This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa File: 788c3900-e4d5-439b-b231-3a69b5354901.roa (raw, json) Hash identifier: p3OjEkcK1ghNIzkTKr738bXFFwpfSGv73dq8HJEKRd0= Subject key identifier: 88:40:F0:1E:23:89:69:E5:A5:BA:2D:4C:1D:92:C4:FC:5A:55:58:C6 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4A0008E1405D5099BB77B808E89AC1C2ECDC54F8 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa Signing time: Sun 07 Dec 2025 00:00:23 +0000 ROA not before: Sun 07 Dec 2025 00:00:23 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 00:06:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:00:08:e1:40:5d:50:99:bb:77:b8:08:e8:9a:c1:c2:ec:dc:54:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 7 00:00:23 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=4d549d81103f48e386b53d2846ebb6e1cf5a470407a604132031397be1a0484a, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:22:53:11:71:c0:6c:53:15:e1:ff:e2:69:20: cb:1c:78:59:e6:48:98:1a:f8:56:64:26:61:d2:d3: 27:06:55:45:8c:e3:e2:80:02:77:a4:9e:41:d9:10: f6:13:17:8c:6c:b9:58:24:d6:52:e3:c6:84:ad:bb: 43:54:19:cb:bd:80:83:39:cb:49:fa:4d:8c:29:25: cd:25:d5:16:e0:ed:df:b4:cb:1f:51:74:50:68:fe: 18:b2:ef:a7:e9:1e:99:fa:dc:85:d8:32:f2:6c:44: 6f:8f:c8:88:04:31:e1:60:35:f1:88:f1:18:f9:2d: d5:59:1b:d4:cb:23:10:23:78:b3:d0:52:cf:14:b2: e6:57:ee:c1:64:7c:36:18:14:84:52:7c:a2:8c:f1: 03:04:7f:ab:a4:36:61:07:3a:05:30:b4:15:43:eb: 58:a9:02:44:cb:26:9b:15:1c:e2:3d:9e:99:04:ed: 33:16:2a:69:52:ee:c8:e9:69:3d:a5:0a:5d:52:9c: 8d:19:e6:01:79:6e:de:87:81:bc:8f:da:1a:eb:df: da:34:22:19:30:f1:7c:46:11:d8:a4:81:77:cd:2c: 32:c6:4c:95:2d:fa:17:25:f4:db:fa:60:a5:3a:62: 4b:ff:a3:25:6b:91:b0:ca:8b:59:b3:94:7e:85:86: 4c:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:40:F0:1E:23:89:69:E5:A5:BA:2D:4C:1D:92:C4:FC:5A:55:58:C6 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014::/38 Signature Algorithm: sha256WithRSAEncryption 83:39:60:c0:3d:66:fd:c3:f2:b9:bb:02:d1:fe:e1:2b:ef:c2: 12:e4:e0:b7:27:f9:a0:53:92:6f:c1:83:a4:2b:60:31:30:d3: 85:79:2b:1e:bf:95:d8:33:bf:20:df:c3:f8:f9:e7:50:93:36: 9a:bb:be:b6:de:90:5a:d3:a3:32:89:35:63:16:f2:e0:a7:6e: 71:60:f4:10:ef:57:b7:92:5d:f3:f7:3e:08:f4:f1:60:a6:b9: 31:1e:22:6e:bd:08:74:75:69:ff:5a:0b:34:e0:d9:2f:a3:53: 0f:d1:da:9a:ee:bd:a9:7b:25:01:01:a2:07:2f:ec:34:0e:d7: 08:85:e9:46:54:51:6b:d8:2c:c1:db:56:a2:89:58:b4:99:16: e6:bd:cf:b2:df:e7:06:40:39:80:bb:f0:33:8a:86:c1:9e:31: 8c:a3:dc:c3:4f:32:d8:6a:a3:ed:ad:91:d3:ee:ad:c1:8e:31: 45:cd:de:92:67:12:d2:9d:5b:88:84:7b:7e:1f:98:21:69:9a: ca:41:62:a5:63:90:ce:93:0c:65:1f:4f:dd:04:82:3a:4b:7b: 17:44:3b:d0:c4:e0:6c:13:95:71:b3:a2:8c:1a:15:97:d4:68: 53:41:94:e5:fb:8a:2e:8d:7d:4d:15:66:33:cb:69:4b:0d:e1: 86:60:a9:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSgAI4UBdUJm7d7gI6JrBwuzcVPgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNzAwMDAyM1oX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNANGQ1NDlkODExMDNmNDhlMzg2YjUz ZDI4NDZlYmI2ZTFjZjVhNDcwNDA3YTYwNDEzMjAzMTM5N2JlMWEwNDg0YTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyJTEXHAbFMV4f/iaSDLHHhZ5kiY GvhWZCZh0tMnBlVFjOPigAJ3pJ5B2RD2ExeMbLlYJNZS48aErbtDVBnLvYCDOctJ +k2MKSXNJdUW4O3ftMsfUXRQaP4Ysu+n6R6Z+tyF2DLybERvj8iIBDHhYDXxiPEY +S3VWRvUyyMQI3iz0FLPFLLmV+7BZHw2GBSEUnyijPEDBH+rpDZhBzoFMLQVQ+tY qQJEyyabFRziPZ6ZBO0zFippUu7I6Wk9pQpdUpyNGeYBeW7eh4G8j9oa69/aNCIZ MPF8RhHYpIF3zSwyxkyVLfoXJfTb+mClOmJL/6Mla5GwyotZs5R+hYZMpwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIhA8B4jiWnlpbotTB2SxPxaVVjGMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 Lzc4OGMzOTAwLWU0ZDUtNDM5Yi1iMjMxLTNhNjliNTM1NDkwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAAwDQYJKoZIhvcNAQELBQADggEBAIM5YMA9Zv3D8rm7AtH+ 4SvvwhLk4Lcn+aBTkm/Bg6QrYDEw04V5Kx6/ldgzvyDfw/j551CTNpq7vrbekFrT ozKJNWMW8uCnbnFg9BDvV7eSXfP3Pgj08WCmuTEeIm69CHR1af9aCzTg2S+jUw/R 2pruval7JQEBogcv7DQO1wiF6UZUUWvYLMHbVqKJWLSZFua9z7Lf5wZAOYC78DOK hsGeMYyj3MNPMthqo+2tkdPurcGOMUXN3pJnEtKdW4iEe34fmCFpmspBYqVjkM6T DGUfT90EgjpLexdEO9DE4GwTlXGzoowaFZfUaFNBlOX7ii6NfU0VZjPLaUsN4YZg qfU= -----END CERTIFICATE-----Generated at Fri Dec 26 07:47:29 2025 by rpki-client