This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa File: c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa (raw, json) Hash identifier: Az1/8UrHgQy8sjDu+TNvXAT1slP+3kq9IRvtH58qq4Y= Subject key identifier: 52:DE:1A:47:D1:9F:86:8D:72:12:31:39:67:4F:4B:33:00:CE:C3:F8 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 047A3EAB1FFE02BE9ED014BA03F263D34C8F930B Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa Signing time: Sun 07 Dec 2025 00:00:50 +0000 ROA not before: Sun 07 Dec 2025 00:00:50 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Dec 2025 00:02:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:7a:3e:ab:1f:fe:02:be:9e:d0:14:ba:03:f2:63:d3:4c:8f:93:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Dec 7 00:00:50 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=5f00f040edfb3ee7e35d8dee098ee9ffff8e2fa358a15547e23350984ad2f014, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:11:b3:a0:8a:86:2b:ba:7b:5a:b6:7a:85:62: 66:a7:13:34:d0:cd:87:3a:05:73:4b:d2:eb:fc:57: da:2c:13:30:56:e2:5a:f1:52:03:43:ab:b0:98:11: ec:18:83:f4:24:65:a2:e3:1a:8f:19:c3:9a:11:06: 60:92:df:d9:5d:ef:44:b4:5c:e1:c8:4b:b2:e0:62: f6:e5:f6:ed:c3:50:8d:89:bc:85:62:ee:68:8c:db: 5d:d4:77:10:0a:f3:92:73:09:cb:2a:88:19:1a:44: 51:26:11:53:b3:40:11:f8:70:c1:e1:6f:6e:e5:ac: 45:2f:ec:fa:1c:90:c7:66:75:5f:9d:92:3a:72:60: 96:fc:db:54:93:e6:f1:80:b4:84:9f:30:2c:e7:79: 00:f5:40:b6:90:ee:c0:a3:83:98:35:eb:41:80:e4: ee:b2:42:a9:5f:da:e6:41:4c:03:f8:8b:e5:29:4a: 36:29:39:78:53:86:b8:2c:68:cb:cd:7a:fd:15:bf: 94:2d:84:74:15:10:5e:a3:8a:9e:bc:0b:f2:cf:b4: c3:85:4c:40:e8:05:80:6e:18:aa:d7:fa:9f:2c:d4: 72:6f:e7:15:bc:09:38:ad:ad:5b:50:9e:c6:c6:2b: dd:93:1a:10:bd:24:95:74:c1:37:ba:d1:71:16:d5: 4e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:DE:1A:47:D1:9F:86:8D:72:12:31:39:67:4F:4B:33:00:CE:C3:F8 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/48 Signature Algorithm: sha256WithRSAEncryption 3b:26:74:89:34:d0:49:1a:d3:2e:12:45:c1:93:35:75:e1:c4: 65:a1:c5:ff:1c:94:26:0d:be:1c:5b:73:11:a9:a3:4b:cd:b3: f4:3c:68:7b:46:84:6f:22:d3:c6:22:ad:97:3e:c4:0e:26:f9: 7d:be:ea:1c:3b:5e:c9:f3:ac:46:bc:c2:d4:b1:a2:bc:e3:de: f9:06:03:97:11:b2:c0:e9:6e:69:bc:64:da:5e:b4:e5:37:9f: 28:31:e6:ab:fc:4d:f4:36:df:3d:fc:39:ea:de:18:10:e7:6f: e5:6e:f8:96:16:6f:e5:f3:14:b9:cc:9b:dd:dc:81:a1:a3:8b: 3d:18:08:3d:8c:45:d9:ba:f7:b1:e4:fd:15:f5:01:72:82:b6: 20:7b:b3:b2:96:4f:6b:1a:e7:4b:24:20:99:50:37:8d:94:0b: 4f:c0:73:4b:68:bf:a1:97:0b:63:14:f2:57:34:9f:6a:d0:1b: ce:c0:33:0d:1a:04:5e:69:1c:99:14:7d:e2:22:4b:25:ca:2f: e1:4e:27:5a:43:9c:b9:59:d9:da:e9:7c:6f:49:7a:bc:1b:f1: 26:5a:ff:90:96:88:86:70:2a:b9:c2:d7:b7:94:81:cf:21:0d: a2:d1:3f:a4:74:9a:71:e6:f7:bd:df:30:50:7f:f5:a2:92:a1: 17:39:2d:ca -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBHo+qx/+Ar6e0BS6A/Jj00yPkwswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTIwNzAwMDA1MFoX DTI2MDMwNzIzNTk1OVowejFJMEcGA1UEBRNANWYwMGYwNDBlZGZiM2VlN2UzNWQ4 ZGVlMDk4ZWU5ZmZmZjhlMmZhMzU4YTE1NTQ3ZTIzMzUwOTg0YWQyZjAxNDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBGzoIqGK7p7WrZ6hWJmpxM00M2H OgVzS9Lr/FfaLBMwVuJa8VIDQ6uwmBHsGIP0JGWi4xqPGcOaEQZgkt/ZXe9EtFzh yEuy4GL25fbtw1CNibyFYu5ojNtd1HcQCvOScwnLKogZGkRRJhFTs0AR+HDB4W9u 5axFL+z6HJDHZnVfnZI6cmCW/NtUk+bxgLSEnzAs53kA9UC2kO7Ao4OYNetBgOTu skKpX9rmQUwD+IvlKUo2KTl4U4a4LGjLzXr9Fb+ULYR0FRBeo4qevAvyz7TDhUxA 6AWAbhiq1/qfLNRyb+cVvAk4ra1bUJ7GxivdkxoQvSSVdME3utFxFtVONwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFLeGkfRn4aNchIxOWdPSzMAzsP4MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2MxNTY0NjU5LWYzYWEtNDAyMS1hN2E1LThmNGIxYzJjNDk2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA7JnSJNNBJGtMuEkXB kzV14cRlocX/HJQmDb4cW3MRqaNLzbP0PGh7RoRvItPGIq2XPsQOJvl9vuocO17J 86xGvMLUsaK84975BgOXEbLA6W5pvGTaXrTlN58oMear/E30Nt89/Dnq3hgQ52/l bviWFm/l8xS5zJvd3IGho4s9GAg9jEXZuvex5P0V9QFygrYge7Oylk9rGudLJCCZ UDeNlAtPwHNLaL+hlwtjFPJXNJ9q0BvOwDMNGgReaRyZFH3iIkslyi/hTidaQ5y5 Wdna6XxvSXq8G/EmWv+QloiGcCq5wte3lIHPIQ2i0T+kdJpx5ve93zBQf/WikqEX OS3K -----END CERTIFICATE-----Generated at Mon Dec 15 21:34:18 2025 by rpki-client