This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa File: a3080b31-8684-4ce8-b4e6-33db63d13627.roa (raw, json) Hash identifier: 5pEyXbZHBgBftBBJ0xJAW/ryycChwYnUxJbRFXjHcE4= Subject key identifier: 22:79:2D:B2:FB:3B:36:71:CE:7D:C7:0D:06:D1:11:28:0F:C9:0A:FE Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 510480D8482A55EF37EF4663C204428AB987291F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa Signing time: Sun 07 Dec 2025 00:00:39 +0000 ROA not before: Sun 07 Dec 2025 00:00:39 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8060::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Dec 2025 00:05:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:04:80:d8:48:2a:55:ef:37:ef:46:63:c2:04:42:8a:b9:87:29:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 7 00:00:39 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=f4ed2e7686b4cfa032d3b9b70e2398f122e919e9c778612a74c3c2520dd9b7c9, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:00:b0:86:b6:cb:93:bf:98:d3:ec:75:00:78: a3:a6:63:e9:de:32:15:b3:2a:a5:ba:02:0e:42:58: d9:1f:2d:9f:ab:f5:ce:f2:e5:a0:5b:94:4c:26:0c: 62:03:83:96:0c:6a:85:d4:cc:44:06:e2:27:2d:5b: ef:67:cc:be:4d:7b:b5:ed:55:b7:ee:50:8d:23:d2: 59:75:7a:b3:bc:b7:fb:33:bf:02:c1:91:8e:34:02: 4b:99:39:9b:c8:57:a1:00:f3:77:6d:40:d7:69:3d: 47:b4:26:09:5e:ab:c5:8c:82:c7:7d:63:48:d8:d7: b4:c7:0a:51:f9:b8:92:93:1d:b7:e6:39:45:d0:af: f3:08:06:7d:ff:8a:2a:f5:43:e3:8a:2b:f9:aa:94: 2d:18:2a:e8:02:23:a8:9f:96:57:2c:e6:56:64:bf: 17:ec:ed:3d:5c:20:14:70:38:08:e2:77:48:f4:57: cd:fa:40:24:82:fb:fe:3f:e1:83:72:b9:e1:1f:26: 58:ec:4c:74:9d:a1:af:35:b3:da:62:ca:0a:f8:c2: f5:91:52:d6:12:6b:6e:b0:ed:5f:a3:29:7e:cb:c6: a4:77:57:7d:e8:a1:01:2f:0d:fd:9d:dc:4a:09:ca: 97:d1:f8:90:ea:4e:b9:b8:ce:55:36:9d:96:41:d8: 12:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:79:2D:B2:FB:3B:36:71:CE:7D:C7:0D:06:D1:11:28:0F:C9:0A:FE X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8060::/32 Signature Algorithm: sha256WithRSAEncryption 0c:27:b6:66:6d:11:e5:10:a2:56:98:b6:e4:05:b5:0e:99:67: 5f:0f:ad:fc:f8:8f:e5:22:a4:18:1e:98:35:e1:ef:d5:c2:1a: 90:63:43:d6:d5:7c:0c:ee:94:6d:8b:64:90:ce:b4:1c:94:cd: ba:3b:0d:23:7e:44:da:8e:48:05:93:ff:57:d3:c6:5e:16:a2: b9:b9:d8:53:6a:9d:ab:82:c5:75:8c:82:73:02:32:4f:1f:9b: e3:f3:bf:e7:14:f3:6d:d6:43:c3:30:86:92:d7:13:b1:06:76: 0c:7d:49:13:cf:ae:ac:18:fc:a3:c5:ed:06:0b:c7:b7:29:ea: f9:38:46:7a:3c:60:4b:55:3e:db:6d:89:89:81:67:4d:1d:df: 41:95:a5:01:e5:c4:e2:b2:09:dd:30:d0:7c:97:08:50:e6:7d: f7:1d:cc:b3:a6:30:da:a2:30:88:7d:28:e3:c8:e6:a3:f8:31: 31:b9:f6:ad:ea:cd:b3:63:a0:f9:ea:63:fe:6e:f5:5c:9a:60: 66:8b:c6:73:ae:cb:25:0a:a0:3d:1f:d4:93:36:ce:8a:ac:79: ec:6d:a4:a6:97:74:e8:f2:5b:a6:af:4b:59:1b:1b:19:bc:42: 8a:17:cb:35:5b:0e:e9:68:c6:20:05:b0:70:d9:b7:40:e8:70: 74:56:1a:87 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUUQSA2EgqVe8370ZjwgRCirmHKR8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNzAwMDAzOVoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAZjRlZDJlNzY4NmI0Y2ZhMDMyZDNi OWI3MGUyMzk4ZjEyMmU5MTllOWM3Nzg2MTJhNzRjM2MyNTIwZGQ5YjdjOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwCwhrbLk7+Y0+x1AHijpmPp3jIV syqlugIOQljZHy2fq/XO8uWgW5RMJgxiA4OWDGqF1MxEBuInLVvvZ8y+TXu17VW3 7lCNI9JZdXqzvLf7M78CwZGONAJLmTmbyFehAPN3bUDXaT1HtCYJXqvFjILHfWNI 2Ne0xwpR+biSkx235jlF0K/zCAZ9/4oq9UPjiiv5qpQtGCroAiOon5ZXLOZWZL8X 7O09XCAUcDgI4ndI9FfN+kAkgvv+P+GDcrnhHyZY7Ex0naGvNbPaYsoK+ML1kVLW EmtusO1foyl+y8akd1d96KEBLw39ndxKCcqX0fiQ6k65uM5VNp2WQdgSdQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFCJ5LbL7OzZxzn3HDQbRESgPyQr+MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzMDgwYjMxLTg2ODQtNGNlOC1iNGU2LTMzZGI2M2QxMzYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+AYDANBgkqhkiG9w0BAQsFAAOCAQEADCe2Zm0R5RCiVpi25AW1 DplnXw+t/PiP5SKkGB6YNeHv1cIakGND1tV8DO6UbYtkkM60HJTNujsNI35E2o5I BZP/V9PGXhaiubnYU2qdq4LFdYyCcwIyTx+b4/O/5xTzbdZDwzCGktcTsQZ2DH1J E8+urBj8o8XtBgvHtynq+ThGejxgS1U+222JiYFnTR3fQZWlAeXE4rIJ3TDQfJcI UOZ99x3Ms6Yw2qIwiH0o48jmo/gxMbn2rerNs2Og+epj/m71XJpgZovGc67LJQqg PR/UkzbOiqx57G2kppd06PJbpq9LWRsbGbxCihfLNVsO6WjGIAWwcNm3QOhwdFYa hw== -----END CERTIFICATE-----Generated at Sat Dec 20 12:07:54 2025 by rpki-client