This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json) Hash identifier: GF3UF48Sag2kjRQNu61FunGtBaR1YVOIDI2u2qj15WI= Subject key identifier: 5C:AF:54:D5:34:93:DE:B5:E7:AE:FB:A4:B8:A2:32:16:2D:11:0D:C5 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6AED0E828D383FA138BF15E6F12C03E301A1574B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa Signing time: Sun 07 Dec 2025 00:00:44 +0000 ROA not before: Sun 07 Dec 2025 00:00:44 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Dec 2025 00:06:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:ed:0e:82:8d:38:3f:a1:38:bf:15:e6:f1:2c:03:e3:01:a1:57:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Dec 7 00:00:44 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=61f4452f5ed891285955da3a1bf2a526eb98f3e23b6f01ebb22085ef6e298496, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:b2:f6:6c:1b:a9:cb:36:f9:3a:5e:b1:a5:ff: 6e:cb:3c:19:f0:8c:53:ff:22:0b:4d:de:4c:f8:02: 60:b7:86:b9:23:4a:86:48:3c:3e:fc:e2:2c:a9:16: 1e:5d:84:6b:8a:4e:bc:08:77:8f:fe:20:d3:ae:77: d9:46:8c:34:a2:99:11:82:cb:41:80:d8:10:30:9d: ad:12:3a:09:85:f3:4b:61:b0:90:82:e8:5a:43:ee: 15:2f:6d:ca:18:16:5b:df:c3:8b:99:d9:27:b0:e6: 8f:69:d9:15:d5:77:58:cd:ce:9b:7d:8b:a8:b3:eb: 4c:c8:f2:22:62:da:58:40:53:c9:69:34:8d:e8:10: 98:17:0d:9b:c0:de:f0:c4:10:61:ac:3c:f0:60:1e: 90:fa:46:d9:3a:f4:ab:8e:38:a9:e5:e1:91:df:00: aa:09:e6:5b:40:49:4d:ac:3b:a3:42:8d:b4:96:db: 38:36:75:b9:b2:f4:cc:3f:73:02:0e:1e:99:99:85: c4:ff:70:c3:c1:58:39:41:ca:5d:dc:83:92:86:91: bf:1c:6a:c2:c8:00:05:96:c1:c2:bf:3a:25:49:4a: de:a6:92:7e:d5:d3:7b:55:61:54:59:89:9e:a8:05: e2:13:ec:d8:e7:cb:b4:53:db:75:9f:4a:14:fa:4c: 46:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:AF:54:D5:34:93:DE:B5:E7:AE:FB:A4:B8:A2:32:16:2D:11:0D:C5 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:4000::/40 Signature Algorithm: sha256WithRSAEncryption a8:3f:8a:d4:c4:ac:aa:63:03:57:06:51:93:b4:58:b0:6c:55: 49:88:a3:23:69:b8:db:27:83:da:9e:57:51:49:e8:fd:02:5b: e6:e6:b1:33:b7:0a:59:a3:d6:20:d2:36:c1:b9:5e:45:5f:a9: b7:07:d7:4f:d8:7e:b9:14:5a:9f:31:b0:3d:a3:fa:da:54:5f: e8:34:9a:81:4f:fb:e0:3d:d7:f7:65:f6:f7:0f:28:bc:cb:a2: 00:71:e2:8c:15:0e:40:35:c4:38:09:61:5e:77:c3:f4:9b:19: bf:3d:56:b2:5e:cc:de:43:f1:a2:77:de:b5:95:04:83:f0:b1: ea:90:3f:94:5b:4d:d3:9c:4e:65:38:15:65:6d:01:21:6f:e9: 87:89:71:7f:a3:7f:d1:20:85:f7:0e:fb:5f:19:e7:df:d5:03: 5f:64:a3:8e:ae:06:1b:f3:1c:9e:15:7a:72:ef:ab:f2:98:e6: 26:72:e8:7a:1b:bf:dc:6d:a7:25:15:50:26:45:fc:01:b4:03: ae:af:e5:13:8a:d9:12:a8:e8:9b:65:97:07:f5:1e:bd:a2:c2: 25:45:5b:ed:f7:5f:90:e1:c4:45:79:cd:d2:53:57:bc:1e:f6: 12:93:fe:21:a4:0a:6c:97:c8:f6:c2:c7:e9:c9:26:00:ef:62: 54:09:74:3f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUau0Ogo04P6E4vxXm8SwD4wGhV0swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTIwNzAwMDA0NFoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNANjFmNDQ1MmY1ZWQ4OTEyODU5NTVk YTNhMWJmMmE1MjZlYjk4ZjNlMjNiNmYwMWViYjIyMDg1ZWY2ZTI5ODQ5NjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLL2bBupyzb5Ol6xpf9uyzwZ8IxT /yILTd5M+AJgt4a5I0qGSDw+/OIsqRYeXYRrik68CHeP/iDTrnfZRow0opkRgstB gNgQMJ2tEjoJhfNLYbCQguhaQ+4VL23KGBZb38OLmdknsOaPadkV1XdYzc6bfYuo s+tMyPIiYtpYQFPJaTSN6BCYFw2bwN7wxBBhrDzwYB6Q+kbZOvSrjjip5eGR3wCq CeZbQElNrDujQo20lts4NnW5svTMP3MCDh6ZmYXE/3DDwVg5Qcpd3IOShpG/HGrC yAAFlsHCvzolSUreppJ+1dN7VWFUWYmeqAXiE+zY58u0U9t1n0oU+kxGtQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFyvVNU0k9615677pLiiMhYtEQ3FMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBAKg/itTErKpjA1cGUZO0 WLBsVUmIoyNpuNsng9qeV1FJ6P0CW+bmsTO3Clmj1iDSNsG5XkVfqbcH10/YfrkU Wp8xsD2j+tpUX+g0moFP++A91/dl9vcPKLzLogBx4owVDkA1xDgJYV53w/SbGb89 VrJezN5D8aJ33rWVBIPwseqQP5RbTdOcTmU4FWVtASFv6YeJcX+jf9EghfcO+18Z 59/VA19ko46uBhvzHJ4VenLvq/KY5iZy6Hobv9xtpyUVUCZF/AG0A66v5ROK2RKo 6Jtllwf1Hr2iwiVFW+33X5DhxEV5zdJTV7we9hKT/iGkCmyXyPbCx+nJJgDvYlQJ dD8= -----END CERTIFICATE-----Generated at Fri Dec 26 07:47:29 2025 by rpki-client