This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f70a2ebf-b5a4-45f4-9000-a7028603f6c3.roa File: f70a2ebf-b5a4-45f4-9000-a7028603f6c3.roa (raw, json) Hash identifier: BRUKrxofCsR9xwoZDIUN90w12WH77Y2CNT0BooUzDfk= Subject key identifier: 69:23:B5:24:66:AB:63:13:B1:2C:FF:DD:EE:62:BC:43:82:B4:1D:EB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 458E68F3D303D8A63F3A11D4104D25A70B1F2387 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f70a2ebf-b5a4-45f4-9000-a7028603f6c3.roa Signing time: Tue 13 Jan 2026 20:09:42 +0000 ROA not before: Tue 13 Jan 2026 20:09:42 +0000 ROA not after: Mon 13 Apr 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daeb:f040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 Jan 2026 20:10:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:8e:68:f3:d3:03:d8:a6:3f:3a:11:d4:10:4d:25:a7:0b:1f:23:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jan 13 20:09:42 2026 GMT Not After : Apr 13 23:59:59 2026 GMT Subject: serialNumber=dd0ddb6d479a1d33d06835d834a309aea1da3bcdc2dad0fb51e0b4f06696793d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:06:2e:92:27:ef:2a:fb:b7:8b:aa:8e:f1:ff: 02:21:7f:34:36:ed:41:86:37:2e:0a:87:b7:fa:8a: ca:dd:6d:a9:b0:c4:fa:a2:09:58:04:01:44:f5:21: 3d:49:a7:fa:72:e4:83:17:d5:f5:64:c6:e2:bc:6b: cd:5d:7a:bc:dc:72:4c:be:4f:b0:62:37:d7:0b:f5: a4:3a:12:49:49:de:b4:72:8d:44:f2:63:4f:15:e3: bd:6d:6b:f4:0f:be:43:e7:9f:88:93:5c:51:31:f6: 55:39:d3:8e:58:f1:d7:4b:2e:d8:f8:3d:e2:ac:76: 68:49:12:82:80:50:3c:41:93:17:b3:ac:67:5f:fb: 20:2f:bc:79:69:7d:62:54:10:31:08:06:4c:43:4b: 58:cf:ba:1d:14:ee:9c:29:32:39:ad:69:77:51:d7: 45:b3:91:b0:69:c0:a2:ee:e2:13:a9:5c:22:f7:20: 4b:08:10:d9:bf:49:83:48:7a:46:74:38:69:83:64: 74:bf:39:7c:ac:30:7e:97:99:b8:a6:9f:4a:6e:3f: 94:3c:cc:93:6e:e6:f9:f1:40:b0:18:b0:3e:22:f5: d2:c0:53:4e:75:37:3d:0e:43:7a:7f:c0:a8:77:2f: de:66:39:6f:71:19:7a:c4:89:f2:ce:6b:6b:d7:ad: f6:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:23:B5:24:66:AB:63:13:B1:2C:FF:DD:EE:62:BC:43:82:B4:1D:EB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f70a2ebf-b5a4-45f4-9000-a7028603f6c3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daeb:f040::/48 Signature Algorithm: sha256WithRSAEncryption 92:05:60:89:40:83:5a:b6:d4:bd:0c:aa:0f:b3:3e:16:e6:36: dc:48:13:ba:95:3b:85:ae:26:a3:55:3b:a2:1c:65:8a:4f:0f: 9c:9a:a2:fc:c3:94:de:70:84:d0:84:5f:8d:98:2b:d6:ad:70: 35:61:e0:2f:9b:43:7b:19:74:7f:84:8d:5f:ed:15:57:38:b2: a1:9e:a6:fa:c5:3b:07:8d:d4:36:b3:b5:c1:cb:7d:8c:fa:ff: 26:4a:34:0f:33:41:0c:0d:f6:a1:9b:b9:6f:f9:c9:2b:f7:eb: b5:ff:88:33:66:e4:fb:2d:ce:81:ac:7f:f8:1a:2c:e0:28:15: 86:d5:ba:24:17:f3:fd:c0:ea:f6:5d:97:3e:8d:51:10:20:94: 4a:cc:91:64:55:13:75:93:e3:4d:10:f9:28:9d:f9:d4:5f:17: 23:ee:f9:7f:ed:69:48:36:80:01:38:8f:8e:6f:ba:2f:fe:b7: 82:40:5f:8b:0b:0b:5e:b7:96:3e:a4:ec:8e:ac:0a:d6:04:ff: 43:2a:03:c6:3c:29:43:50:2d:84:90:b6:47:1e:1c:0f:a9:42: ec:03:ee:3a:1a:58:df:7e:71:84:14:bb:cd:43:b1:25:db:bc: 4e:6c:73:64:03:12:ae:15:00:f4:3b:12:65:e3:d7:c9:bd:19: 0a:56:3b:29 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURY5o89MD2KY/OhHUEE0lpwsfI4cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDExMzIwMDk0MloX DTI2MDQxMzIzNTk1OVowejFJMEcGA1UEBRNAZGQwZGRiNmQ0NzlhMWQzM2QwNjgz NWQ4MzRhMzA5YWVhMWRhM2JjZGMyZGFkMGZiNTFlMGI0ZjA2Njk2NzkzZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwYukifvKvu3i6qO8f8CIX80Nu1B hjcuCoe3+orK3W2psMT6oglYBAFE9SE9Saf6cuSDF9X1ZMbivGvNXXq83HJMvk+w YjfXC/WkOhJJSd60co1E8mNPFeO9bWv0D75D55+Ik1xRMfZVOdOOWPHXSy7Y+D3i rHZoSRKCgFA8QZMXs6xnX/sgL7x5aX1iVBAxCAZMQ0tYz7odFO6cKTI5rWl3UddF s5GwacCi7uITqVwi9yBLCBDZv0mDSHpGdDhpg2R0vzl8rDB+l5m4pp9Kbj+UPMyT bub58UCwGLA+IvXSwFNOdTc9DkN6f8Cody/eZjlvcRl6xInyzmtr16322QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGkjtSRmq2MTsSz/3e5ivEOCtB3rMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y3MGEyZWJmLWI1YTQtNDVmNC05MDAwLWE3MDI4NjAzZjZjMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6/BAMA0GCSqGSIb3DQEBCwUAA4IBAQCSBWCJQINattS9DKoP sz4W5jbcSBO6lTuFriajVTuiHGWKTw+cmqL8w5TecITQhF+NmCvWrXA1YeAvm0N7 GXR/hI1f7RVXOLKhnqb6xTsHjdQ2s7XBy32M+v8mSjQPM0EMDfahm7lv+ckr9+u1 /4gzZuT7Lc6BrH/4GizgKBWG1bokF/P9wOr2XZc+jVEQIJRKzJFkVRN1k+NNEPko nfnUXxcj7vl/7WlINoABOI+Ob7ov/reCQF+LCwtet5Y+pOyOrArWBP9DKgPGPClD UC2EkLZHHhwPqULsA+46GljffnGEFLvNQ7El27xObHNkAxKuFQD0OxJl49fJvRkK Vjsp -----END CERTIFICATE-----Generated at Sat Jan 17 06:44:10 2026 by rpki-client