This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa File: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (raw, json) Hash identifier: 0KQBvN1RE7grhzO1NtsZeBZ2XnIodPRhm+tgqdVJlXU= Subject key identifier: 3D:23:AF:0F:E1:6E:2C:4C:E0:76:C7:4C:E7:20:BD:2B:D1:9B:C0:4B Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 6BBB4FD573F8712101C1ECF04581EE734A3E998D Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa Signing time: Sun 07 Dec 2025 00:00:48 +0000 ROA not before: Sun 07 Dec 2025 00:00:48 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Dec 2025 00:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:bb:4f:d5:73:f8:71:21:01:c1:ec:f0:45:81:ee:73:4a:3e:99:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Dec 7 00:00:48 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=32857e542ce940e29e2f71b2d2b13ef3a9426abc60f063bfda54ee72eb90f3bf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:d5:c9:07:6a:b6:db:e6:cc:67:00:9b:26:ae: 69:ae:8e:1c:ee:4f:88:b8:ae:fe:e8:92:07:e7:97: 68:0f:c5:b9:ae:97:df:81:c0:98:39:6d:f6:52:df: 53:8a:93:11:8b:93:26:df:2d:02:9a:c5:c7:88:56: e9:b6:9d:b5:d8:42:cc:d5:36:ee:26:b9:82:54:97: 1a:ee:16:21:50:da:ed:55:c2:2c:f5:1c:51:10:71: 01:c6:bf:b6:48:cd:57:c0:fb:16:0e:6a:cf:20:fc: 91:cb:51:49:24:d6:0f:dd:a4:0e:5d:0e:da:f3:ca: b0:a5:f1:d7:28:65:c4:07:83:d2:d4:1e:1d:b9:0e: 46:f1:58:a8:ba:dc:04:1c:02:58:49:73:07:6d:84: df:b6:83:28:ed:65:15:29:af:25:a0:36:95:65:88: e8:0b:72:3f:67:97:c7:8d:a1:9e:55:09:7a:48:77: 37:92:53:03:37:e0:52:b6:e5:da:89:f7:57:71:73: 0e:f5:ec:fe:44:df:79:bf:5d:e8:28:d9:5b:f1:a6: 46:90:c2:f0:a2:8f:9c:97:20:46:e4:af:07:1a:bd: a9:7b:7c:b6:d9:60:08:da:ca:ae:5b:23:0f:f1:e0: f9:61:30:91:ef:4b:3a:c4:e1:46:90:fc:2a:90:37: f1:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:23:AF:0F:E1:6E:2C:4C:E0:76:C7:4C:E7:20:BD:2B:D1:9B:C0:4B X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 43:23:ce:b1:27:8c:e5:a3:d1:95:0b:02:c0:74:87:97:15:15: 5f:b3:20:83:da:5f:aa:fa:f8:bb:d3:df:68:66:1c:be:c4:7f: fa:6e:d7:ae:14:c4:9b:4c:15:af:8a:9c:f6:a1:a7:1a:6b:4b: 6a:cc:1c:b7:d5:e5:49:ce:97:e1:25:dc:71:ca:09:c9:16:29: 85:6b:7a:e5:07:98:f7:c9:13:1b:8e:5a:f5:49:3d:6d:65:3b: c0:cb:f1:0f:c9:ff:0e:6c:e7:d6:23:6c:74:0f:0e:da:5d:bf: 76:e0:ff:f8:a2:17:a8:d5:a6:4e:05:3c:6f:6e:3b:23:91:69: 1a:c3:e2:de:1e:ba:4f:4e:7b:4d:63:fe:ee:e3:7b:6d:07:79: 51:de:01:1c:c6:69:30:e5:94:c9:b6:20:85:7d:01:c5:84:67: 39:6a:63:9a:a2:1d:21:b1:8b:57:6c:22:3d:32:3c:6d:5d:c3: 04:35:53:3f:13:fb:a2:e9:8c:c4:f6:67:2c:2d:00:30:ff:8e: 05:30:4c:52:f5:c9:3b:89:9d:8c:11:3a:5b:6c:52:b3:a4:58: d2:12:10:57:12:28:5e:9d:37:c1:bf:0d:b5:aa:c0:60:79:86: 90:d0:64:3d:e2:c0:1a:bb:e0:17:40:c5:c5:f0:f0:a7:ed:16: 7c:cb:3c:b0 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUa7tP1XP4cSEBwezwRYHuc0o+mY0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTIwNzAwMDA0OFoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAMzI4NTdlNTQyY2U5NDBlMjllMmY3 MWIyZDJiMTNlZjNhOTQyNmFiYzYwZjA2M2JmZGE1NGVlNzJlYjkwZjNiZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodXJB2q22+bMZwCbJq5pro4c7k+I uK7+6JIH55doD8W5rpffgcCYOW32Ut9TipMRi5Mm3y0CmsXHiFbptp212ELM1Tbu JrmCVJca7hYhUNrtVcIs9RxREHEBxr+2SM1XwPsWDmrPIPyRy1FJJNYP3aQOXQ7a 88qwpfHXKGXEB4PS1B4duQ5G8VioutwEHAJYSXMHbYTftoMo7WUVKa8loDaVZYjo C3I/Z5fHjaGeVQl6SHc3klMDN+BStuXaifdXcXMO9ez+RN95v13oKNlb8aZGkMLw oo+clyBG5K8HGr2pe3y22WAI2squWyMP8eD5YTCR70s6xOFGkPwqkDfx8wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFD0jrw/hbixM4HbHTOcgvSvRm8BLMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjYjNlOWY5LTQ2YTItNDFlYi1hNGI3LTc1YjUzZDc5MWYzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQBDI86xJ4zlo9GVCwLAdIeX FRVfsyCD2l+q+vi7099oZhy+xH/6bteuFMSbTBWvipz2oacaa0tqzBy31eVJzpfh JdxxygnJFimFa3rlB5j3yRMbjlr1ST1tZTvAy/EPyf8ObOfWI2x0Dw7aXb924P/4 oheo1aZOBTxvbjsjkWkaw+LeHrpPTntNY/7u43ttB3lR3gEcxmkw5ZTJtiCFfQHF hGc5amOaoh0hsYtXbCI9MjxtXcMENVM/E/ui6YzE9mcsLQAw/44FMExS9ck7iZ2M ETpbbFKzpFjSEhBXEihenTfBvw21qsBgeYaQ0GQ94sAau+AXQMXF8PCn7RZ8yzyw -----END CERTIFICATE-----Generated at Fri Dec 12 22:47:14 2025 by rpki-client