This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa File: 33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa (raw, json) Hash identifier: gfOm2U8oS6hOiflUbgHYQnauEGVoYNJerRztQgaTwR8= Subject key identifier: 6B:12:10:5A:98:53:24:D6:22:01:CF:82:BD:DE:6D:3A:B5:88:62:29 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1B0686EDBFF07FF83AA70D236172D18A5EA93491 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa Signing time: Sun 07 Dec 2025 00:00:27 +0000 ROA not before: Sun 07 Dec 2025 00:00:27 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Dec 2025 00:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:06:86:ed:bf:f0:7f:f8:3a:a7:0d:23:61:72:d1:8a:5e:a9:34:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 7 00:00:27 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=0f3074cb4c374f69732658b32618c2479baee108acdf695ae8eb4bd92328bbe8, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:19:1a:16:50:0a:97:fe:c8:8e:35:a3:71:56: 71:7d:89:44:6d:5c:b2:39:28:7e:d7:e9:c6:77:cb: ed:35:27:a8:8c:88:ac:c0:6e:1a:ba:dd:d0:05:87: a6:a6:ed:a5:0e:34:41:72:2f:cf:23:bd:37:1d:8a: 06:51:53:b9:1e:93:a9:97:a4:61:0a:9a:d1:54:92: e5:9b:9a:a3:d8:79:96:03:a5:80:b6:ec:fb:7c:b3: f6:be:a1:74:2f:b6:88:2d:5b:e2:ab:16:96:b3:63: a0:d6:aa:c7:b9:7c:38:17:39:63:85:07:f0:8d:96: 59:c5:06:07:57:37:e5:f7:de:81:ef:76:12:a9:67: 93:fe:f4:7f:6c:b0:75:6c:4d:68:69:72:95:46:15: f7:48:61:79:b3:75:54:8a:66:16:2f:da:e1:6a:c7: 7b:9b:3b:4b:be:18:bf:2c:a0:61:01:bc:c3:b2:29: 45:b6:4a:c5:5b:01:d3:a6:14:54:de:44:be:c9:37: ca:14:40:1c:bb:0c:34:8b:c1:ae:bf:eb:26:8d:96: 6d:a2:81:f9:d9:ad:f8:c2:ab:61:aa:51:49:39:7c: 7e:c8:c6:a3:02:f5:da:b7:aa:d0:6c:02:d9:79:83: 5b:27:65:ea:19:14:76:8f:89:76:c9:e3:f7:bb:51: 0b:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:12:10:5A:98:53:24:D6:22:01:CF:82:BD:DE:6D:3A:B5:88:62:29 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4080::/48 Signature Algorithm: sha256WithRSAEncryption 3c:7c:fc:9b:cf:12:fd:5d:60:e6:d7:dc:67:9a:fe:6f:39:59: 0c:53:da:57:c5:34:b1:5f:45:fe:4a:cf:67:8b:44:9d:64:15: 1f:bb:1d:5e:8c:6d:81:4a:7f:c5:42:a4:7d:d5:27:7e:6f:c7: e9:e8:31:56:11:29:ad:05:f5:f1:61:0b:bd:72:73:b3:cd:d8: ee:e1:7d:b3:8d:e8:99:1c:2f:7a:cc:b1:6b:c4:49:7f:b9:7e: 83:c5:65:05:bf:d9:73:e5:44:8b:06:3f:26:8b:07:4f:16:9f: bc:0b:7b:24:27:d4:74:8c:cf:dd:33:81:f9:02:0c:0f:de:8f: 74:09:3b:3a:62:50:8c:ea:b6:7f:81:7d:6f:a8:37:04:55:0b: 1b:d4:19:6f:d3:cc:ba:d7:fb:fe:aa:bb:48:8d:68:d7:8d:eb: 15:73:94:db:00:7d:ef:c4:ea:b5:d7:a6:f8:55:a2:15:ad:e3: 40:8f:57:d8:80:32:33:42:48:f7:b7:81:c7:de:c6:d9:02:32: e0:11:7d:e7:31:c6:e8:33:6c:e6:59:f7:4e:d8:16:93:2f:2d: be:60:2f:e2:56:49:8b:5f:50:5a:50:1b:80:4b:12:2a:ce:35: 57:65:ac:56:70:b2:b2:e8:fb:34:0b:c3:da:10:c9:9d:98:ac: 9d:71:01:a4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGwaG7b/wf/g6pw0jYXLRil6pNJEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNzAwMDAyN1oX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAMGYzMDc0Y2I0YzM3NGY2OTczMjY1 OGIzMjYxOGMyNDc5YmFlZTEwOGFjZGY2OTVhZThlYjRiZDkyMzI4YmJlODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBkaFlAKl/7IjjWjcVZxfYlEbVyy OSh+1+nGd8vtNSeojIiswG4aut3QBYempu2lDjRBci/PI703HYoGUVO5HpOpl6Rh CprRVJLlm5qj2HmWA6WAtuz7fLP2vqF0L7aILVviqxaWs2Og1qrHuXw4FzljhQfw jZZZxQYHVzfl996B73YSqWeT/vR/bLB1bE1oaXKVRhX3SGF5s3VUimYWL9rhasd7 mztLvhi/LKBhAbzDsilFtkrFWwHTphRU3kS+yTfKFEAcuww0i8Guv+smjZZtooH5 2a34wqthqlFJOXx+yMajAvXat6rQbALZeYNbJ2XqGRR2j4l2yeP3u1ELwQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGsSEFqYUyTWIgHPgr3ebTq1iGIpMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMzZGQzMWUwLTcwMzktNGZmOC1hYWZlLTk3ZjdiOTViMDdkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQA8fPybzxL9XWDm19xn mv5vOVkMU9pXxTSxX0X+Ss9ni0SdZBUfux1ejG2BSn/FQqR91Sd+b8fp6DFWESmt BfXxYQu9cnOzzdju4X2zjeiZHC96zLFrxEl/uX6DxWUFv9lz5USLBj8miwdPFp+8 C3skJ9R0jM/dM4H5AgwP3o90CTs6YlCM6rZ/gX1vqDcEVQsb1Blv08y61/v+qrtI jWjXjesVc5TbAH3vxOq116b4VaIVreNAj1fYgDIzQkj3t4HH3sbZAjLgEX3nMcbo M2zmWfdO2BaTLy2+YC/iVkmLX1BaUBuASxIqzjVXZaxWcLKy6Ps0C8PaEMmdmKyd cQGk -----END CERTIFICATE-----Generated at Sun Dec 14 00:03:59 2025 by rpki-client