This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa File: 205af9d8-3799-4d38-b1fb-da840e362ff1.roa (raw, json) Hash identifier: GdMdxBgMFFdaFZZfA/zNf8RgH7wMWMKdRWGGSQIAJo8= Subject key identifier: E2:CB:1B:6A:A5:25:EB:9A:34:22:57:EA:32:A9:90:44:6A:58:27:47 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1B8E414429D3F9AC60CE6483F6FF28E11C52B215 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa Signing time: Sun 07 Dec 2025 00:00:24 +0000 ROA not before: Sun 07 Dec 2025 00:00:24 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Dec 2025 00:02:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:8e:41:44:29:d3:f9:ac:60:ce:64:83:f6:ff:28:e1:1c:52:b2:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 7 00:00:24 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=7cf8f3565c0d4f99d96297891e2567150e1e2137fefa2fad4ab05c789a2afe54, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b8:cc:91:df:d7:9a:77:f0:9b:fe:de:3a:80: e6:79:4b:37:99:3f:07:86:60:2f:5a:44:8f:70:13: bf:b3:94:fc:a2:06:33:86:38:58:9a:03:5f:87:1a: 83:2c:d9:80:a4:ec:2d:7f:2b:da:56:0b:32:94:47: 21:78:0a:f2:d6:2a:40:36:dd:1b:30:c7:29:cd:11: 86:7c:0c:8f:4d:00:34:66:16:df:7e:05:03:21:88: a3:58:14:41:1d:e3:75:44:dd:62:5a:9a:87:6c:36: 1a:4a:84:a5:e8:33:3c:94:66:98:db:22:19:21:fb: ba:a7:a1:9c:0e:b0:15:05:56:66:ed:79:1c:ac:2e: dc:ed:eb:7a:de:6f:7a:49:5b:e7:42:50:1d:bb:09: 3e:95:5f:7d:77:c9:32:ea:77:3b:d3:7c:0a:a9:c8: 57:70:ec:eb:0b:f5:68:83:c2:95:68:7b:18:13:05: a1:8a:f9:4c:a8:ef:43:19:13:00:52:2c:60:ff:1c: 3c:76:9d:9a:63:78:e2:bc:40:4e:65:a2:72:09:88: 72:40:9d:3d:78:79:16:fb:f1:40:7e:97:be:a4:9f: 2d:36:ab:39:93:1d:8d:18:44:2d:57:83:1d:ef:c7: 25:29:78:c3:02:25:33:de:7b:48:95:cd:1d:79:ac: b2:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:CB:1B:6A:A5:25:EB:9A:34:22:57:EA:32:A9:90:44:6A:58:27:47 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/36 Signature Algorithm: sha256WithRSAEncryption 13:ab:ae:b3:54:1d:27:d6:d2:8b:39:f4:4d:2c:0d:e7:7b:f3: b8:c0:de:1a:c3:14:ee:2f:bf:9c:eb:5c:90:5d:98:71:2f:f9: fe:28:a8:7c:3f:12:9a:9d:9a:65:85:0e:2e:28:ed:c2:86:21: e1:b4:6c:eb:c4:8d:11:9a:51:15:7a:ac:c5:e8:a7:dd:bf:8c: 4c:bf:6f:9e:a0:13:6a:d3:5c:99:1f:47:1b:7f:98:7a:4e:3d: bd:7d:00:de:56:38:84:71:0d:41:6a:49:bb:92:a0:5b:9a:96: 23:5d:80:f3:f8:7a:4b:5a:1c:0f:f6:27:7c:2e:df:b8:95:2f: 9f:46:ba:dd:ac:a6:0b:5b:97:c8:c7:1b:25:c2:aa:35:e5:7a: 53:f8:5d:a1:7a:27:64:22:18:b2:67:7d:f4:e3:55:51:d8:cc: 20:46:58:9d:4b:af:87:a4:be:48:8f:7f:a6:89:be:87:85:4f: c9:1f:b3:cb:ef:a3:f2:a7:3c:2d:26:a8:86:1f:cf:01:91:fe: 42:ca:64:b5:80:09:0c:bb:6c:87:35:10:d8:4a:d5:91:09:f1: 12:8d:11:f0:1f:7a:31:85:7c:ad:05:3d:7e:fb:67:a9:31:28: 99:09:47:cf:41:44:27:78:a7:c3:80:de:d8:f8:0c:63:d5:cd: 0c:ad:81:29 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG45BRCnT+axgzmSD9v8o4RxSshUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNzAwMDAyNFoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAN2NmOGYzNTY1YzBkNGY5OWQ5NjI5 Nzg5MWUyNTY3MTUwZTFlMjEzN2ZlZmEyZmFkNGFiMDVjNzg5YTJhZmU1NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bjMkd/Xmnfwm/7eOoDmeUs3mT8H hmAvWkSPcBO/s5T8ogYzhjhYmgNfhxqDLNmApOwtfyvaVgsylEcheAry1ipANt0b MMcpzRGGfAyPTQA0ZhbffgUDIYijWBRBHeN1RN1iWpqHbDYaSoSl6DM8lGaY2yIZ Ifu6p6GcDrAVBVZm7XkcrC7c7et63m96SVvnQlAduwk+lV99d8ky6nc703wKqchX cOzrC/Vog8KVaHsYEwWhivlMqO9DGRMAUixg/xw8dp2aY3jivEBOZaJyCYhyQJ09 eHkW+/FAfpe+pJ8tNqs5kx2NGEQtV4Md78clKXjDAiUz3ntIlc0deayynwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOLLG2qlJeuaNCJX6jKpkERqWCdHMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIwNWFmOWQ4LTM3OTktNGQzOC1iMWZiLWRhODQwZTM2MmZmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AGAAwDQYJKoZIhvcNAQELBQADggEBABOrrrNUHSfW0os59E0s Ded787jA3hrDFO4vv5zrXJBdmHEv+f4oqHw/EpqdmmWFDi4o7cKGIeG0bOvEjRGa URV6rMXop92/jEy/b56gE2rTXJkfRxt/mHpOPb19AN5WOIRxDUFqSbuSoFualiNd gPP4ektaHA/2J3wu37iVL59Gut2spgtbl8jHGyXCqjXlelP4XaF6J2QiGLJnffTj VVHYzCBGWJ1Lr4ekvkiPf6aJvoeFT8kfs8vvo/KnPC0mqIYfzwGR/kLKZLWACQy7 bIc1ENhK1ZEJ8RKNEfAfejGFfK0FPX77Z6kxKJkJR89BRCd4p8OA3tj4DGPVzQyt gSk= -----END CERTIFICATE-----Generated at Tue Dec 16 23:19:32 2025 by rpki-client