This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7aea9a9f-13ed-40f9-9c2d-72c00a3b17c9.roa File: 7aea9a9f-13ed-40f9-9c2d-72c00a3b17c9.roa (raw, json) Hash identifier: 51/h8QnLFZsozwoyZpkqDkzNoQHEvq2Py+ma8d7chM8= Subject key identifier: E1:16:E8:44:6F:CD:B1:A7:73:D7:22:86:A4:F4:AE:6B:2A:16:D8:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24B536E7B713766A645F2343245575D4317AB1BF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7aea9a9f-13ed-40f9-9c2d-72c00a3b17c9.roa Signing time: Sun 09 Nov 2025 01:00:13 +0000 ROA not before: Sun 09 Nov 2025 01:00:13 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da17:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:b5:36:e7:b7:13:76:6a:64:5f:23:43:24:55:75:d4:31:7a:b1:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 01:00:13 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=d67f3d46fda639612ba657236e5020eca8f088c73cb44ad4f41ae5af3a0ef4c0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:81:03:2f:42:6b:c9:1d:8c:61:83:b6:27:a5: 2d:e2:d0:27:4d:fc:fc:0b:28:36:40:f0:51:3a:f9: 8c:33:39:f6:aa:c8:8e:9e:e5:31:4b:78:5a:6a:74: ac:ed:7c:16:1b:15:a8:a9:ca:27:96:8c:52:fb:78: b0:b0:7c:a4:99:99:56:23:18:f3:1a:bb:49:a9:4d: 5f:e3:65:54:61:e4:bf:19:80:1a:5e:c1:4f:7d:4c: fa:25:0d:98:b5:a4:4e:ba:57:67:62:72:4b:4a:60: 25:86:66:22:b8:d2:e2:12:6f:7b:a8:8d:32:11:5a: f1:2f:7f:24:47:f3:42:bb:73:06:70:21:80:84:7d: f4:66:57:de:9c:2c:4d:7c:cb:94:4c:22:f6:6e:91: 69:e4:1d:74:33:53:2c:c3:14:73:24:3b:70:7d:0d: 6e:f8:dd:3a:2e:20:9f:ec:3f:00:1c:f1:fb:db:92: 3d:c3:21:52:84:cb:92:0b:71:bc:53:95:46:30:47: 18:84:d8:22:cd:15:44:8b:a8:bc:fe:9a:87:cc:43: 9a:5d:f5:f5:92:73:70:e4:37:35:53:d3:7a:08:c2: 97:56:fb:84:1a:34:0e:05:43:d1:1d:9e:ef:82:00: ea:2e:24:71:e1:6b:94:b2:a3:e4:8c:9e:2f:59:bc: f2:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:16:E8:44:6F:CD:B1:A7:73:D7:22:86:A4:F4:AE:6B:2A:16:D8:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7aea9a9f-13ed-40f9-9c2d-72c00a3b17c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da17:400::/38 Signature Algorithm: sha256WithRSAEncryption 67:72:78:20:3e:bb:7c:bf:ca:81:4b:1f:4f:85:3e:e6:3e:02: e9:f6:b6:d1:7f:64:28:cf:43:6a:08:1a:e0:49:76:6c:47:48: 81:d7:ec:0f:93:a8:13:2c:dc:1e:a6:20:f1:38:1f:d2:58:d8: ef:18:6c:7f:8c:1f:2a:0e:f7:1d:c0:0b:25:d3:9c:ce:79:b8: d6:3c:0e:32:89:55:66:f6:b8:77:37:f6:71:ce:2c:17:20:7b: 1e:c8:af:a7:35:74:7e:bc:a5:9d:af:91:7c:58:4a:15:93:c7: 97:0e:77:da:fc:8c:99:70:63:4b:81:df:6d:43:30:d8:47:ba: 36:16:23:0e:8d:6f:1d:71:2d:83:67:a2:ac:0b:bd:ae:4b:99: 17:09:38:57:97:dd:4b:df:41:ab:7d:c0:3b:6f:84:20:90:54: e6:9b:47:32:4e:b0:91:d5:f4:5e:01:f4:f5:0b:be:41:b6:c7: c2:33:cd:16:fd:00:d5:a1:29:fa:4d:39:70:f0:a1:7f:4b:83: 7f:f3:d6:35:f0:33:0e:66:0e:8b:67:d6:e1:9a:c6:d1:eb:4a: 95:f9:f9:e6:46:25:b8:76:4c:3c:b1:13:6e:56:d4:17:de:dd: 0f:5e:82:f1:a7:17:4f:97:df:d6:bf:01:f8:ec:73:d4:61:4c: 9a:98:59:bc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJLU257cTdmpkXyNDJFV11DF6sb8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAxMDAxM1oX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAZDY3ZjNkNDZmZGE2Mzk2MTJiYTY1 NzIzNmU1MDIwZWNhOGYwODhjNzNjYjQ0YWQ0ZjQxYWU1YWYzYTBlZjRjMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYEDL0JryR2MYYO2J6Ut4tAnTfz8 Cyg2QPBROvmMMzn2qsiOnuUxS3haanSs7XwWGxWoqconloxS+3iwsHykmZlWIxjz GrtJqU1f42VUYeS/GYAaXsFPfUz6JQ2YtaROuldnYnJLSmAlhmYiuNLiEm97qI0y EVrxL38kR/NCu3MGcCGAhH30ZlfenCxNfMuUTCL2bpFp5B10M1MswxRzJDtwfQ1u +N06LiCf7D8AHPH725I9wyFShMuSC3G8U5VGMEcYhNgizRVEi6i8/pqHzEOaXfX1 knNw5Dc1U9N6CMKXVvuEGjQOBUPRHZ7vggDqLiRx4WuUsqPkjJ4vWbzyHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOEW6ERvzbGnc9cihqT0rmsqFtgYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdhZWE5YTlmLTEzZWQtNDBmOS05YzJkLTcyYzAwYTNiMTdjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFwQwDQYJKoZIhvcNAQELBQADggEBAGdyeCA+u3y/yoFLH0+F PuY+Aun2ttF/ZCjPQ2oIGuBJdmxHSIHX7A+TqBMs3B6mIPE4H9JY2O8YbH+MHyoO 9x3ACyXTnM55uNY8DjKJVWb2uHc39nHOLBcgex7Ir6c1dH68pZ2vkXxYShWTx5cO d9r8jJlwY0uB321DMNhHujYWIw6Nbx1xLYNnoqwLva5LmRcJOFeX3UvfQat9wDtv hCCQVOabRzJOsJHV9F4B9PULvkG2x8IzzRb9ANWhKfpNOXDwoX9Lg3/z1jXwMw5m Dotn1uGaxtHrSpX5+eZGJbh2TDyxE25W1Bfe3Q9egvGnF0+X39a/Afjsc9RhTJqY Wbw= -----END CERTIFICATE-----Generated at Tue Nov 18 13:10:58 2025 by rpki-client