This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: 8YU7fg0zlfz3zh4wwfhvDooXzSoHUcM3m57KVGTCELU= Subject key identifier: A9:2A:F2:C7:C3:80:8B:83:0D:DA:3D:7E:C3:2F:78:4A:87:0E:E6:63 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 6A93003C92C6F33D16982E0E4A1F4CDA642724C7 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Tue 18 Nov 2025 00:00:09 +0000 ROA not before: Tue 18 Nov 2025 00:00:09 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 00:03:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:93:00:3c:92:c6:f3:3d:16:98:2e:0e:4a:1f:4c:da:64:27:24:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Nov 18 00:00:09 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=9794460951c86a0970f400019d995c130a6eb9927858267c115c2d0c2b10a4d2, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d9:db:bb:81:78:24:46:8b:33:31:55:d0:41: 32:d3:da:b9:10:f1:47:f6:c0:ec:67:5d:ed:43:a8: 1e:6a:11:81:f0:e8:bb:cd:53:14:56:9e:38:2c:be: f5:d4:a3:99:61:90:e9:af:a3:1f:08:36:09:d2:d9: 5b:6b:37:e3:e5:15:24:3b:8e:75:cd:b9:be:6b:45: 82:5c:5d:0f:1d:04:cc:1b:33:c8:b5:6a:80:d0:c4: 71:87:b4:e6:05:da:f9:cd:37:58:d0:de:1a:ea:95: c6:99:fa:33:04:e9:ab:1d:94:93:6d:22:f8:d3:7e: 7f:10:bb:3d:d9:d9:ff:fc:22:2b:94:1a:9b:fb:0e: b0:07:76:2f:e5:cc:2a:0e:a6:41:df:75:05:a8:f8: c5:8d:3e:07:46:f0:52:9c:bd:39:4c:5a:38:00:67: 49:02:41:1d:b0:fb:05:1d:c1:70:f5:86:08:5a:df: 87:84:0b:8f:65:2f:6a:ab:1c:7a:e9:75:f1:35:5f: a6:01:3f:c1:a0:00:c6:a6:fd:b8:e3:50:d1:ab:4b: aa:30:b5:cb:f3:f6:b6:ec:92:c2:6e:fe:a5:4a:5a: 11:5d:40:64:fd:eb:dc:10:81:ad:78:f4:31:cd:f5: 7b:35:9c:92:ad:94:3c:4a:19:3e:a5:75:6c:86:15: f6:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:2A:F2:C7:C3:80:8B:83:0D:DA:3D:7E:C3:2F:78:4A:87:0E:E6:63 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 42:02:c9:57:c5:2d:82:83:12:52:67:38:ec:cb:35:6a:59:d3: 53:4f:5e:c2:77:1a:fa:2b:16:c8:ff:77:7d:cc:d6:f0:a5:5a: 35:ca:81:5b:f9:a2:49:58:a2:46:7d:42:2a:4b:20:ad:36:45: 86:6c:4f:6d:e1:2f:eb:c4:b2:49:33:bf:7a:93:c7:43:db:89: f4:ac:c5:63:4a:5e:02:7e:d7:98:81:1b:f4:16:4b:91:e9:56: bf:80:97:5c:72:96:4e:7b:45:cb:68:8d:d5:ae:45:a0:4c:3c: f0:20:67:02:f2:77:e7:67:09:8b:80:9f:23:01:2f:b2:7b:ee: 3b:55:22:17:0a:69:88:eb:3d:a5:f2:36:d0:f8:35:24:75:fe: b5:80:64:ff:c3:47:dc:9b:02:67:5d:35:8b:ad:fa:29:ff:99: 48:92:10:47:3c:ee:4e:da:98:50:1e:e9:ec:b9:28:79:a6:f8: 9c:1e:0b:03:af:89:7a:80:29:c4:48:c9:3b:29:c1:ef:b5:93: a4:04:54:73:94:b3:3c:a1:8e:bf:cb:e3:49:12:09:60:4d:56: 14:d7:f8:f1:7d:7c:49:7e:83:0c:9f:4f:bf:a3:17:d4:3c:56: 60:0b:bb:7a:3b:1b:46:a6:2b:58:fb:5f:81:fe:9f:d4:e8:57: db:4c:7d:3f -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUapMAPJLG8z0WmC4OSh9M2mQnJMcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTExODAwMDAwOVoX DTI2MDIxNjIzNTk1OVowejFJMEcGA1UEBRNAOTc5NDQ2MDk1MWM4NmEwOTcwZjQw MDAxOWQ5OTVjMTMwYTZlYjk5Mjc4NTgyNjdjMTE1YzJkMGMyYjEwYTRkMjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9nbu4F4JEaLMzFV0EEy09q5EPFH 9sDsZ13tQ6geahGB8Oi7zVMUVp44LL711KOZYZDpr6MfCDYJ0tlbazfj5RUkO451 zbm+a0WCXF0PHQTMGzPItWqA0MRxh7TmBdr5zTdY0N4a6pXGmfozBOmrHZSTbSL4 035/ELs92dn//CIrlBqb+w6wB3Yv5cwqDqZB33UFqPjFjT4HRvBSnL05TFo4AGdJ AkEdsPsFHcFw9YYIWt+HhAuPZS9qqxx66XXxNV+mAT/BoADGpv2441DRq0uqMLXL 8/a27JLCbv6lSloRXUBk/evcEIGtePQxzfV7NZySrZQ8Shk+pXVshhX2VwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFKkq8sfDgIuDDdo9fsMveEqHDuZjMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAQgLJV8UtgoMSUmc47Ms1 alnTU09ewnca+isWyP93fczW8KVaNcqBW/miSViiRn1CKksgrTZFhmxPbeEv68Sy STO/epPHQ9uJ9KzFY0peAn7XmIEb9BZLkelWv4CXXHKWTntFy2iN1a5FoEw88CBn AvJ352cJi4CfIwEvsnvuO1UiFwppiOs9pfI20Pg1JHX+tYBk/8NH3JsCZ101i636 Kf+ZSJIQRzzuTtqYUB7p7Lkoeab4nB4LA6+JeoApxEjJOynB77WTpARUc5SzPKGO v8vjSRIJYE1WFNf48X18SX6DDJ9Pv6MX1DxWYAu7ejsbRqYrWPtfgf6f1OhX20x9 Pw== -----END CERTIFICATE-----Generated at Wed Dec 3 01:15:27 2025 by rpki-client