This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa File: c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa (raw, json) Hash identifier: SUui0EERmuks/7itgRJH4VpWcmcg9bh0aCAQ1Ayw3cw= Subject key identifier: 2B:66:9A:FF:E8:9D:94:9C:4F:F3:4D:55:9A:FB:80:AC:89:60:CE:51 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5C4482B87614394887D7FC2CFBFFB5D0A7C3E0D5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa Signing time: Tue 11 Nov 2025 00:00:11 +0000 ROA not before: Tue 11 Nov 2025 00:00:11 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.158.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:44:82:b8:76:14:39:48:87:d7:fc:2c:fb:ff:b5:d0:a7:c3:e0:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 11 00:00:11 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=435cdb40fd4db73dde73875fb905d6a112e1944ba8ca63635382ab27d4f4407f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d3:2c:21:4a:1e:3e:b5:60:3a:4f:f2:a3:df: da:bf:d0:76:20:7e:10:b8:a1:a4:eb:d6:d4:c5:e3: 64:90:cb:17:eb:a8:55:31:10:2a:a4:6f:2e:03:03: 47:f1:d9:b7:1a:b4:b0:02:22:d2:bb:20:7e:c1:0a: 4d:1a:09:a6:52:16:e2:19:32:e1:9f:93:3b:4a:f4: 3d:20:d5:92:84:0e:22:0e:a7:84:0f:3a:68:cd:11: 10:fb:a8:89:db:54:16:a0:b8:49:43:f7:25:a9:f6: 79:4b:3f:bd:fa:ed:4f:94:12:1b:3f:0d:61:27:d8: be:7a:60:a2:1e:aa:4a:b9:cf:4c:88:14:4f:3c:3a: 41:35:33:6d:fd:c9:12:0b:56:3c:b2:1a:0a:4c:6c: e2:03:a9:01:62:6f:b2:32:40:6a:e4:2c:46:8b:09: f8:46:3f:0b:11:5c:32:6d:d7:53:ed:1f:4a:91:4d: 5d:30:bb:f5:6e:f1:c7:af:ba:0e:05:fe:21:db:7d: 12:37:82:94:8a:3e:17:bd:ae:9c:03:9f:cc:a9:ad: be:93:dc:12:2f:99:b1:ce:5a:b1:d4:a1:4e:6d:f1: d2:ef:57:99:b3:12:90:cc:1a:d8:01:aa:0b:98:1e: 23:ac:0d:1a:37:73:9e:32:3e:f4:49:21:24:d7:6a: c9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:66:9A:FF:E8:9D:94:9C:4F:F3:4D:55:9A:FB:80:AC:89:60:CE:51 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.158.0/23 Signature Algorithm: sha256WithRSAEncryption 5c:7b:15:f4:fe:97:9f:5b:e1:46:7b:b7:c2:76:be:4c:b2:68: 29:40:f6:1a:a7:29:2b:ea:24:10:4b:f7:0e:22:8b:6c:94:32: 6e:49:d0:a9:6c:de:08:fe:ac:88:13:6a:a2:67:0e:e3:bc:d1: 1f:35:14:da:f7:c5:0f:74:ea:d3:56:26:1a:04:61:c7:de:fb: fe:fa:15:56:13:cb:38:ed:c8:62:64:91:89:76:e7:c9:89:11: b1:e1:29:44:ee:02:12:1e:bd:68:b7:d2:db:05:17:b6:e9:b6: 63:56:53:a4:69:ef:6a:6e:2d:16:0f:29:a6:61:af:78:02:40: 77:e5:a6:64:f3:f9:c7:62:80:6f:1e:8b:51:41:d8:cc:42:45: db:95:54:c6:c0:4d:61:9e:ab:ad:13:b3:87:cf:10:f1:43:53: db:47:29:af:ab:d2:00:d4:77:3d:91:a8:f0:df:2c:8c:c3:56: 54:17:44:73:20:f9:5c:be:3d:48:4e:79:92:af:a4:0d:c6:5e: 8e:04:9d:07:e4:b6:3e:a0:d4:d1:99:62:d9:e0:bb:b0:4c:8c: df:7a:84:1c:78:6b:98:bd:78:59:f4:33:eb:5f:73:ac:c1:0d: 22:a8:78:af:16:ac:9a:00:87:1a:70:c3:be:0e:f9:da:f1:66: 03:d3:80:f5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXESCuHYUOUiH1/ws+/+10KfD4NUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMTAwMDAxMVoX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNANDM1Y2RiNDBmZDRkYjczZGRlNzM4 NzVmYjkwNWQ2YTExMmUxOTQ0YmE4Y2E2MzYzNTM4MmFiMjdkNGY0NDA3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9MsIUoePrVgOk/yo9/av9B2IH4Q uKGk69bUxeNkkMsX66hVMRAqpG8uAwNH8dm3GrSwAiLSuyB+wQpNGgmmUhbiGTLh n5M7SvQ9INWShA4iDqeEDzpozREQ+6iJ21QWoLhJQ/clqfZ5Sz+9+u1PlBIbPw1h J9i+emCiHqpKuc9MiBRPPDpBNTNt/ckSC1Y8shoKTGziA6kBYm+yMkBq5CxGiwn4 Rj8LEVwybddT7R9KkU1dMLv1bvHHr7oOBf4h230SN4KUij4Xva6cA5/Mqa2+k9wS L5mxzlqx1KFObfHS71eZsxKQzBrYAaoLmB4jrA0aN3OeMj70SSEk12rJMQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCtmmv/onZScT/NNVZr7gKyJYM5RMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZTA3MzVkLWE5MWUtNDc4ZC04MmQyLWEzZjA0ZWU0MzVkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9qeMA0GCSqGSIb3DQEBCwUAA4IBAQBcexX0/pefW+FGe7fCdr5M smgpQPYapykr6iQQS/cOIotslDJuSdCpbN4I/qyIE2qiZw7jvNEfNRTa98UPdOrT ViYaBGHH3vv++hVWE8s47chiZJGJdufJiRGx4SlE7gISHr1ot9LbBRe26bZjVlOk ae9qbi0WDymmYa94AkB35aZk8/nHYoBvHotRQdjMQkXblVTGwE1hnqutE7OHzxDx Q1PbRymvq9IA1Hc9kajw3yyMw1ZUF0RzIPlcvj1ITnmSr6QNxl6OBJ0H5LY+oNTR mWLZ4LuwTIzfeoQceGuYvXhZ9DPrX3OswQ0iqHivFqyaAIcacMO+Dvna8WYD04D1 -----END CERTIFICATE-----Generated at Tue Nov 18 13:10:45 2025 by rpki-client