This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca2987e0-54d6-4246-8dd5-4284e82f8d14.roa File: ca2987e0-54d6-4246-8dd5-4284e82f8d14.roa (raw, json) Hash identifier: cSY8gDX8zmQ6KYiZQpU/kJo1Y0diCNUbp3bezeLoJrY= Subject key identifier: 61:4C:C2:08:2B:43:58:7F:97:F7:7F:64:A7:24:A0:D0:7C:8A:D3:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11869A40C8255F3F386FE378EBDF0A650C2E8E7A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca2987e0-54d6-4246-8dd5-4284e82f8d14.roa Signing time: Sun 23 Nov 2025 00:00:12 +0000 ROA not before: Sun 23 Nov 2025 00:00:12 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:a0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 27 Nov 2025 00:20:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:86:9a:40:c8:25:5f:3f:38:6f:e3:78:eb:df:0a:65:0c:2e:8e:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 23 00:00:12 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=4de5702e37a34e5eb5a7747925ee31e385735f8642dfffba61c1494ca4e1c7ce, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:21:23:1e:32:b5:08:61:5a:c2:a1:16:21:ce: ca:02:af:83:79:61:6e:50:75:de:34:70:7d:d3:0b: 61:27:22:57:19:db:c1:3c:1b:a1:9f:2c:3d:3b:eb: 84:59:c4:42:45:a7:9c:41:6f:39:f7:ab:39:8a:93: 88:8f:71:91:35:c5:2e:01:0f:9b:d8:b6:ca:11:be: 9e:80:b5:8f:cf:0a:a6:7e:1a:e1:9e:ea:2a:fc:46: 35:5e:84:66:e2:4e:b4:d4:30:44:82:ca:d1:1c:cf: 56:75:4f:3c:14:54:3e:c5:37:ff:49:32:6f:1c:72: aa:34:2e:c9:45:ff:c1:1b:89:b0:c8:c0:da:76:d6: d7:d9:05:d3:62:20:6c:96:7b:e8:0c:b2:fb:e2:27: dc:98:e8:ac:ac:b3:79:7c:37:ad:52:6e:6c:24:96: 8c:41:d9:bf:21:49:7a:e4:70:46:34:8b:8c:c3:84: c1:2c:2c:40:db:ca:b3:ad:c9:8c:c3:30:fe:a1:44: 7e:ee:fb:62:31:69:c4:9c:54:ed:ec:c5:e5:ed:f8: 90:c2:fd:18:82:3f:c6:ed:11:9f:96:34:ed:d6:2a: 66:c2:58:ee:52:e7:d5:71:a1:0b:b3:4f:1d:f4:3b: 83:83:9c:80:a2:c1:7a:9e:63:48:3e:86:93:5c:5d: 09:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:4C:C2:08:2B:43:58:7F:97:F7:7F:64:A7:24:A0:D0:7C:8A:D3:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca2987e0-54d6-4246-8dd5-4284e82f8d14.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:a0c0::/46 Signature Algorithm: sha256WithRSAEncryption a9:0c:f0:65:d2:a4:20:18:8e:0b:77:9c:37:92:87:87:a2:25: b2:5c:57:fe:0b:6d:dc:97:62:1a:c1:f0:56:e2:ba:2a:f0:7c: bb:a6:80:fb:d5:27:11:1d:10:90:ac:26:22:59:79:ed:29:82: ca:ab:68:cf:81:c7:ca:1d:36:7b:96:47:79:04:f7:d3:37:ec: 8a:69:70:94:8c:7d:4b:c1:4d:d6:52:a1:32:35:dc:30:1b:3a: 77:54:87:17:2a:fa:3a:11:aa:e7:b9:71:e3:d9:af:4d:d4:d2: bd:7f:ec:f5:69:25:af:2d:df:26:96:95:8e:b1:fa:b3:de:cc: b2:bd:b3:97:35:bf:04:1d:aa:d9:ff:93:53:0c:12:07:92:75: 5f:ab:8f:d0:79:c2:e5:1b:0a:49:0b:1e:93:a8:e6:fc:09:7a: d9:2e:3f:00:9a:1f:d4:d8:72:1f:06:1e:ca:4d:19:5c:25:e4: 05:3c:af:6a:f7:36:75:70:37:fc:81:64:33:4c:8f:d5:da:84: 60:a9:15:9b:16:12:ac:3c:93:fc:a4:fb:8d:8e:4f:f3:8b:9c: 43:13:5b:88:95:a4:e7:23:d6:db:d2:51:b9:4c:87:df:54:4e: 8b:a3:a7:91:34:5e:71:a9:b2:9c:c3:7b:6d:8d:46:0b:20:5b: 78:f3:58:8a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEYaaQMglXz84b+N4698KZQwujnowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEyMzAwMDAxMloX DTI2MDIyMTIzNTk1OVowejFJMEcGA1UEBRNANGRlNTcwMmUzN2EzNGU1ZWI1YTc3 NDc5MjVlZTMxZTM4NTczNWY4NjQyZGZmZmJhNjFjMTQ5NGNhNGUxYzdjZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySEjHjK1CGFawqEWIc7KAq+DeWFu UHXeNHB90wthJyJXGdvBPBuhnyw9O+uEWcRCRaecQW8596s5ipOIj3GRNcUuAQ+b 2LbKEb6egLWPzwqmfhrhnuoq/EY1XoRm4k601DBEgsrRHM9WdU88FFQ+xTf/STJv HHKqNC7JRf/BG4mwyMDadtbX2QXTYiBslnvoDLL74ifcmOisrLN5fDetUm5sJJaM Qdm/IUl65HBGNIuMw4TBLCxA28qzrcmMwzD+oUR+7vtiMWnEnFTt7MXl7fiQwv0Y gj/G7RGfljTt1ipmwljuUufVcaELs08d9DuDg5yAosF6nmNIPoaTXF0JMwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGFMwggrQ1h/l/d/ZKckoNB8itNAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NhMjk4N2UwLTU0ZDYtNDI0Ni04ZGQ1LTQyODRlODJmOGQxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba86DAMA0GCSqGSIb3DQEBCwUAA4IBAQCpDPBl0qQgGI4Ld5w3 koeHoiWyXFf+C23cl2IawfBW4roq8Hy7poD71ScRHRCQrCYiWXntKYLKq2jPgcfK HTZ7lkd5BPfTN+yKaXCUjH1LwU3WUqEyNdwwGzp3VIcXKvo6EarnuXHj2a9N1NK9 f+z1aSWvLd8mlpWOsfqz3syyvbOXNb8EHarZ/5NTDBIHknVfq4/QecLlGwpJCx6T qOb8CXrZLj8Amh/U2HIfBh7KTRlcJeQFPK9q9zZ1cDf8gWQzTI/V2oRgqRWbFhKs PJP8pPuNjk/zi5xDE1uIlaTnI9bb0lG5TIffVE6Lo6eRNF5xqbKcw3ttjUYLIFt4 81iK -----END CERTIFICATE-----Generated at Sun Nov 23 05:43:02 2025 by rpki-client