This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa File: 6018436a-9c1a-42cb-8584-15032be971bb.roa (raw, json) Hash identifier: nHXN88LZIwxlL38zyvg28pu8kz6trolJjd/28cxmn5A= Subject key identifier: 4C:94:77:B0:D6:03:5E:B3:91:BC:EB:85:E1:35:A3:5C:13:B0:5A:6F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4BDC531372F85EB8FCC82B11722D5F0FAAFB5397 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa Signing time: Tue 25 Nov 2025 00:00:07 +0000 ROA not before: Tue 25 Nov 2025 00:00:07 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da24::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 02 Dec 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:dc:53:13:72:f8:5e:b8:fc:c8:2b:11:72:2d:5f:0f:aa:fb:53:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 25 00:00:07 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=3118ef50c9cd04445deb1fe95a2a685dcb4226cfdd5c7af4dfe326d6a9fbaffa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:67:a4:fe:a6:ee:d8:63:15:06:9b:8c:39:d0: 2f:a1:a6:f5:8b:32:36:65:14:84:3b:2c:02:17:19: 45:b6:6a:27:b2:05:08:f1:2a:b6:44:57:0c:42:d3: 26:62:4b:1d:08:b4:08:81:bb:a6:5c:fe:24:b6:0d: 7e:c7:03:bb:37:85:2f:23:40:1c:7d:cc:9e:2e:bf: 7c:c4:8e:ba:94:50:52:5e:a2:bd:d0:f0:6e:f9:b3: 1d:00:be:97:df:21:62:23:a1:7b:50:59:15:3e:a3: 80:85:21:de:c2:54:c8:36:66:8d:40:1d:e9:a9:da: 73:b3:27:17:f9:e8:de:e3:20:55:bd:1d:57:de:6e: 83:81:fc:bb:e7:55:0c:09:28:f0:fa:fe:34:0f:ae: fe:3e:66:1c:7c:7a:fa:58:16:88:fa:95:2b:eb:0d: 2e:81:87:b1:ec:1a:f7:ed:50:4d:38:e3:d6:4f:fe: e6:6f:7c:6d:92:85:46:5e:3b:aa:f6:38:40:07:bf: 29:4e:fb:ce:f5:7d:c9:f2:79:15:1b:08:17:9d:61: 8e:5d:dd:94:4d:5c:cc:7e:15:f5:ad:56:73:cf:13: d5:64:79:21:19:96:14:7a:ba:9f:d8:49:5f:a0:6f: 37:21:55:36:14:f1:90:19:c4:f1:df:ba:95:97:a0: 1d:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:94:77:B0:D6:03:5E:B3:91:BC:EB:85:E1:35:A3:5C:13:B0:5A:6F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24::/36 Signature Algorithm: sha256WithRSAEncryption 50:0f:a5:4c:d5:71:fa:3e:d7:3a:2f:40:4c:99:d6:8a:c3:db: 3d:e0:0a:fc:d3:ef:1c:40:13:5b:1e:63:75:8a:b7:81:02:34: 59:52:fd:97:38:d4:00:bb:79:7b:7b:07:f0:65:e1:fc:e8:ae: 46:a5:90:e9:0b:33:13:b5:f5:d7:cc:0e:85:a4:2e:eb:3c:13: 04:e9:f9:ca:17:e2:d6:d8:85:c7:ad:8c:ea:d2:4b:e6:7a:cf: 81:fa:c9:12:c3:35:d1:33:0b:ca:eb:52:05:8d:78:3f:43:40: 04:d4:2d:38:43:a1:ed:b4:19:c4:f5:3f:11:14:c9:9c:2e:79: 0d:77:2a:c7:41:a2:d5:8f:21:06:74:8e:37:10:f7:78:27:1b: cf:f2:04:76:03:a6:5c:c7:d9:cf:aa:bb:b4:94:48:21:20:b5: 69:94:1a:6b:f9:83:e9:5f:67:d5:c6:43:03:af:e6:1d:ea:fa: d2:99:56:b1:24:7c:95:33:b4:55:30:2e:13:b6:74:14:ff:1d: 36:53:c9:e4:6e:7f:b4:9a:33:c9:44:d4:b9:99:61:d6:2f:5f: 90:9d:e9:e4:e7:8f:bf:ea:8b:c5:05:c5:23:f4:e8:aa:6c:90: 00:95:75:5e:92:6b:02:72:74:47:2f:97:2a:21:1d:86:78:fb: 68:e0:67:ae -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUS9xTE3L4Xrj8yCsRci1fD6r7U5cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyNTAwMDAwN1oX DTI2MDIyMzIzNTk1OVowejFJMEcGA1UEBRNAMzExOGVmNTBjOWNkMDQ0NDVkZWIx ZmU5NWEyYTY4NWRjYjQyMjZjZmRkNWM3YWY0ZGZlMzI2ZDZhOWZiYWZmYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWek/qbu2GMVBpuMOdAvoab1izI2 ZRSEOywCFxlFtmonsgUI8Sq2RFcMQtMmYksdCLQIgbumXP4ktg1+xwO7N4UvI0Ac fcyeLr98xI66lFBSXqK90PBu+bMdAL6X3yFiI6F7UFkVPqOAhSHewlTINmaNQB3p qdpzsycX+eje4yBVvR1X3m6Dgfy751UMCSjw+v40D67+PmYcfHr6WBaI+pUr6w0u gYex7Br37VBNOOPWT/7mb3xtkoVGXjuq9jhAB78pTvvO9X3J8nkVGwgXnWGOXd2U TVzMfhX1rVZzzxPVZHkhGZYUerqf2ElfoG83IVU2FPGQGcTx37qVl6AdbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEyUd7DWA16zkbzrheE1o1wTsFpvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYwMTg0MzZhLTljMWEtNDJjYi04NTg0LTE1MDMyYmU5NzFiYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJAAwDQYJKoZIhvcNAQELBQADggEBAFAPpUzVcfo+1zovQEyZ 1orD2z3gCvzT7xxAE1seY3WKt4ECNFlS/Zc41AC7eXt7B/Bl4fzorkalkOkLMxO1 9dfMDoWkLus8EwTp+coX4tbYhcetjOrSS+Z6z4H6yRLDNdEzC8rrUgWNeD9DQATU LThDoe20GcT1PxEUyZwueQ13KsdBotWPIQZ0jjcQ93gnG8/yBHYDplzH2c+qu7SU SCEgtWmUGmv5g+lfZ9XGQwOv5h3q+tKZVrEkfJUztFUwLhO2dBT/HTZTyeRuf7Sa M8lE1LmZYdYvX5Cd6eTnj7/qi8UFxSP06KpskACVdV6SawJydEcvlyohHYZ4+2jg Z64= -----END CERTIFICATE-----Generated at Fri Nov 28 07:20:17 2025 by rpki-client