This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa File: fb17f286-f77e-445f-a084-0fef8b29ef6e.roa (raw, json) Hash identifier: YuHGMPcwa8KpVXXEj9gkbWFcDo8VDQb8Gi5Pp03Uo+g= Subject key identifier: 33:0E:2C:56:EA:AB:54:26:63:35:4F:AA:C8:2B:F5:AE:24:D1:18:C0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 704EE417993A99348B51955C4B08E72E6E05C098 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa Signing time: Tue 11 Nov 2025 00:00:31 +0000 ROA not before: Tue 11 Nov 2025 00:00:31 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 00:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:4e:e4:17:99:3a:99:34:8b:51:95:5c:4b:08:e7:2e:6e:05:c0:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 11 00:00:31 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=18dedcd1ebecfb8cb8b9f346045e7d97cf4ead9200e1c71afa0c54aff608f3fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b2:6a:3c:a2:6d:a6:c6:83:65:f5:f0:c2:3b: 99:b6:c3:61:75:3d:52:6d:25:a3:d2:19:fb:6f:51: fd:80:f0:bd:8b:1a:7d:fc:fc:5c:3a:85:56:b7:b9: 7b:4a:b0:82:c8:50:15:be:6b:ac:59:85:66:e3:27: 0e:03:54:7f:9a:9d:15:69:46:e7:d9:2b:06:cf:12: a3:48:94:a3:49:f1:5d:8d:ec:b1:0a:e9:b4:24:0f: 05:85:9f:18:89:83:4b:4d:83:d1:b3:b7:26:86:ca: 53:11:4d:18:b2:80:6f:a2:a3:5e:a0:ff:3c:fc:01: be:5b:16:a8:b4:67:88:ac:3c:45:c0:01:ab:c0:6e: 5b:06:09:10:39:d9:22:c7:e1:cc:eb:10:08:be:7f: 3b:12:d8:6b:8b:0f:c3:e3:ec:28:d9:77:73:dc:23: 48:35:d8:3d:55:55:ee:e4:54:af:33:4a:c2:4c:d3: 99:7d:f5:33:33:08:42:ba:0d:93:bf:da:ed:67:1b: b7:54:dd:a3:a7:96:57:12:ac:b7:60:e1:37:f3:0e: a1:eb:6b:4a:7d:fb:4b:c1:7e:85:79:ce:c5:9c:d5: 60:ca:38:6e:c2:74:bc:0f:eb:29:13:9a:70:b2:43: e5:c3:eb:75:c0:cb:e8:af:c0:d7:0f:53:a7:33:c9: a7:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:0E:2C:56:EA:AB:54:26:63:35:4F:AA:C8:2B:F5:AE:24:D1:18:C0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:800::/40 Signature Algorithm: sha256WithRSAEncryption 30:35:bc:b0:f6:2b:71:d1:fa:af:1d:64:00:df:e6:a6:c2:6e: 12:21:83:2d:b8:77:e5:25:01:8b:b2:4b:98:83:55:b8:cd:38: a5:b2:3d:37:67:49:7d:e6:17:9f:4f:87:bc:51:ce:d2:aa:e3: 0b:0f:1d:a0:f4:3c:88:ff:d8:b0:7c:ac:1a:09:38:8f:06:0d: 7d:fd:4f:99:d9:ff:6a:a9:0c:cd:3c:ed:17:08:a4:b0:19:b3: 56:da:51:9a:78:61:40:ad:9b:43:a4:91:8e:e0:23:75:fa:1d: 07:1e:4a:75:4c:dc:d5:25:ee:7c:82:fe:4e:d4:58:69:ee:8c: 71:a4:ff:ea:62:71:27:8f:a4:69:20:3b:df:81:4d:75:89:7f: 28:c0:f1:09:fd:95:9c:ff:e9:1c:45:31:a7:4b:6c:5f:2d:a6: c4:f6:49:c1:67:b8:72:dd:12:a2:f0:c0:34:2e:d1:67:9b:0c: 4d:61:03:c5:31:70:ef:24:06:6a:b0:bc:49:65:9b:9c:fb:8f: 71:5c:52:79:87:1b:c6:b1:5c:dd:a3:c8:12:b8:2f:3a:12:8b: ca:20:e5:4c:67:7e:a1:cf:51:71:56:9d:17:c5:b5:18:5e:33: e9:2e:5d:25:e9:0d:bb:47:fd:4a:78:b5:1c:5b:f6:8e:b7:1c: f2:3b:99:42 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcE7kF5k6mTSLUZVcSwjnLm4FwJgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMTAwMDAzMVoX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNAMThkZWRjZDFlYmVjZmI4Y2I4Yjlm MzQ2MDQ1ZTdkOTdjZjRlYWQ5MjAwZTFjNzFhZmEwYzU0YWZmNjA4ZjNmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrJqPKJtpsaDZfXwwjuZtsNhdT1S bSWj0hn7b1H9gPC9ixp9/PxcOoVWt7l7SrCCyFAVvmusWYVm4ycOA1R/mp0VaUbn 2SsGzxKjSJSjSfFdjeyxCum0JA8FhZ8YiYNLTYPRs7cmhspTEU0YsoBvoqNeoP88 /AG+WxaotGeIrDxFwAGrwG5bBgkQOdkix+HM6xAIvn87Ethriw/D4+wo2Xdz3CNI Ndg9VVXu5FSvM0rCTNOZffUzMwhCug2Tv9rtZxu3VN2jp5ZXEqy3YOE38w6h62tK fftLwX6Fec7FnNVgyjhuwnS8D+spE5pwskPlw+t1wMvor8DXD1OnM8mnJwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDMOLFbqq1QmYzVPqsgr9a4k0RjAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiMTdmMjg2LWY3N2UtNDQ1Zi1hMDg0LTBmZWY4YjI5ZWY2ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauAgwDQYJKoZIhvcNAQELBQADggEBADA1vLD2K3HR+q8dZADf 5qbCbhIhgy24d+UlAYuyS5iDVbjNOKWyPTdnSX3mF59Ph7xRztKq4wsPHaD0PIj/ 2LB8rBoJOI8GDX39T5nZ/2qpDM087RcIpLAZs1baUZp4YUCtm0OkkY7gI3X6HQce SnVM3NUl7nyC/k7UWGnujHGk/+picSePpGkgO9+BTXWJfyjA8Qn9lZz/6RxFMadL bF8tpsT2ScFnuHLdEqLwwDQu0WebDE1hA8UxcO8kBmqwvEllm5z7j3FcUnmHG8ax XN2jyBK4LzoSi8og5UxnfqHPUXFWnRfFtRheM+kuXSXpDbtH/Up4tRxb9o63HPI7 mUI= -----END CERTIFICATE-----Generated at Fri Dec 5 12:48:55 2025 by rpki-client