This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc4defb3-3b7f-41b0-9b47-56b4d0f50806.roa File: bc4defb3-3b7f-41b0-9b47-56b4d0f50806.roa (raw, json) Hash identifier: NeSEWVwePGjQ3HbaHHAzhpDFIVsxWO1CgKL0nZ2FJzk= Subject key identifier: C2:C6:29:F5:52:1B:70:4A:0B:04:3E:2A:1E:BB:95:A4:96:25:B0:DF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5DBA6BDA855DBB3144A1B57FE2823BDA5472A53D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc4defb3-3b7f-41b0-9b47-56b4d0f50806.roa Signing time: Wed 10 Dec 2025 00:00:44 +0000 ROA not before: Wed 10 Dec 2025 00:00:44 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 17:38:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:ba:6b:da:85:5d:bb:31:44:a1:b5:7f:e2:82:3b:da:54:72:a5:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 10 00:00:44 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1d2c868831543051d0f53c9f453e4f4d6cb75592d7e9f0ea5a12fe3911d215da, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:32:f5:77:f2:65:2c:cf:40:d9:f8:bb:30:b2: 1f:43:57:99:6a:97:fa:ec:a9:79:c9:4e:30:9f:96: 30:4e:11:d8:0f:3b:28:f6:f8:2c:b9:bb:8a:54:7d: 51:75:29:e3:ff:6d:cd:a5:8a:39:d4:21:a9:7a:d2: 61:0e:b7:83:b2:c4:ad:4b:7c:f7:9a:69:10:44:d1: 79:3e:f6:9a:af:dc:b3:26:b4:05:c6:97:e8:60:9b: 2f:79:ed:97:b3:3e:42:8a:2c:15:ee:1f:34:eb:62: 2e:f9:b9:54:0d:15:e9:ff:58:58:c0:55:1e:31:bd: 45:63:78:8a:a0:6c:a3:3b:9c:e5:84:db:89:24:bd: f9:bf:77:bd:e1:ff:64:07:52:21:83:72:c0:85:8d: a4:3d:df:8c:2b:eb:62:71:b4:5c:95:e3:3c:99:27: 59:61:e2:fd:af:fb:69:60:9d:f0:f6:59:e6:47:c7: d7:9d:96:3b:75:7b:0f:7c:31:58:70:b5:af:60:5e: b1:37:35:b5:1e:f6:9c:ab:f3:bd:6d:c0:3b:0b:5d: 8b:0e:aa:92:f6:ea:fe:50:91:ce:c0:bd:48:2f:88: 3f:2c:20:d5:bb:12:77:c0:81:1b:83:08:c2:e2:08: 32:b0:01:cc:d8:f6:72:63:ff:6a:ea:97:6e:7e:6d: cd:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:C6:29:F5:52:1B:70:4A:0B:04:3E:2A:1E:BB:95:A4:96:25:B0:DF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc4defb3-3b7f-41b0-9b47-56b4d0f50806.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:a000::/40 Signature Algorithm: sha256WithRSAEncryption 25:d8:ce:d4:12:4e:68:a0:a1:01:d9:2a:b3:38:91:22:47:c0: a5:47:a4:b2:a6:88:0a:b0:88:5e:f5:7c:1a:42:dc:f6:55:8e: 47:3a:f9:20:8f:7f:bb:0f:68:e1:65:06:35:03:ea:01:0b:d6: b3:20:61:62:da:84:ff:61:b4:df:ec:ae:2b:25:7a:cd:68:08: fa:2e:a9:4d:0a:05:d5:30:eb:48:a8:77:7d:09:b4:5a:59:c4: fb:ed:50:f4:e0:7d:5a:34:a2:77:15:90:06:cf:de:36:00:ac: 73:4d:59:de:5e:c3:ae:8d:17:7f:0b:77:bf:83:64:6c:f5:f3: 66:af:16:c9:b2:fe:9c:e8:9f:4a:c0:a2:aa:17:fd:aa:38:7f: 39:10:10:89:31:73:c8:84:e7:f1:c5:61:ab:38:12:6d:d7:94: d3:c0:95:d9:dd:8f:dc:d1:c5:86:ed:f0:72:ee:e3:8e:a3:2b: d2:3e:31:a3:21:27:bc:4b:53:90:36:7f:e4:c4:cc:70:50:6e: 5b:00:12:00:77:ff:d3:b1:12:40:38:a9:87:d2:73:47:d3:1a: 71:9f:1b:57:0a:f2:b6:25:1e:76:5b:1b:7a:26:3c:a1:3c:4c: 2d:16:fb:4d:9f:b2:f0:7a:1b:60:ea:4c:d7:8f:87:fa:8a:4b: 37:b6:ef:6c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXbpr2oVduzFEobV/4oI72lRypT0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIxMDAwMDA0NFoX DTI2MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMWQyYzg2ODgzMTU0MzA1MWQwZjUz YzlmNDUzZTRmNGQ2Y2I3NTU5MmQ3ZTlmMGVhNWExMmZlMzkxMWQyMTVkYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDL1d/JlLM9A2fi7MLIfQ1eZapf6 7Kl5yU4wn5YwThHYDzso9vgsubuKVH1RdSnj/23NpYo51CGpetJhDreDssStS3z3 mmkQRNF5Pvaar9yzJrQFxpfoYJsvee2Xsz5CiiwV7h8062Iu+blUDRXp/1hYwFUe Mb1FY3iKoGyjO5zlhNuJJL35v3e94f9kB1Ihg3LAhY2kPd+MK+ticbRcleM8mSdZ YeL9r/tpYJ3w9lnmR8fXnZY7dXsPfDFYcLWvYF6xNzW1Hvacq/O9bcA7C12LDqqS 9ur+UJHOwL1IL4g/LCDVuxJ3wIEbgwjC4ggysAHM2PZyY/9q6pdufm3NQQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMLGKfVSG3BKCwQ+Kh67laSWJbDfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JjNGRlZmIzLTNiN2YtNDFiMC05YjQ3LTU2YjRkMGY1MDgwNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba76AwDQYJKoZIhvcNAQELBQADggEBACXYztQSTmigoQHZKrM4 kSJHwKVHpLKmiAqwiF71fBpC3PZVjkc6+SCPf7sPaOFlBjUD6gEL1rMgYWLahP9h tN/srisles1oCPouqU0KBdUw60iod30JtFpZxPvtUPTgfVo0oncVkAbP3jYArHNN Wd5ew66NF38Ld7+DZGz182avFsmy/pzon0rAoqoX/ao4fzkQEIkxc8iE5/HFYas4 Em3XlNPAldndj9zRxYbt8HLu446jK9I+MaMhJ7xLU5A2f+TEzHBQblsAEgB3/9Ox EkA4qYfSc0fTGnGfG1cK8rYlHnZbG3omPKE8TC0W+02fsvB6G2DqTNePh/qKSze2 72w= -----END CERTIFICATE-----Generated at Mon Dec 22 00:44:09 2025 by rpki-client