This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa File: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (raw, json) Hash identifier: CNy33lvFVRD+mSD8JJeY7w+m3uy4j1Q7IRyDV4kVRuc= Subject key identifier: B9:D2:DA:A1:44:01:2F:38:1F:BF:08:2B:8F:29:AE:75:A5:68:41:09 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 32CC691F4D84A6DDD14C6383C3FC6D56844ABB35 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa Signing time: Sun 07 Dec 2025 00:00:32 +0000 ROA not before: Sun 07 Dec 2025 00:00:32 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Dec 2025 00:09:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:cc:69:1f:4d:84:a6:dd:d1:4c:63:83:c3:fc:6d:56:84:4a:bb:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Dec 7 00:00:32 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=3d55b61f64cadc6c92f5b21a3b2a5de2ca0aeff14532a20199f1c2ad74ea913f, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:3d:38:6f:8e:58:63:e0:65:ea:75:ea:92:31: ba:47:29:9d:2c:d0:a8:89:c7:cb:b1:cd:bb:7b:dc: be:87:04:cc:82:c6:a3:20:c6:a6:49:1a:9e:47:f4: a3:2d:84:4a:01:55:68:d2:af:d6:df:b5:b5:6c:ab: 11:85:c9:80:2a:67:49:7d:48:ec:66:7a:38:9f:be: 7f:7c:47:b4:4c:41:6d:35:80:c5:d9:76:8d:8c:6c: 8c:e2:eb:08:37:40:7a:4b:a6:a7:95:38:ac:21:24: 58:af:d1:7c:d8:cd:60:04:f2:a8:98:4b:20:0b:30: 9a:62:d8:4d:32:9f:0c:a1:52:5b:21:0f:3f:50:05: c0:97:61:46:34:b8:68:fa:ca:c6:e0:10:e4:6e:c1: 47:d8:b1:bf:34:c4:32:92:e7:a4:6b:d6:73:29:f9: 1f:19:fd:0d:34:77:29:03:5d:d0:38:5d:b1:b6:41: 08:35:18:04:4e:45:1d:41:92:79:4b:bc:28:bf:72: 53:19:ce:5b:7c:32:60:16:6b:9f:9e:18:97:03:61: 6e:c7:d4:23:71:0c:73:7a:6d:49:45:b3:86:d3:1f: 75:be:e2:d0:8d:7f:cb:3e:b4:05:43:40:4e:bb:af: 04:e3:88:77:ce:15:5e:2e:64:40:26:92:21:c1:1f: 50:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:D2:DA:A1:44:01:2F:38:1F:BF:08:2B:8F:29:AE:75:A5:68:41:09 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:2000::/36 Signature Algorithm: sha256WithRSAEncryption 31:ee:68:3b:de:3d:bc:a5:1c:42:7c:60:f0:52:e7:a0:52:c1: 81:b8:8c:3a:34:9c:06:4c:b1:9b:32:cf:78:35:0d:57:47:d8: 87:6a:5c:1a:29:2d:c4:bb:1c:a1:b1:4b:0a:55:4b:30:fa:11: d1:fb:9f:f4:83:e7:bc:cc:b0:0d:98:ad:b8:8b:1c:4d:8e:1d: 10:af:5a:65:93:8d:e8:85:6e:59:e0:03:4b:43:52:71:5b:89: 24:a2:27:90:52:79:a9:7d:76:b5:0e:04:fd:3c:19:16:1a:4e: 35:e5:dc:ca:64:9d:d7:8f:28:a1:f6:88:ea:5e:dd:d5:b0:31: a6:d8:31:1d:06:e7:b0:99:93:2b:86:73:09:3b:da:1d:93:f5: eb:6a:98:ce:62:6e:1a:0f:0b:bc:21:c4:76:8e:8f:c2:be:dd: 1a:dc:03:03:78:12:49:9b:d1:2d:66:a3:13:72:5b:98:42:29: 40:bf:60:11:b4:be:64:36:a2:2d:da:62:fa:ad:be:05:a0:90: 0d:84:f5:fa:38:a6:fc:42:33:3e:a0:e4:d2:13:0c:71:16:38: 67:88:6d:1b:3c:ff:a3:44:af:e2:d1:df:cb:c1:67:2e:3d:14: 82:2d:62:0f:4f:a0:70:b8:5a:06:a6:6f:c6:c8:c7:2d:8c:7b: 37:d7:b1:7f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMsxpH02Ept3RTGODw/xtVoRKuzUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTIwNzAwMDAzMloX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAM2Q1NWI2MWY2NGNhZGM2YzkyZjVi MjFhM2IyYTVkZTJjYTBhZWZmMTQ1MzJhMjAxOTlmMWMyYWQ3NGVhOTEzZjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3j04b45YY+Bl6nXqkjG6RymdLNCo icfLsc27e9y+hwTMgsajIMamSRqeR/SjLYRKAVVo0q/W37W1bKsRhcmAKmdJfUjs Zno4n75/fEe0TEFtNYDF2XaNjGyM4usIN0B6S6anlTisISRYr9F82M1gBPKomEsg CzCaYthNMp8MoVJbIQ8/UAXAl2FGNLho+srG4BDkbsFH2LG/NMQykueka9ZzKfkf Gf0NNHcpA13QOF2xtkEINRgETkUdQZJ5S7wov3JTGc5bfDJgFmufnhiXA2Fux9Qj cQxzem1JRbOG0x91vuLQjX/LPrQFQ0BOu68E44h3zhVeLmRAJpIhwR9QfQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLnS2qFEAS84H78IK48prnWlaEEJMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzIyZDY5MTNlLTVmM2QtNGY5OS05YTYwLTQ4NTc5ZjQ3MTgzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJABlACAwDQYJKoZIhvcNAQELBQADggEBADHuaDvePbylHEJ8YPBS 56BSwYG4jDo0nAZMsZsyz3g1DVdH2IdqXBopLcS7HKGxSwpVSzD6EdH7n/SD57zM sA2YrbiLHE2OHRCvWmWTjeiFblngA0tDUnFbiSSiJ5BSeal9drUOBP08GRYaTjXl 3MpkndePKKH2iOpe3dWwMabYMR0G57CZkyuGcwk72h2T9etqmM5ibhoPC7whxHaO j8K+3RrcAwN4Ekmb0S1moxNyW5hCKUC/YBG0vmQ2oi3aYvqtvgWgkA2E9fo4pvxC Mz6g5NITDHEWOGeIbRs8/6NEr+LR38vBZy49FIItYg9PoHC4Wgamb8bIxy2MezfX sX8= -----END CERTIFICATE-----Generated at Sat Dec 20 18:54:05 2025 by rpki-client