This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: +wT6kSqCOB6ziAMzXUXrUxSc6L4KWrtVIWsk12Nh1e8= Subject key identifier: ED:CB:EE:EC:CB:7D:92:24:A9:66:D6:9C:5C:70:01:96:22:40:E5:1E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 305BCDC64E45A999971DB184A6DC5345E21921EB Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Wed 19 Nov 2025 00:00:06 +0000 ROA not before: Wed 19 Nov 2025 00:00:06 +0000 ROA not after: Tue 17 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 00:03:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:5b:cd:c6:4e:45:a9:99:97:1d:b1:84:a6:dc:53:45:e2:19:21:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 19 00:00:06 2025 GMT Not After : Feb 17 23:59:59 2026 GMT Subject: serialNumber=4359a57958dbd6251bea7ad4fd38a307d19fe707a42b4dcf16b09c1017f598f0, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:c1:1f:6c:20:01:79:fb:f6:61:14:ee:bb:21: bf:2f:37:79:15:50:43:bb:83:72:b6:19:3b:16:9f: cf:74:07:ea:08:7c:00:58:ff:ae:de:75:61:8f:f8: 77:0e:67:04:cf:cc:50:92:47:17:58:05:44:b9:29: 43:43:d0:44:19:f2:8c:15:b5:91:7f:e3:d5:f7:e1: 00:8f:e0:52:cc:ac:e6:35:51:af:d9:5c:bc:63:85: a0:33:f9:c5:2c:ed:40:07:2a:03:5d:ac:45:70:f6: f2:ac:63:20:92:d8:ba:22:2e:3a:0d:ec:08:ab:6e: bc:77:0d:52:11:95:36:d3:3a:de:0a:8d:49:1d:67: 23:0e:a3:f4:50:04:6d:88:d2:31:9d:58:6d:43:43: 3b:7c:52:9e:ff:f2:c4:a8:99:ec:e7:f9:8a:91:04: 3e:6f:33:ae:41:fd:90:4b:b7:8b:0b:3d:88:14:5c: 22:7d:23:0c:cb:34:ae:6f:4d:68:6f:b2:04:04:0d: b8:04:71:fd:42:69:89:3e:27:42:92:9b:75:65:1c: c3:2c:a0:99:5f:ea:97:49:d3:00:db:8c:62:88:c0: 9d:3a:69:a8:a3:dd:cc:d0:64:31:25:ed:7f:d7:d7: cd:dc:27:b0:ba:cf:e1:39:e6:f2:40:d8:41:41:26: 67:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:CB:EE:EC:CB:7D:92:24:A9:66:D6:9C:5C:70:01:96:22:40:E5:1E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 08:10:49:1f:e1:76:68:0c:8c:7f:4d:a5:e6:7c:13:b1:09:74: db:68:80:75:18:53:ce:8e:e5:b7:84:66:bd:05:3e:41:cc:0f: fc:fc:38:5c:ea:f0:77:cc:16:19:72:e8:9a:08:fa:18:20:d8: db:16:c3:27:e9:a9:51:c6:ec:ee:18:cd:68:15:f0:fe:29:57: 55:e1:43:1b:2a:de:fb:2e:40:54:e1:a9:a6:4b:1e:94:da:8b: 0c:8d:d5:f4:2f:7c:d9:8c:f9:dd:cf:5b:d6:eb:e2:3d:f0:1b: fe:5e:57:6b:ee:bf:96:46:40:46:24:0e:a3:22:94:80:c4:b8: 30:11:db:c1:19:c3:4e:6f:c9:06:9c:dc:c4:06:f9:68:0a:cd: ac:90:da:3e:45:06:fd:7e:9c:6f:8b:4e:f3:81:0b:90:74:75: 31:c9:56:1e:2b:62:37:d8:81:16:b6:05:51:50:95:ec:1d:1a: a7:6b:38:05:87:f0:fa:0b:98:67:f1:af:cc:8a:7a:5c:b9:9f: 61:9d:45:f6:5f:53:5d:f0:18:02:29:1f:09:3f:ac:a9:fd:87: 62:16:e7:16:d1:0c:d4:10:0e:cf:72:43:c1:52:10:b5:41:49: 66:78:9e:17:44:5f:0b:9e:5a:35:18:c6:8a:52:22:ca:d8:d7: c8:75:c0:86 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUMFvNxk5FqZmXHbGEptxTReIZIeswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExOTAwMDAwNloX DTI2MDIxNzIzNTk1OVowejFJMEcGA1UEBRNANDM1OWE1Nzk1OGRiZDYyNTFiZWE3 YWQ0ZmQzOGEzMDdkMTlmZTcwN2E0MmI0ZGNmMTZiMDljMTAxN2Y1OThmMDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcEfbCABefv2YRTuuyG/Lzd5FVBD u4Nythk7Fp/PdAfqCHwAWP+u3nVhj/h3DmcEz8xQkkcXWAVEuSlDQ9BEGfKMFbWR f+PV9+EAj+BSzKzmNVGv2Vy8Y4WgM/nFLO1AByoDXaxFcPbyrGMgkti6Ii46DewI q268dw1SEZU20zreCo1JHWcjDqP0UARtiNIxnVhtQ0M7fFKe//LEqJns5/mKkQQ+ bzOuQf2QS7eLCz2IFFwifSMMyzSub01ob7IEBA24BHH9QmmJPidCkpt1ZRzDLKCZ X+qXSdMA24xiiMCdOmmoo93M0GQxJe1/19fN3Cewus/hOebyQNhBQSZnQQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFO3L7uzLfZIkqWbWnFxwAZYiQOUeMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQAIEEkf4XZoDIx/TaXmfBOx CXTbaIB1GFPOjuW3hGa9BT5BzA/8/Dhc6vB3zBYZcuiaCPoYINjbFsMn6alRxuzu GM1oFfD+KVdV4UMbKt77LkBU4ammSx6U2osMjdX0L3zZjPndz1vW6+I98Bv+Xldr 7r+WRkBGJA6jIpSAxLgwEdvBGcNOb8kGnNzEBvloCs2skNo+RQb9fpxvi07zgQuQ dHUxyVYeK2I32IEWtgVRUJXsHRqnazgFh/D6C5hn8a/MinpcuZ9hnUX2X1Nd8BgC KR8JP6yp/YdiFucW0QzUEA7PckPBUhC1QUlmeJ4XRF8Lnlo1GMaKUiLK2NfIdcCG -----END CERTIFICATE-----Generated at Mon Dec 1 05:58:14 2025 by rpki-client