This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa File: 29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa (raw, json) Hash identifier: FJdXxzvK0P5XAKFzqDfsMETGh5s9bZ9AFiSst9Zy9fQ= Subject key identifier: A6:94:B1:5E:81:37:8D:C1:8F:43:8F:28:F1:5B:32:0A:84:CB:25:B8 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7DA617602DC52EB5600905D40D7156D72FDA6520 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa Signing time: Sun 07 Dec 2025 00:00:40 +0000 ROA not before: Sun 07 Dec 2025 00:00:40 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 00:06:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:a6:17:60:2d:c5:2e:b5:60:09:05:d4:0d:71:56:d7:2f:da:65:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 7 00:00:40 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=2efd186569860318a1dcf7679d9ad220bf54db628228a7718519cde999ccc45d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:39:9b:dd:7a:1a:b5:e9:40:b3:5e:9d:c7:23: 3b:7b:ee:b7:b9:50:41:3b:25:d2:f4:0e:72:fa:01: 05:dd:65:4c:c5:06:56:6f:6a:99:9c:6d:b8:b6:cd: 94:b0:c0:9b:3a:9e:fe:92:ce:73:d4:98:f1:9f:fa: 22:b0:8b:d6:28:82:bf:72:c9:a5:52:a1:e5:28:cf: ea:68:c6:23:b6:4d:d2:ca:f2:2a:7f:00:f4:f3:eb: 5a:ab:87:eb:f1:9e:89:0b:96:1c:3a:b2:a6:3e:00: 9e:e0:6f:9e:66:27:e7:91:46:5d:7e:91:b7:b0:27: c4:3e:7f:a4:78:db:1f:34:79:cb:48:a8:1c:6a:cb: 35:b9:4b:36:cb:1d:32:bd:31:20:a8:f2:41:28:e0: 0d:9e:58:37:37:c6:43:72:a4:86:2f:30:10:5d:3d: a3:e2:de:a8:08:ab:6a:e7:02:87:5c:6c:7d:2d:5a: 68:c4:1b:50:b7:ef:c4:27:78:24:55:e2:17:20:8d: 87:5f:89:51:2a:1c:76:41:da:6a:7d:47:f8:3f:14: 6e:c8:5f:37:74:cd:1a:d3:61:de:20:dd:32:55:d6: d6:3e:ce:be:da:3a:d4:d4:1c:27:43:c1:17:98:65: c3:72:3a:61:83:bf:4f:5b:30:8f:a7:9c:1c:f1:0f: 6d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:94:B1:5E:81:37:8D:C1:8F:43:8F:28:F1:5B:32:0A:84:CB:25:B8 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:c00::/38 Signature Algorithm: sha256WithRSAEncryption 04:2b:96:57:5a:00:3c:03:87:4f:e8:39:13:08:d9:1a:7d:a9: 65:46:d2:88:8c:03:c0:d6:e3:ed:dc:65:33:ba:4c:f6:5a:1d: d3:6d:7c:ed:55:12:16:36:e4:a6:9d:2c:57:e5:66:5f:59:e0: a3:90:99:1b:58:4f:cd:66:3c:2b:b6:a4:fa:fb:77:53:51:9b: e3:4d:ef:1a:7e:83:cd:b9:ab:ee:04:36:a9:34:60:ba:6d:34: e5:95:a7:fc:dc:bc:bb:13:9b:f8:61:d6:4b:03:bd:d0:39:bd: 7c:5c:33:b5:5c:5f:69:f5:e1:63:38:d4:81:9a:6a:8e:45:5c: 86:44:a5:d1:cb:2a:f6:64:f9:4e:ae:83:f5:7f:75:83:9a:b0: 0a:d7:17:02:f7:d0:a3:0f:48:a9:26:25:f3:fe:a8:d4:90:05: 39:de:45:00:05:1a:32:79:f3:82:80:1c:6a:c8:18:e7:12:1a: be:0a:26:a8:21:df:3c:c1:9c:b0:e0:fb:c8:f7:4e:5a:82:e7: fb:58:ce:80:64:65:aa:fb:b4:85:db:c9:e8:0e:ee:c5:9e:17: 09:89:95:88:ea:15:2c:30:fb:5f:7e:b0:39:ee:1a:bb:28:aa: 89:40:bb:0b:fd:0f:1b:a8:13:d7:b7:7d:2c:4b:c8:65:e6:9d: 1d:77:64:97 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfaYXYC3FLrVgCQXUDXFW1y/aZSAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNzAwMDA0MFoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAMmVmZDE4NjU2OTg2MDMxOGExZGNm NzY3OWQ5YWQyMjBiZjU0ZGI2MjgyMjhhNzcxODUxOWNkZTk5OWNjYzQ1ZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTmb3XoatelAs16dxyM7e+63uVBB OyXS9A5y+gEF3WVMxQZWb2qZnG24ts2UsMCbOp7+ks5z1Jjxn/oisIvWKIK/csml UqHlKM/qaMYjtk3SyvIqfwD08+taq4fr8Z6JC5YcOrKmPgCe4G+eZifnkUZdfpG3 sCfEPn+keNsfNHnLSKgcass1uUs2yx0yvTEgqPJBKOANnlg3N8ZDcqSGLzAQXT2j 4t6oCKtq5wKHXGx9LVpoxBtQt+/EJ3gkVeIXII2HX4lRKhx2QdpqfUf4PxRuyF83 dM0a02HeIN0yVdbWPs6+2jrU1BwnQ8EXmGXDcjphg79PWzCPp5wc8Q9tyQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKaUsV6BN43Bj0OPKPFbMgqEyyW4MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI5ZmU0NDU0LWY3YTgtNDJmZC04YzM1LTc3YTZkNmY4ZTYwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAwwDQYJKoZIhvcNAQELBQADggEBAAQrlldaADwDh0/oORMI 2Rp9qWVG0oiMA8DW4+3cZTO6TPZaHdNtfO1VEhY25KadLFflZl9Z4KOQmRtYT81m PCu2pPr7d1NRm+NN7xp+g825q+4ENqk0YLptNOWVp/zcvLsTm/hh1ksDvdA5vXxc M7VcX2n14WM41IGaao5FXIZEpdHLKvZk+U6ug/V/dYOasArXFwL30KMPSKkmJfP+ qNSQBTneRQAFGjJ584KAHGrIGOcSGr4KJqgh3zzBnLDg+8j3TlqC5/tYzoBkZar7 tIXbyegO7sWeFwmJlYjqFSww+19+sDnuGrsoqolAuwv9DxuoE9e3fSxLyGXmnR13 ZJc= -----END CERTIFICATE-----Generated at Fri Dec 26 07:47:28 2025 by rpki-client