:dd: a6:77:6b:7e:22:8b:64:8f:67:04:41:ce:a2:b2:7b: 60:8f:f3:b2:58:2c:fe:67:99:6a:16:51:e7:20:4f: 6f:d4:72:a2:8b:50:ab:53:e1:2f:d3:5b:d3:8f:3f: 72:ed:3d:82:3c:25:88:97:26:dd:60:63:2a:6a:b0: bd:49:b9:98:09:9d:aa:6f:f3:2a:5e:e2:3f:6a:ff: 9e:b5:af:12:36:19:0c:f2:c1:77:ce:40:2b:9e:d9: b1:b0:44:c5:fe:08:54:b9:1f:61:24:8d:55:3a:af: f2:4d:46:28:08:d9:87:c6:fe:96:2b:3a:37:cf:09: 15:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:FD:69:4C:65:29:4E:BA:43:EF:50:87:78:76:0E:98:5A:01:C6:70 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b4623a6-3162-48fd-9091-235f75f6c97d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:4000::/40 Signature Algorithm: sha256WithRSAEncryption bd:8f:83:48:7d:82:f6:8b:21:b5:ab:97:09:ec:70:cd:91:2f: 75:47:9b:6c:c9:10:3b:eb:69:95:5b:18:3f:57:64:af:53:a5: 9e:5b:07:33:aa:3c:e8:96:f4:99:e7:1d:10:ac:a2:c8:7f:43: 96:b9:f6:02:04:b0:43:d1:d2:60:b4:d1:f4:89:b9:eb:28:a7: 99:03:e6:1a:81:ee:66:93:a5:d2:16:48:5a:f2:cc:25:fc:19: 8b:c0:50:a8:6c:db:ad:58:b6:7f:cb:c9:c7:39:e8:5a:44:76: e2:57:da:4d:c9:7a:2a:71:0e:41:04:b1:5a:6a:dd:8a:f7:25: 50:e0:17:de:e6:71:eb:f5:1a:7e:47:a0:72:9a:ed:df:a5:81: 81:de:00:09:09:5c:33:e7:1d:41:97:57:cf:53:e0:80:02:c4: a2:93:78:5d:c8:fe:1b:1f:50:b5:97:ca:e0:68:dc:de:22:2f: 54:86:13:fe:d8:e9:17:8b:30:80:ed:cc:b0:04:8e:7c:0d:19: d3:9e:6f:e2:41:2e:62:31:37:26:35:31:70:b1:9a:c7:c7:c1: 47:99:82:7f:e0:24:d0:9c:a2:38:20:ea:25:a8:f8:9f:4e:fd: 09:c5:60:df:0c:72:24:9f:e8:2c:7d:91:72:d9:f2:d2:c7:68: cf:dc:d5:65 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUX4U7ptms7swiqN+PrKWRvNChX04wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyOTAwMDAzNVoX DTI2MDIyNzIzNTk1OVowejFJMEcGA1UEBRNAMDA2YjIxM2Q4MjlhM2E1M2JmMTJh OWE5YTNhZDEwNmNmYzU3MTlmMzdkMGQzZTVjNTJmNjVlM2VlNzdiNDAxYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphaJkck3WKHDVyzIj5mcS810JLui HO9rIZ7KxnZ0YUy8YiU+g/X12BpWOsP5l4uWJr/SB9mhj+sQwJI3U2+pApYWWr3O mBCPloWDa5xXnycLMXiyArzR8DnLpwaRA5a+h+zz3ZBeunMWyKDQf1qiUMDMykW+ KKsykeu6lpsSZiw1ygbFyd2md2t+Iotkj2cEQc6isntgj/OyWCz+Z5lqFlHnIE9v 1HKii1CrU+Ev01vTjz9y7T2CPCWIlybdYGMqarC9SbmYCZ2qb/MqXuI/av+eta8S NhkM8sF3zkArntmxsETF/ghUuR9hJI1VOq/yTUYoCNmHxv6WKzo3zwkVqQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL79aUxlKU66Q+9Qh3h2DphaAcZwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzliNDYyM2E2LTMxNjItNDhmZC05MDkxLTIzNWY3NWY2Yzk3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9EAwDQYJKoZIhvcNAQELBQADggEBAL2Pg0h9gvaLIbWrlwns cM2RL3VHm2zJEDvraZVbGD9XZK9TpZ5bBzOqPOiW9JnnHRCsosh/Q5a59gIEsEPR 0mC00fSJuesop5kD5hqB7maTpdIWSFryzCX8GYvAUKhs261Ytn/Lycc56FpEduJX 2k3JeipxDkEEsVpq3Yr3JVDgF97mcev1Gn5HoHKa7d+lgYHeAAkJXDPnHUGXV89T 4IACxKKTeF3I/hsfULWXyuBo3N4iL1SGE/7Y6ReLMIDtzLAEjnwNGdOeb+JBLmIx NyY1MXCxmsfHwUeZgn/gJNCcojgg6iWo+J9O/QnFYN8MciSf6Cx9kXLZ8tLHaM/c 1WU= -----END CERTIFICATE-----Generated at Mon Dec 22 00:48:07 2025 by rpki-client