This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa File: e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa (raw, json) Hash identifier: iHgVMCQkVpqqh3egN8945TcYU7izcrnduLWWQD583q4= Subject key identifier: E5:7C:B5:47:8A:F3:DE:69:73:08:BF:79:3B:DA:2D:F6:30:EA:70:C6 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 667167A94BCA3B84F9B742D9055D7B6B890F51AF Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa Signing time: Sat 06 Dec 2025 00:00:08 +0000 ROA not before: Sat 06 Dec 2025 00:00:08 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 21 Jan 2026 00:14:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:71:67:a9:4b:ca:3b:84:f9:b7:42:d9:05:5d:7b:6b:89:0f:51:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Dec 6 00:00:08 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=4d4f178161d30cc833502372e76a35b12ce9ac1bec5fe6b142f6533edb38fd1e, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:e0:e8:c7:5f:65:8c:ee:7b:db:f9:06:6d:cd: c8:02:93:25:92:da:4e:68:1e:24:87:bf:59:21:64: ed:5c:a2:27:fe:41:52:17:57:4b:a8:48:66:fa:bd: 8c:22:36:72:25:78:be:67:4b:94:f7:a5:4a:e3:47: 22:ff:18:25:37:68:9e:68:ed:43:b0:80:b9:86:81: 9d:1c:ac:a9:46:46:a4:46:b9:f5:8b:cd:51:d5:07: 9d:9d:92:55:27:6d:5b:73:0c:ae:f3:74:2a:54:65: cc:10:9e:2a:93:81:e5:e6:fe:38:5b:44:12:cb:7e: 5e:91:1a:05:34:69:13:cf:7e:74:ab:b3:9c:32:3b: 11:90:a1:57:22:59:85:40:ef:3d:29:08:c9:67:83: 89:ae:d7:8a:fa:f9:e5:ce:90:2a:e6:4a:19:73:6f: 16:83:2c:e2:22:69:2f:fe:0a:0f:9f:ea:68:0b:32: 85:b9:cf:b2:b7:74:81:89:b4:fa:7f:18:9c:05:28: 29:d1:47:57:26:6f:8f:db:03:bc:01:70:5e:d5:82: 3c:0f:59:8a:ae:ea:43:26:6c:14:ed:5e:56:97:c2: b5:98:ab:1b:45:76:f1:17:ab:79:78:93:97:5a:ae: 28:bf:ea:64:06:50:e1:2b:11:b9:24:31:61:d9:2e: 58:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:7C:B5:47:8A:F3:DE:69:73:08:BF:79:3B:DA:2D:F6:30:EA:70:C6 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption ca:ee:bd:86:e2:1e:6d:0d:85:3b:39:b2:25:ff:96:0c:e6:ea: 35:5c:d5:ec:85:93:18:1a:7a:9f:bc:b6:f9:e5:13:82:29:9a: 6e:f1:a8:7e:cb:30:9c:1e:35:9d:9e:b4:cd:21:a8:16:a2:4d: 10:e1:0b:66:ea:50:50:5b:d2:c6:88:0b:18:c9:6b:e2:ea:1d: fd:ca:e6:52:0c:de:c1:0e:0d:e0:46:7b:d3:5a:28:9a:f0:d8: 98:b5:ca:1f:ed:f9:ac:7c:1d:3b:b3:76:66:d3:b6:c3:43:de: c0:cd:fe:41:14:d2:2b:3c:d2:07:2f:e9:19:f3:33:99:1a:a1: 97:15:9c:c4:92:b8:3a:1f:5c:ea:a3:3f:0d:95:0d:68:b4:5e: 49:a7:19:9e:b7:85:3e:b9:ab:19:73:7a:9a:c1:ac:8b:36:2a: e1:fc:37:73:71:d3:27:c1:52:80:28:20:31:b3:87:da:69:14: 58:f6:1d:dd:64:dc:9c:e3:48:d8:8d:4b:e6:4a:ad:03:a5:82: 47:99:38:dd:08:31:51:72:8c:a4:96:8c:db:fe:cd:e2:43:67: 4b:d6:1b:76:3d:67:38:8a:b8:58:ec:87:ad:a7:e9:c6:1a:aa: 08:b8:bc:75:e2:a7:98:8d:ec:d1:e4:3b:0b:53:32:d1:e6:59: ed:cf:27:9f -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZnFnqUvKO4T5t0LZBV17a4kPUa8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTIwNjAwMDAwOFoX DTI2MDMwNjIzNTk1OVowejFJMEcGA1UEBRNANGQ0ZjE3ODE2MWQzMGNjODMzNTAy MzcyZTc2YTM1YjEyY2U5YWMxYmVjNWZlNmIxNDJmNjUzM2VkYjM4ZmQxZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreDox19ljO572/kGbc3IApMlktpO aB4kh79ZIWTtXKIn/kFSF1dLqEhm+r2MIjZyJXi+Z0uU96VK40ci/xglN2ieaO1D sIC5hoGdHKypRkakRrn1i81R1QednZJVJ21bcwyu83QqVGXMEJ4qk4Hl5v44W0QS y35ekRoFNGkTz350q7OcMjsRkKFXIlmFQO89KQjJZ4OJrteK+vnlzpAq5koZc28W gyziImkv/goPn+poCzKFuc+yt3SBibT6fxicBSgp0UdXJm+P2wO8AXBe1YI8D1mK rupDJmwU7V5Wl8K1mKsbRXbxF6t5eJOXWq4ov+pkBlDhKxG5JDFh2S5YlwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOV8tUeK895pcwi/eTvaLfYw6nDGMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2UzMmM5Y2JkLWEyNDEtNGRmNi05OWJiLWU3ZDE1YWJlNGIzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjoMA0GCSqGSIb3DQEBCwUAA4IBAQDK7r2G4h5tDYU7ObIl/5YM 5uo1XNXshZMYGnqfvLb55ROCKZpu8ah+yzCcHjWdnrTNIagWok0Q4Qtm6lBQW9LG iAsYyWvi6h39yuZSDN7BDg3gRnvTWiia8NiYtcof7fmsfB07s3Zm07bDQ97Azf5B FNIrPNIHL+kZ8zOZGqGXFZzEkrg6H1zqoz8NlQ1otF5Jpxmet4U+uasZc3qawayL Nirh/DdzcdMnwVKAKCAxs4faaRRY9h3dZNyc40jYjUvmSq0DpYJHmTjdCDFRcoyk lozb/s3iQ2dL1ht2PWc4irhY7Ietp+nGGqoIuLx14qeYjezR5DsLUzLR5lntzyef -----END CERTIFICATE-----Generated at Sat Jan 17 08:25:30 2026 by rpki-client