This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa File: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (raw, json) Hash identifier: zj3uaCJ1OVw76COdDaPaPY8yFlOeR+/ReGZ6syX0RDg= Subject key identifier: AD:F0:55:93:67:FC:A0:83:F9:E7:B7:C6:B8:55:81:37:B8:F4:29:CE Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 471BF4DE94C82E883CCF3190F30D4D48CB623FD7 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa Signing time: Tue 11 Nov 2025 00:00:41 +0000 ROA not before: Tue 11 Nov 2025 00:00:41 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 00:03:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:1b:f4:de:94:c8:2e:88:3c:cf:31:90:f3:0d:4d:48:cb:62:3f:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Nov 11 00:00:41 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=2e2cff4935a9ec668e0ba8ddced6c7dd7a6e46f77e7ce73ad41c6df74e40057d, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:3a:07:31:b7:2a:a1:7b:e4:89:9b:4f:9a:1e: ea:10:c9:b5:d1:dc:85:28:3a:53:dc:51:80:0a:8a: d8:af:54:19:c3:37:0c:f4:c1:37:1d:5d:1d:20:9c: c9:72:8b:20:d9:37:9a:f1:aa:ee:70:d1:21:a9:ef: bb:c2:4d:fc:c6:c1:72:21:72:d6:14:a5:fd:15:ca: 05:8c:e0:65:76:67:7b:02:24:f0:52:07:94:46:f0: 37:b0:e2:a3:c3:61:f2:83:8f:33:10:f0:99:a2:87: 59:43:6d:f8:cb:9b:be:b3:ee:8d:11:6f:fb:f3:96: 05:59:6a:db:a0:03:b8:e6:67:31:a7:e3:14:f0:a7: e0:e0:2a:01:88:76:05:43:ed:c9:ce:ef:eb:8e:2b: a4:e3:d5:5b:1f:cf:e2:c3:1a:b7:62:aa:52:45:a1: d7:0e:36:fc:d8:58:ff:be:89:f1:60:e0:0c:e6:26: a4:8a:4d:26:92:98:8b:ea:21:b2:6c:d8:52:ea:c2: 8a:04:c1:be:52:d3:86:31:84:2a:c9:96:c8:45:49: a7:76:24:7c:62:7d:fe:c6:6a:c7:c9:b2:ec:9f:f8: 78:d1:50:79:75:d0:7d:66:0b:c2:7b:13:ed:fd:28: 6e:3f:98:91:3b:4a:ce:3a:77:28:f0:4c:61:ca:b8: 89:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:F0:55:93:67:FC:A0:83:F9:E7:B7:C6:B8:55:81:37:B8:F4:29:CE X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption b0:b4:56:4e:a4:a3:46:ad:1d:a5:4f:db:73:5a:e5:12:76:b3: c6:5f:70:76:c9:c4:0b:ff:3a:2d:5a:24:4d:39:6a:ea:7f:3d: ba:2d:c1:3e:bf:47:b0:f0:8b:14:12:1b:62:83:12:01:c8:92: 11:f9:a3:e5:fe:a5:85:9d:ee:e3:ee:8a:b4:25:a8:7f:59:43: f5:3b:78:2c:76:1b:94:0c:a2:56:d9:20:d0:b5:77:95:57:49: 7f:30:be:ca:da:b3:a0:37:b1:21:f6:2b:e8:fb:ca:02:44:c4: 39:83:c8:0f:2b:75:8e:54:e0:6e:0d:e9:8c:fa:92:04:d3:a2: 89:3a:29:72:61:0d:19:5a:a3:80:46:d7:77:06:00:04:1a:ca: c4:1b:38:1e:25:e2:a5:88:b6:fd:19:be:1f:4c:65:6a:e5:f8: f9:50:80:c3:92:03:8b:f6:19:dc:72:6e:12:5c:24:83:80:02: 76:5d:9b:1d:a7:be:fc:cd:e6:75:41:27:d7:ea:1c:bf:99:39: a3:01:92:4c:10:eb:ce:55:07:e4:aa:1f:d3:76:c5:c8:ad:08: 84:2c:bf:a0:a1:3b:51:12:37:a9:78:f9:0f:99:38:d7:6f:16: 62:de:be:59:db:49:1d:d3:d5:64:73:65:35:e7:6c:00:8c:b7: 0d:7a:cf:1b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIURxv03pTILog8zzGQ8w1NSMtiP9cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTExMTAwMDA0MVoX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNAMmUyY2ZmNDkzNWE5ZWM2NjhlMGJh OGRkY2VkNmM3ZGQ3YTZlNDZmNzdlN2NlNzNhZDQxYzZkZjc0ZTQwMDU3ZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlToHMbcqoXvkiZtPmh7qEMm10dyF KDpT3FGACorYr1QZwzcM9ME3HV0dIJzJcosg2Tea8arucNEhqe+7wk38xsFyIXLW FKX9FcoFjOBldmd7AiTwUgeURvA3sOKjw2Hyg48zEPCZoodZQ234y5u+s+6NEW/7 85YFWWrboAO45mcxp+MU8Kfg4CoBiHYFQ+3Jzu/rjiuk49VbH8/iwxq3YqpSRaHX Djb82Fj/vonxYOAM5iakik0mkpiL6iGybNhS6sKKBMG+UtOGMYQqyZbIRUmndiR8 Yn3+xmrHybLsn/h40VB5ddB9ZgvCexPt/ShuP5iRO0rOOnco8ExhyriJIQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFK3wVZNn/KCD+ee3xrhVgTe49CnOMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 Lzg4MmE3NjdjLTBmYWYtNGU3MS1hMjI0LWVjZWM0N2Q5OGZjYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjgMA0GCSqGSIb3DQEBCwUAA4IBAQCwtFZOpKNGrR2lT9tzWuUS drPGX3B2ycQL/zotWiRNOWrqfz26LcE+v0ew8IsUEhtigxIByJIR+aPl/qWFne7j 7oq0Jah/WUP1O3gsdhuUDKJW2SDQtXeVV0l/ML7K2rOgN7Eh9ivo+8oCRMQ5g8gP K3WOVOBuDemM+pIE06KJOilyYQ0ZWqOARtd3BgAEGsrEGzgeJeKliLb9Gb4fTGVq 5fj5UIDDkgOL9hnccm4SXCSDgAJ2XZsdp778zeZ1QSfX6hy/mTmjAZJMEOvOVQfk qh/TdsXIrQiELL+goTtREjepePkPmTjXbxZi3r5Z20kd09Vkc2U152wAjLcNes8b -----END CERTIFICATE-----Generated at Wed Dec 3 01:15:27 2025 by rpki-client