This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa File: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (raw, json) Hash identifier: 7afo5LLkt/dawCqL1w85c3A7fRQwHfF7kMp908Gn4G0= Subject key identifier: C0:5B:A0:63:B0:52:CC:6B:C6:43:65:A0:F0:50:B2:A8:E8:3D:E7:29 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 69F4C86497C1EBEC65E81805B682EE8E6EEF9CDE Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa Signing time: Sun 07 Dec 2025 00:00:35 +0000 ROA not before: Sun 07 Dec 2025 00:00:35 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Dec 2025 00:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:f4:c8:64:97:c1:eb:ec:65:e8:18:05:b6:82:ee:8e:6e:ef:9c:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Dec 7 00:00:35 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=470f121d41c8fbb4da66e8447b945b1a1b4a3ac13ffbfba2d6bb29fa7227cebf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ac:ac:83:8d:67:0f:a9:1d:58:63:3d:f0:bd: c0:81:c7:73:a8:f3:10:2f:92:fe:d8:3c:06:e3:87: f4:ad:6f:02:97:27:c8:22:3a:5e:87:d4:0d:a0:e2: 91:21:5f:89:fc:95:8f:61:ef:a5:ee:e0:6a:85:30: d8:32:22:4f:90:3a:44:db:b0:d3:8e:12:18:bd:a8: 6e:a0:d6:64:a6:33:5a:2b:39:b7:bf:d5:d3:f3:a7: 4e:fd:c5:81:c5:9b:d1:8e:b3:dd:58:08:65:2c:09: 97:34:47:e3:ba:a6:f8:5d:ab:46:00:c6:96:b1:ac: 23:79:d2:95:f3:5d:ca:52:f0:83:4c:bb:45:b3:dc: 56:02:ed:18:3f:8d:8f:66:ef:8f:b8:bd:d9:c5:35: d7:2f:38:0e:f5:89:ed:08:a9:c6:dd:10:79:0a:82: 91:ce:40:6f:1e:8c:fd:4d:0a:c9:35:30:63:2d:bd: 53:84:91:ac:bf:85:4c:7e:49:7b:2c:98:0b:24:20: 64:71:70:22:5d:15:82:31:52:ad:e8:59:64:cd:9c: a9:b6:17:61:78:a3:8b:9c:4c:aa:41:ae:0d:e9:2b: 34:94:97:19:93:24:10:14:1a:14:f3:73:97:79:99: 26:78:8b:f6:15:75:40:c5:2e:b1:5c:e4:e0:90:47: b1:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:5B:A0:63:B0:52:CC:6B:C6:43:65:A0:F0:50:B2:A8:E8:3D:E7:29 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.240.0/21 Signature Algorithm: sha256WithRSAEncryption 4e:9d:fc:6a:2c:4e:a2:ea:17:eb:07:ea:0e:76:a1:02:f4:be: f1:6d:98:49:ba:74:c6:c0:26:4f:b2:5b:d7:6a:0a:0d:db:e2: d6:86:48:4c:5b:4c:91:48:8f:41:ec:51:fa:9c:48:34:44:b8: e2:e1:eb:e3:dc:13:49:19:98:8c:79:3d:6b:1c:c6:04:72:05: 49:9e:78:93:45:2f:b2:ba:5c:9e:60:8b:ef:6a:b8:aa:92:05: 94:7d:68:3a:65:a1:6e:3b:ca:95:91:ab:97:62:ce:16:f8:1a: ca:e5:e5:01:c3:4c:d3:9a:0c:f5:44:0c:db:01:ae:43:a2:cb: a2:c3:a0:0e:b9:ad:3d:20:53:22:11:0e:38:27:17:ca:07:65: 36:44:70:41:af:be:07:c2:e4:14:45:45:b6:ef:22:95:06:00: 19:5b:30:a7:db:a8:55:2f:d0:e9:22:75:6c:fd:a0:ce:c8:19: 29:da:f8:2a:a3:ee:e2:d5:c2:11:a9:50:60:9e:44:06:9c:ac: e6:1a:a1:0b:ef:d8:26:29:69:5e:c7:1f:eb:fb:c2:31:9a:c6: bc:39:93:5f:de:47:47:3a:24:f0:cc:2b:03:b1:f9:68:53:f2: df:76:d9:ac:ea:17:99:bc:70:4e:05:cc:f4:bf:17:ef:6a:f1: 6e:cc:e6:62 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUafTIZJfB6+xl6BgFtoLujm7vnN4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTIwNzAwMDAzNVoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNANDcwZjEyMWQ0MWM4ZmJiNGRhNjZl ODQ0N2I5NDViMWExYjRhM2FjMTNmZmJmYmEyZDZiYjI5ZmE3MjI3Y2ViZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaysg41nD6kdWGM98L3AgcdzqPMQ L5L+2DwG44f0rW8ClyfIIjpeh9QNoOKRIV+J/JWPYe+l7uBqhTDYMiJPkDpE27DT jhIYvahuoNZkpjNaKzm3v9XT86dO/cWBxZvRjrPdWAhlLAmXNEfjuqb4XatGAMaW sawjedKV813KUvCDTLtFs9xWAu0YP42PZu+PuL3ZxTXXLzgO9YntCKnG3RB5CoKR zkBvHoz9TQrJNTBjLb1ThJGsv4VMfkl7LJgLJCBkcXAiXRWCMVKt6FlkzZypthdh eKOLnEyqQa4N6Ss0lJcZkyQQFBoU83OXeZkmeIv2FXVAxS6xXOTgkEexCQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMBboGOwUsxrxkNloPBQsqjoPecpMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQwOTU2NjkwLTM2NjEtNDlmMi04ZWJjLTJmYTVhNDdhOThhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jwMA0GCSqGSIb3DQEBCwUAA4IBAQBOnfxqLE6i6hfrB+oOdqEC 9L7xbZhJunTGwCZPslvXagoN2+LWhkhMW0yRSI9B7FH6nEg0RLji4evj3BNJGZiM eT1rHMYEcgVJnniTRS+yulyeYIvvariqkgWUfWg6ZaFuO8qVkauXYs4W+BrK5eUB w0zTmgz1RAzbAa5Dosuiw6AOua09IFMiEQ44JxfKB2U2RHBBr74HwuQURUW27yKV BgAZWzCn26hVL9DpInVs/aDOyBkp2vgqo+7i1cIRqVBgnkQGnKzmGqEL79gmKWle xx/r+8Ixmsa8OZNf3kdHOiTwzCsDsfloU/Lfdtms6heZvHBOBcz0vxfvavFuzOZi -----END CERTIFICATE-----Generated at Fri Dec 12 22:48:32 2025 by rpki-client