This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea00a163-31aa-4894-aa58-c2946b21cd7e.roa File: ea00a163-31aa-4894-aa58-c2946b21cd7e.roa (raw, json) Hash identifier: LaqZfFcsLEJb0wV7B+xJryO9pqoov8Bvyo/w8T3/jqA= Subject key identifier: 8B:69:57:B6:1C:80:9C:91:67:08:B5:79:B3:76:93:5F:4E:D0:D2:B5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 76B622B551E2462B4CF7A0BF11D20C99EB70C51C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea00a163-31aa-4894-aa58-c2946b21cd7e.roa Signing time: Sun 07 Dec 2025 00:00:49 +0000 ROA not before: Sun 07 Dec 2025 00:00:49 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 17:37:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:b6:22:b5:51:e2:46:2b:4c:f7:a0:bf:11:d2:0c:99:eb:70:c5:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Dec 7 00:00:49 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=fd77f09aa49840dc6d1b9274825a7ee54cf2abe9f795e7004b779957a46efbc9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:9f:58:fb:43:9f:14:99:2d:60:fb:9f:72:f5: bb:c3:f3:4a:dc:03:03:4f:b1:e8:ea:91:3a:53:0f: be:8a:81:d8:e2:cc:67:8c:11:1c:42:9b:c6:11:09: 30:08:cf:f6:5d:a0:d8:80:7d:18:aa:72:30:30:8e: db:b8:9c:27:2b:d4:4d:53:5a:67:a9:c3:0c:ca:2c: 0d:09:2c:7e:c3:b5:8d:ad:dd:2f:cc:fc:f2:ad:3b: 68:94:f5:8d:91:98:5d:57:23:d8:81:cc:1d:55:70: 72:37:d0:d3:a0:03:dc:9c:27:ea:9e:8e:61:f1:3d: 58:58:32:46:03:88:08:ef:ec:2e:0c:fa:28:fc:8d: cc:f5:4a:75:9c:c9:4e:a2:ab:d8:22:00:dd:a2:d1: 26:c5:63:db:04:30:f6:2b:ea:6c:b1:36:c7:1c:49: 0f:85:e5:a2:29:e4:97:36:6d:ca:35:95:05:94:5d: 34:41:71:f3:ef:03:18:2d:73:22:56:a4:73:06:d2: 93:43:0f:32:eb:f3:c8:d1:64:6f:24:85:b7:44:f3: a0:ac:c0:9b:85:b7:a7:8a:97:fb:42:a5:bc:19:5f: 85:27:83:2b:b4:88:86:8f:a4:29:99:01:ed:fb:e0: e0:66:e0:e4:ca:06:c7:b3:f1:86:1c:dc:7e:46:b4: 02:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:69:57:B6:1C:80:9C:91:67:08:B5:79:B3:76:93:5F:4E:D0:D2:B5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea00a163-31aa-4894-aa58-c2946b21cd7e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.60.0/24 Signature Algorithm: sha256WithRSAEncryption b4:3d:9f:0a:40:59:9f:1d:e4:30:c6:76:8b:10:92:55:80:54: 89:1a:29:a9:ab:7d:88:e9:73:0a:40:bb:9e:f0:4e:16:75:70: ab:3a:98:47:48:81:2a:2c:47:c9:b6:db:e2:1c:30:75:f5:4f: 60:d5:ca:f6:e7:23:e9:88:2c:da:6e:c0:04:45:05:7f:74:da: 7a:ef:f5:a8:f1:c3:7b:e6:ca:51:57:d5:fe:b6:5f:9b:1d:c8: 01:5f:b9:59:29:6e:6d:ef:1c:a9:68:cb:db:23:cd:f1:4d:60: b6:1a:a3:c1:c1:f4:ce:c9:61:47:fb:f0:be:f4:0b:a2:2c:61: ef:a1:c8:d8:6e:1c:47:e9:dd:db:b4:ff:0c:b1:fe:92:f5:0e: b1:b0:5c:f7:55:f7:ee:5a:05:de:9b:61:77:71:8e:48:04:32: de:d7:01:38:23:07:18:b3:d9:87:c5:6e:3e:11:0d:15:42:3f: 99:5c:48:9d:da:45:3e:5a:d0:6e:b0:0b:58:43:e3:7a:77:08: 8c:a2:95:dc:3a:ad:47:62:5a:0b:31:ef:d0:1a:80:49:9f:5a: 5c:77:0a:1d:40:2c:a8:4d:eb:ff:90:13:7b:0d:c5:ff:aa:3b: 4b:e6:99:cd:62:de:27:f8:19:f3:36:b6:31:69:fb:14:a6:aa: 3e:4b:18:20 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUdrYitVHiRitM96C/EdIMmetwxRwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTIwNzAwMDA0OVoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAZmQ3N2YwOWFhNDk4NDBkYzZkMWI5 Mjc0ODI1YTdlZTU0Y2YyYWJlOWY3OTVlNzAwNGI3Nzk5NTdhNDZlZmJjOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJ9Y+0OfFJktYPufcvW7w/NK3AMD T7Ho6pE6Uw++ioHY4sxnjBEcQpvGEQkwCM/2XaDYgH0YqnIwMI7buJwnK9RNU1pn qcMMyiwNCSx+w7WNrd0vzPzyrTtolPWNkZhdVyPYgcwdVXByN9DToAPcnCfqno5h 8T1YWDJGA4gI7+wuDPoo/I3M9Up1nMlOoqvYIgDdotEmxWPbBDD2K+pssTbHHEkP heWiKeSXNm3KNZUFlF00QXHz7wMYLXMiVqRzBtKTQw8y6/PI0WRvJIW3RPOgrMCb hbenipf7QqW8GV+FJ4MrtIiGj6QpmQHt++DgZuDkygbHs/GGHNx+RrQCawIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFItpV7YcgJyRZwi1ebN2k19O0NK1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhMDBhMTYzLTMxYWEtNDg5NC1hYTU4LWMyOTQ2YjIxY2Q3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A8MA0GCSqGSIb3DQEBCwUAA4IBAQC0PZ8KQFmfHeQwxnaLEJJV gFSJGimpq32I6XMKQLue8E4WdXCrOphHSIEqLEfJttviHDB19U9g1cr25yPpiCza bsAERQV/dNp67/Wo8cN75spRV9X+tl+bHcgBX7lZKW5t7xypaMvbI83xTWC2GqPB wfTOyWFH+/C+9AuiLGHvocjYbhxH6d3btP8Msf6S9Q6xsFz3VffuWgXem2F3cY5I BDLe1wE4IwcYs9mHxW4+EQ0VQj+ZXEid2kU+WtBusAtYQ+N6dwiMopXcOq1HYloL Me/QGoBJn1pcdwodQCyoTev/kBN7DcX/qjtL5pnNYt4n+BnzNrYxafsUpqo+Sxgg -----END CERTIFICATE-----Generated at Sat Dec 20 13:57:14 2025 by rpki-client