This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa File: d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa (raw, json) Hash identifier: I2OhIi/zKImPfiwkKpnHB/dj11+SVpb7kXY1xZ6pvDQ= Subject key identifier: 8B:AC:43:3A:EC:50:89:72:8A:FC:B6:B3:A1:74:DB:02:5F:8F:41:28 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 45F144BC94332B6CA97A3382DA18C336E6A0ABF2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa Signing time: Wed 10 Dec 2025 00:00:06 +0000 ROA not before: Wed 10 Dec 2025 00:00:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Dec 2025 17:38:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:f1:44:bc:94:33:2b:6c:a9:7a:33:82:da:18:c3:36:e6:a0:ab:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 10 00:00:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=5989ed9c666edfbf313fa40dcf4f7366425f5c3bdbf0d93a488e6b9eb2f918f4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:94:37:41:0d:e8:38:2f:0e:bb:33:51:4c:ad: 77:11:55:5d:a1:a3:10:3d:33:70:cb:1a:0c:bd:a0: a7:41:21:e2:6f:50:4f:ec:77:44:28:cb:02:e0:b4: 28:65:4f:0f:12:36:b3:76:c1:09:07:9b:b6:ca:77: a6:42:cc:d3:59:5b:fd:e4:f0:17:eb:cb:e1:9f:15: c3:b5:4d:05:ce:10:49:82:ef:d7:79:8c:7b:f1:16: 87:70:55:fc:53:a2:65:d6:90:70:2b:9a:2f:21:1b: 71:f7:a2:9f:e9:44:1d:d5:4a:1f:32:6c:20:2d:53: 7e:a3:34:d8:eb:85:92:5a:1e:d0:82:82:0c:9e:b4: ce:9a:7c:73:d9:17:17:d2:9b:a9:84:db:b8:96:77: fc:e1:0f:49:a7:a9:fa:10:7e:ff:45:e1:71:44:4f: 70:7b:1a:8a:3f:59:29:76:ec:26:e4:03:b8:5e:0e: 62:a0:a9:16:62:2d:40:a9:25:22:c2:71:7c:61:51: c0:62:6c:28:b4:aa:2e:34:21:89:c1:f2:3d:19:0d: 89:2f:e8:92:2d:f8:cc:06:b0:50:fe:d0:be:79:8a: 1d:1c:09:2c:68:50:b1:30:d0:da:f6:4d:2c:e2:3a: 27:88:06:0c:25:34:82:a0:5d:03:c4:fc:09:20:83: 61:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:AC:43:3A:EC:50:89:72:8A:FC:B6:B3:A1:74:DB:02:5F:8F:41:28 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:2800::/40 Signature Algorithm: sha256WithRSAEncryption c1:af:af:de:ec:16:4f:cd:19:08:4f:a3:34:e6:95:4e:80:b4: 45:67:fa:33:3c:6f:1d:df:b0:2e:c6:2f:42:78:75:f7:93:6c: 2b:8e:53:4e:1a:64:5c:84:77:15:a8:53:f0:31:33:cc:3f:b7: ee:70:a8:25:b8:8a:40:a0:45:3a:2b:35:57:67:0c:5f:42:64: f4:4d:4c:81:5e:b8:bc:04:a9:0f:e0:a2:73:f0:c9:3a:8c:65: f0:89:ea:94:b9:24:5b:e6:57:48:ac:df:0e:4c:cd:0b:aa:d7: 06:e4:82:ed:e0:3f:38:69:e2:a3:df:2c:86:07:e8:06:0e:02: 21:3f:b9:a1:b6:62:3e:f9:d9:79:73:1b:7a:0d:a8:e9:24:f8: cf:89:6e:1a:44:c6:b2:06:89:6c:e0:71:f9:28:45:fe:1e:cf: 80:b5:12:18:6b:5b:5d:01:af:ed:dd:d1:80:93:67:1b:a2:f0: 04:63:f2:ac:5b:06:97:8b:f4:16:b8:e8:78:7f:72:f2:28:51: d2:f1:c2:6c:7e:01:2c:4a:c9:12:43:d9:72:6e:0c:b8:f4:b7: 51:6a:5b:b1:c4:54:b1:88:36:49:53:37:dc:22:4d:84:bd:96: a6:9d:23:90:ac:d5:cd:bf:30:86:be:4c:d0:0e:bd:81:e9:b0: 12:07:a2:c4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURfFEvJQzK2ypejOC2hjDNuagq/IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIxMDAwMDAwNloX DTI2MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANTk4OWVkOWM2NjZlZGZiZjMxM2Zh NDBkY2Y0ZjczNjY0MjVmNWMzYmRiZjBkOTNhNDg4ZTZiOWViMmY5MThmNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9pQ3QQ3oOC8OuzNRTK13EVVdoaMQ PTNwyxoMvaCnQSHib1BP7HdEKMsC4LQoZU8PEjazdsEJB5u2ynemQszTWVv95PAX 68vhnxXDtU0FzhBJgu/XeYx78RaHcFX8U6Jl1pBwK5ovIRtx96Kf6UQd1UofMmwg LVN+ozTY64WSWh7QgoIMnrTOmnxz2RcX0puphNu4lnf84Q9Jp6n6EH7/ReFxRE9w exqKP1kpduwm5AO4Xg5ioKkWYi1AqSUiwnF8YVHAYmwotKouNCGJwfI9GQ2JL+iS LfjMBrBQ/tC+eYodHAksaFCxMNDa9k0s4joniAYMJTSCoF0DxPwJIINhHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIusQzrsUIlyivy2s6F02wJfj0EoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q0M2EyZTU2LTJkNTgtNGM3ZC04ZWUyLTBjYTZhYzhhNjI3NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7ygwDQYJKoZIhvcNAQELBQADggEBAMGvr97sFk/NGQhPozTm lU6AtEVn+jM8bx3fsC7GL0J4dfeTbCuOU04aZFyEdxWoU/AxM8w/t+5wqCW4ikCg RTorNVdnDF9CZPRNTIFeuLwEqQ/gonPwyTqMZfCJ6pS5JFvmV0is3w5MzQuq1wbk gu3gPzhp4qPfLIYH6AYOAiE/uaG2Yj752XlzG3oNqOkk+M+JbhpExrIGiWzgcfko Rf4ez4C1EhhrW10Br+3d0YCTZxui8ARj8qxbBpeL9Ba46Hh/cvIoUdLxwmx+ASxK yRJD2XJuDLj0t1FqW7HEVLGINklTN9wiTYS9lqadI5Cs1c2/MIa+TNAOvYHpsBIH osQ= -----END CERTIFICATE-----Generated at Mon Dec 22 00:45:47 2025 by rpki-client