This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52b4befd-8168-4da6-b46f-ec0a40b70ae0.roa File: 52b4befd-8168-4da6-b46f-ec0a40b70ae0.roa (raw, json) Hash identifier: mfaHc3o272aPMH0Bcb0hxBr7v9GftuWs19s4uTur1os= Subject key identifier: 8C:BE:83:21:4D:17:2A:65:7E:97:18:06:4F:6B:47:96:B1:C2:BB:D2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 62A5C8E719B7BF46B1FF4AFBE6C10432790CFEEC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52b4befd-8168-4da6-b46f-ec0a40b70ae0.roa Signing time: Sat 08 Nov 2025 00:20:10 +0000 ROA not before: Sat 08 Nov 2025 00:20:10 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 27 Nov 2025 00:20:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:a5:c8:e7:19:b7:bf:46:b1:ff:4a:fb:e6:c1:04:32:79:0c:fe:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:20:10 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=99cfe9e57e4bf3cf079ca3f810764779ece2d66bc0c25c68e196ab0c8f95a231, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:7c:52:b9:c6:ce:94:4b:57:03:8a:58:15:b5: 47:70:b0:b8:fb:78:a9:bb:7d:2b:0a:de:1d:01:40: d8:a6:b6:ff:30:49:89:c4:b0:2d:e9:e9:6d:1a:72: 62:09:19:1c:64:b8:d3:72:cb:84:1e:83:0d:d0:81: 59:fd:be:16:7e:32:4f:9e:24:27:1a:1d:be:31:bc: b0:fe:ee:bb:d6:a2:3a:04:00:67:33:8e:59:9c:0e: 14:ad:5d:09:7e:f6:19:dc:d1:a8:01:3d:da:2c:a8: c4:65:7b:b7:cc:27:a1:1d:d3:48:1c:71:92:e5:2b: c9:1f:01:26:5e:ea:f1:c5:6c:41:87:62:ad:b3:29: b0:ca:a6:c1:22:c9:7c:0f:0f:f8:ba:b8:64:8b:15: 26:ea:ee:28:d4:b3:b7:02:f4:ce:99:98:ee:9f:68: a9:1c:35:b4:a7:b4:aa:96:ad:00:52:7b:cc:41:20: 3a:7d:70:45:b6:13:38:39:9b:9e:89:37:54:75:18: 3b:73:71:df:73:29:16:ee:4a:f7:22:6e:59:ae:fd: 44:7f:4d:ef:e3:a4:4d:59:9f:51:0d:7d:2d:ce:84: e6:85:cb:be:cb:7b:27:7b:7c:ca:ce:ca:e7:c7:61: da:0e:bc:ba:9e:87:f6:d9:f3:9c:4c:ac:17:ba:75: 60:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:BE:83:21:4D:17:2A:65:7E:97:18:06:4F:6B:47:96:B1:C2:BB:D2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52b4befd-8168-4da6-b46f-ec0a40b70ae0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:7000::/40 Signature Algorithm: sha256WithRSAEncryption 5b:11:08:9d:2e:88:55:98:56:a1:3f:47:ca:5c:2f:91:b8:91: 87:a4:f6:8f:dd:0a:2b:ef:bf:f0:33:b4:45:ac:fe:b4:11:b8: 62:88:1d:79:bf:34:b7:93:88:a5:31:68:d0:ca:a9:e1:ad:48: 5d:7e:2d:75:64:23:a2:d9:8d:3c:2f:39:54:e7:1c:b1:28:79: 8d:4e:ed:66:06:bd:15:ea:7f:e0:28:c9:a0:cb:c1:60:8a:7f: 62:39:46:74:d2:fc:8b:b0:6e:85:7e:47:19:34:2d:6f:25:ae: 42:eb:df:a3:13:43:97:d5:9a:ba:46:86:9d:2c:be:25:c9:08: 4a:00:bb:59:df:a7:a2:eb:f5:e2:d5:43:98:55:de:04:64:0c: 2c:0c:49:25:a3:91:c2:6a:32:8c:ae:c7:29:d8:c9:c1:b2:d2: 9d:1f:b8:a2:76:8c:0b:0a:f7:56:89:40:4e:67:f7:9b:72:47: 64:90:18:8c:52:92:16:fd:a8:b8:05:99:82:fc:23:7e:f8:6e: 4f:4f:06:78:6a:5c:47:f9:e5:ce:81:07:f0:62:8f:4f:79:a7: de:49:27:e2:64:5e:3a:0d:fd:6c:a9:64:39:29:1c:e4:a6:d6: f0:93:29:2e:ad:74:f1:be:ae:52:ad:e8:34:b4:30:68:03:77: 6e:75:b3:aa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYqXI5xm3v0ax/0r75sEEMnkM/uwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMjAxMFoX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNAOTljZmU5ZTU3ZTRiZjNjZjA3OWNh M2Y4MTA3NjQ3NzllY2UyZDY2YmMwYzI1YzY4ZTE5NmFiMGM4Zjk1YTIzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3xSucbOlEtXA4pYFbVHcLC4+3ip u30rCt4dAUDYprb/MEmJxLAt6eltGnJiCRkcZLjTcsuEHoMN0IFZ/b4WfjJPniQn Gh2+Mbyw/u671qI6BABnM45ZnA4UrV0JfvYZ3NGoAT3aLKjEZXu3zCehHdNIHHGS 5SvJHwEmXurxxWxBh2KtsymwyqbBIsl8Dw/4urhkixUm6u4o1LO3AvTOmZjun2ip HDW0p7Sqlq0AUnvMQSA6fXBFthM4OZueiTdUdRg7c3HfcykW7kr3Im5Zrv1Ef03v 46RNWZ9RDX0tzoTmhcu+y3sne3zKzsrnx2HaDry6nof22fOcTKwXunVgUwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIy+gyFNFyplfpcYBk9rR5axwrvSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUyYjRiZWZkLTgxNjgtNGRhNi1iNDZmLWVjMGE0MGI3MGFlMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaXAwDQYJKoZIhvcNAQELBQADggEBAFsRCJ0uiFWYVqE/R8pc L5G4kYek9o/dCivvv/AztEWs/rQRuGKIHXm/NLeTiKUxaNDKqeGtSF1+LXVkI6LZ jTwvOVTnHLEoeY1O7WYGvRXqf+AoyaDLwWCKf2I5RnTS/IuwboV+Rxk0LW8lrkLr 36MTQ5fVmrpGhp0sviXJCEoAu1nfp6Lr9eLVQ5hV3gRkDCwMSSWjkcJqMoyuxynY ycGy0p0fuKJ2jAsK91aJQE5n95tyR2SQGIxSkhb9qLgFmYL8I374bk9PBnhqXEf5 5c6BB/Bij095p95JJ+JkXjoN/WypZDkpHOSm1vCTKS6tdPG+rlKt6DS0MGgDd251 s6o= -----END CERTIFICATE-----Generated at Sun Nov 23 05:42:25 2025 by rpki-client