This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba2b9024-3102-4fc7-bdb9-0191e3bb79c4.roa File: ba2b9024-3102-4fc7-bdb9-0191e3bb79c4.roa (raw, json) Hash identifier: YM52DkyH7+RvTD8EuZ7M5m+QWB+5JCdCefYHP9WsNG4= Subject key identifier: BA:0B:7A:DD:3D:FA:1E:B4:52:2F:B4:FC:8E:B5:72:92:72:B3:AF:1F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3483ED4D7E701772B1F6865C7256768CFD6DE8CF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba2b9024-3102-4fc7-bdb9-0191e3bb79c4.roa Signing time: Sun 09 Nov 2025 00:40:51 +0000 ROA not before: Sun 09 Nov 2025 00:40:51 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:83:ed:4d:7e:70:17:72:b1:f6:86:5c:72:56:76:8c:fd:6d:e8:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:40:51 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=d096f485c0578f8c69934866dd7c233b851768833742db12a3e2f4d8bae1c7bb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:1e:0e:37:0e:ff:21:03:f0:8e:f4:0e:da:1b: 83:7e:38:88:9c:b1:df:0d:65:c6:31:25:0c:b5:4f: 1e:22:52:58:46:aa:45:2d:3a:0d:85:3c:65:c4:f7: c3:a6:2a:12:49:9e:a6:78:fe:67:d6:1e:0d:d4:18: c1:10:9c:ea:cb:76:b2:d3:4f:ee:ea:86:4e:a4:1c: 5d:df:67:7b:17:4c:31:a4:f8:eb:a3:f3:d6:92:e4: 9a:97:1e:77:17:2c:28:3c:49:2e:9f:65:ae:e7:13: bc:3c:01:0e:b5:91:8d:34:b0:e0:9b:da:e1:59:9c: 49:25:b7:ae:bc:79:2a:70:bd:76:70:38:45:93:30: 12:fc:7a:25:73:63:fb:7d:78:22:ba:f8:8e:05:35: 97:25:ca:1a:b3:ad:fc:ce:73:b2:3a:ce:8b:4c:ad: a3:54:12:8b:52:d9:4c:d2:8c:78:29:04:6b:53:60: 51:a1:1d:d6:62:91:3b:3a:b6:e0:b3:f9:00:7d:f8: b3:bf:27:90:9a:92:d8:19:96:43:26:44:d7:70:12: 6e:bd:40:5e:77:90:91:53:d4:ff:65:f2:b3:0e:cc: 1e:a9:22:b5:ea:b4:c2:df:bf:b0:53:60:0f:e2:9a: 3e:be:2b:9f:30:2e:35:32:b4:bd:79:44:48:93:dd: f0:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:0B:7A:DD:3D:FA:1E:B4:52:2F:B4:FC:8E:B5:72:92:72:B3:AF:1F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba2b9024-3102-4fc7-bdb9-0191e3bb79c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 4b:63:1d:90:a2:95:d4:0a:1b:e3:63:c2:6c:88:a1:5e:b3:7f: f3:fd:3e:71:3c:10:02:67:92:cf:7c:54:c4:61:e0:48:82:e3: b3:78:09:65:9e:da:ae:b8:0f:1a:3e:d1:07:0c:66:f0:8d:c4: 51:a6:10:0d:af:a5:18:85:34:85:2d:db:09:ed:24:6e:c8:e5: f4:db:28:a7:97:51:4a:3b:8d:68:d1:8f:89:2b:bf:9a:56:d9: bf:2c:b2:19:46:0e:a0:e6:72:18:1a:22:33:45:57:73:fa:21: ff:28:9c:31:1f:1c:e2:fa:22:6d:2e:04:e2:8e:0d:a7:f4:05: fe:e4:e0:bc:45:42:f1:cd:f3:53:99:f6:3f:b9:61:89:b4:62: 1b:91:7c:4a:bc:1b:30:20:04:2a:a3:ea:21:62:94:8f:ea:b4: 11:de:b8:d1:bb:f2:ac:ba:4f:a1:33:c5:0c:06:73:6f:43:34: 01:d6:8c:b9:ae:1f:1a:ee:c3:15:6c:a3:80:6b:7e:61:63:17: 6e:89:dd:58:57:af:15:ce:ce:2f:c1:1f:ee:33:2a:c8:73:f4: af:b1:aa:1a:87:f3:89:e0:ed:19:17:9b:09:7f:53:52:3f:04: 97:37:cb:9e:35:ae:34:7c:0a:54:1c:68:e1:d0:3d:77:4b:bb: e2:93:a4:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNIPtTX5wF3Kx9oZcclZ2jP1t6M8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNDA1MVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAZDA5NmY0ODVjMDU3OGY4YzY5OTM0 ODY2ZGQ3YzIzM2I4NTE3Njg4MzM3NDJkYjEyYTNlMmY0ZDhiYWUxYzdiYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB4ONw7/IQPwjvQO2huDfjiInLHf DWXGMSUMtU8eIlJYRqpFLToNhTxlxPfDpioSSZ6meP5n1h4N1BjBEJzqy3ay00/u 6oZOpBxd32d7F0wxpPjro/PWkuSalx53FywoPEkun2Wu5xO8PAEOtZGNNLDgm9rh WZxJJbeuvHkqcL12cDhFkzAS/Holc2P7fXgiuviOBTWXJcoas638znOyOs6LTK2j VBKLUtlM0ox4KQRrU2BRoR3WYpE7Orbgs/kAffizvyeQmpLYGZZDJkTXcBJuvUBe d5CRU9T/ZfKzDsweqSK16rTC37+wU2AP4po+viufMC41MrS9eURIk93wNwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLoLet09+h60Ui+0/I61cpJys68fMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JhMmI5MDI0LTMxMDItNGZjNy1iZGI5LTAxOTFlM2JiNzljNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoEAwDQYJKoZIhvcNAQELBQADggEBAEtjHZCildQKG+NjwmyI oV6zf/P9PnE8EAJnks98VMRh4EiC47N4CWWe2q64Dxo+0QcMZvCNxFGmEA2vpRiF NIUt2wntJG7I5fTbKKeXUUo7jWjRj4krv5pW2b8sshlGDqDmchgaIjNFV3P6If8o nDEfHOL6Im0uBOKODaf0Bf7k4LxFQvHN81OZ9j+5YYm0YhuRfEq8GzAgBCqj6iFi lI/qtBHeuNG78qy6T6EzxQwGc29DNAHWjLmuHxruwxVso4BrfmFjF26J3VhXrxXO zi/BH+4zKshz9K+xqhqH84ng7RkXmwl/U1I/BJc3y541rjR8ClQcaOHQPXdLu+KT pMI= -----END CERTIFICATE-----Generated at Tue Nov 18 13:10:52 2025 by rpki-client