This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa File: 31d36ece-9039-43a2-82a2-03e7d8e7f563.roa (raw, json) Hash identifier: CtHn/+3jMnZBZwBioMRZHwxPOoEPubGQr7vc/dN/6xM= Subject key identifier: 75:3A:AB:85:9F:66:07:BF:30:29:CE:3C:F1:45:7E:33:13:FA:98:78 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 34CEE39BE76B69D716DB7D149C39E72EEA91659F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa Signing time: Sun 07 Dec 2025 00:00:25 +0000 ROA not before: Sun 07 Dec 2025 00:00:25 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Dec 2025 00:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:ce:e3:9b:e7:6b:69:d7:16:db:7d:14:9c:39:e7:2e:ea:91:65:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 7 00:00:25 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=e4861f02042f2d7879611a2a06c6889cec960b52229f322f3c31021701df3b31, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a1:ef:b2:0e:fe:f9:6c:21:16:49:7c:86:83: 5c:19:76:74:f0:ad:2f:0f:e1:b2:b0:95:47:26:60: 1f:41:e2:03:c2:ee:3a:b9:48:ee:e9:7f:56:c0:a6: e0:49:06:2c:ff:f4:ff:3d:51:dd:22:85:45:ec:ba: 1f:50:7a:7a:c8:0b:55:7e:00:3d:67:9e:f8:ae:a3: 18:ef:fe:ca:31:57:8a:bb:eb:c0:5d:4c:1d:a6:1a: d3:54:76:26:31:60:ba:5f:41:a2:b6:15:82:bc:59: 36:a3:b3:64:ff:57:62:91:cd:d4:e3:e2:bd:7e:40: 7d:4f:a1:87:5a:e9:23:e3:eb:78:17:c3:b3:de:99: a2:cf:c8:d9:d1:cf:7f:9a:5b:8a:b0:ea:34:9e:96: 1a:ca:53:92:44:41:43:6c:cc:8f:3c:77:26:5f:8c: bb:bc:96:63:ac:67:e1:a7:6d:3e:56:b6:49:71:0a: 8f:bc:c0:fc:ab:ec:c3:c8:2e:16:85:62:7c:c2:17: 95:7c:21:3c:82:40:de:eb:5b:48:56:1f:c6:7b:e5: 8d:55:dc:25:a0:a1:d0:38:24:a2:9c:04:9a:c3:36: be:52:b6:78:bb:bc:d4:4b:bd:07:82:45:92:bc:27: 8e:ba:05:18:0a:87:d0:f3:21:a0:23:47:1b:f1:92: 3d:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:3A:AB:85:9F:66:07:BF:30:29:CE:3C:F1:45:7E:33:13:FA:98:78 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fc::/32 Signature Algorithm: sha256WithRSAEncryption b1:3b:09:32:b6:68:53:a7:5e:64:03:fa:92:c2:2e:e2:28:f4: 91:a2:1a:ca:7a:f5:bd:85:c8:52:0b:11:42:ea:64:d2:f7:0e: c7:d7:df:10:db:d9:c0:cf:a4:00:75:94:81:03:93:e7:cb:34: 89:a7:e0:8f:70:50:88:fa:e2:79:c6:60:21:85:d2:74:58:90: 98:27:3a:98:29:ef:e6:96:2f:6c:8a:64:ee:c3:4a:79:e6:f4: 9b:91:87:d0:7f:79:21:a4:94:22:78:c5:ba:b2:6c:8c:4e:d8: ce:af:40:b4:b5:4d:a9:2a:33:33:48:13:bc:ce:82:b5:64:9b: 26:17:35:2a:2f:ac:ce:c1:f0:de:b1:87:5e:c7:61:6e:1a:c3: 2f:74:81:e4:1e:64:a9:19:15:03:91:63:05:76:f9:ed:75:1d: d8:36:32:d9:4b:2a:07:6c:c3:a2:ca:5a:a2:34:e0:32:34:af: 13:3e:6d:8d:24:5f:91:4d:73:3e:9c:63:63:94:a8:84:ad:a1: 4f:ca:38:93:17:b2:e2:24:9a:1c:66:70:6e:f2:15:c5:08:11: 6b:d3:f8:3e:8e:9d:3d:dd:1b:64:a7:1c:f8:60:bc:66:81:8b: 5b:c9:f3:cd:9f:30:4b:b4:eb:6c:d9:70:68:a3:51:07:5f:32: ae:c1:5c:13 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUNM7jm+dradcW230UnDnnLuqRZZ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNzAwMDAyNVoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAZTQ4NjFmMDIwNDJmMmQ3ODc5NjEx YTJhMDZjNjg4OWNlYzk2MGI1MjIyOWYzMjJmM2MzMTAyMTcwMWRmM2IzMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6Hvsg7++WwhFkl8hoNcGXZ08K0v D+GysJVHJmAfQeIDwu46uUju6X9WwKbgSQYs//T/PVHdIoVF7LofUHp6yAtVfgA9 Z574rqMY7/7KMVeKu+vAXUwdphrTVHYmMWC6X0GithWCvFk2o7Nk/1dikc3U4+K9 fkB9T6GHWukj4+t4F8Oz3pmiz8jZ0c9/mluKsOo0npYaylOSREFDbMyPPHcmX4y7 vJZjrGfhp20+VrZJcQqPvMD8q+zDyC4WhWJ8wheVfCE8gkDe61tIVh/Ge+WNVdwl oKHQOCSinASawza+UrZ4u7zUS70HgkWSvCeOugUYCofQ8yGgI0cb8ZI94QIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFHU6q4WfZge/MCnOPPFFfjMT+ph4MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMxZDM2ZWNlLTkwMzktNDNhMi04MmEyLTAzZTdkOGU3ZjU2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A/DANBgkqhkiG9w0BAQsFAAOCAQEAsTsJMrZoU6deZAP6ksIu 4ij0kaIaynr1vYXIUgsRQupk0vcOx9ffENvZwM+kAHWUgQOT58s0iafgj3BQiPri ecZgIYXSdFiQmCc6mCnv5pYvbIpk7sNKeeb0m5GH0H95IaSUInjFurJsjE7Yzq9A tLVNqSozM0gTvM6CtWSbJhc1Ki+szsHw3rGHXsdhbhrDL3SB5B5kqRkVA5FjBXb5 7XUd2DYy2UsqB2zDospaojTgMjSvEz5tjSRfkU1zPpxjY5SohK2hT8o4kxey4iSa HGZwbvIVxQgRa9P4Po6dPd0bZKcc+GC8ZoGLW8nzzZ8wS7TrbNlwaKNRB18yrsFc Ew== -----END CERTIFICATE-----Generated at Mon Dec 15 19:53:59 2025 by rpki-client