This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa File: 00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa (raw, json) Hash identifier: Xtf/rQ8sMmg7rQTgE4LgZZ42XsvlVIA1Ofr7a/yy4Ao= Subject key identifier: DF:94:0F:39:E0:D6:9B:CD:E9:D6:41:74:EF:E4:70:53:BE:75:F6:E4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 46D96D244450C0F14D64A233450311F5A3ABE99C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa Signing time: Wed 10 Dec 2025 05:20:28 +0000 ROA not before: Wed 10 Dec 2025 05:20:28 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06f:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:d9:6d:24:44:50:c0:f1:4d:64:a2:33:45:03:11:f5:a3:ab:e9:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:28 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=1347369ec58eb9d0eb02b083047a8719683e684514d248e6a68dfdb35a779c88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:11:d0:d8:74:97:ef:21:80:cb:57:0f:f8:0d: 93:0e:b1:a4:88:28:c2:7c:93:b8:8c:59:b4:27:51: 9e:c7:bc:f3:77:ce:ef:24:3d:4e:14:2e:3a:d0:76: 0b:d7:b8:2a:b9:1e:76:cd:65:fb:7e:e3:2d:82:a3: 2d:46:19:5e:4c:28:63:7b:ba:e0:2b:f9:73:95:a0: 65:f8:07:49:c4:d7:53:82:65:fd:1b:aa:96:49:8e: 51:6f:ef:2e:75:4a:20:d8:fc:bb:27:9e:ec:1c:2e: 3e:65:23:a5:77:8c:13:37:76:44:68:6f:d8:68:6e: 71:06:80:95:6c:f3:24:6d:3e:81:8e:b5:e7:9d:d6: a0:0c:5e:b1:8c:67:5c:2a:ab:ad:7d:08:4a:85:43: 13:f7:bf:2f:5b:bc:1f:b0:eb:ec:d7:ce:74:6b:3a: a8:a2:75:76:fc:18:03:c9:0c:4a:f1:d1:11:1d:61: da:41:66:b7:fc:bf:3f:53:b8:2a:d3:2d:93:e9:16: 69:89:2d:b3:d9:3b:4a:02:ce:f3:d5:8f:a7:57:92: 9b:02:56:96:32:8a:29:89:e9:73:bc:dd:c4:63:7d: e6:7a:5f:95:25:e4:b2:1d:c8:c2:24:14:60:c5:e8: 96:ea:c7:66:45:0c:eb:a1:82:fb:49:36:43:e1:84: 97:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:94:0F:39:E0:D6:9B:CD:E9:D6:41:74:EF:E4:70:53:BE:75:F6:E4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/00150ff4-0ab9-428f-ae9a-ccd9dc669cb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:6000::/40 Signature Algorithm: sha256WithRSAEncryption 7d:ef:31:ec:36:a5:83:b3:aa:a2:67:4d:8f:0a:f5:f6:68:75: 2d:e1:65:ba:76:43:cc:c5:f8:e6:0a:02:83:6a:7b:29:7d:16: fd:12:60:e1:5d:42:d6:5e:9e:ab:85:37:cc:0c:68:f5:1a:c6: 05:40:d5:ab:ee:cb:bf:f5:d6:c5:4e:86:ed:a5:df:44:9f:24: 56:c6:55:63:1e:dc:4a:27:d4:12:59:8e:30:3e:12:f7:8b:ce: fa:2f:26:bb:15:6e:39:94:c5:d1:9f:7b:64:ad:28:28:37:cf: 3e:01:6f:86:0a:60:07:19:8e:e2:03:d0:dd:e0:85:d9:ac:e8: 6e:20:b7:38:7b:59:68:9f:8f:64:e2:ca:95:ed:44:53:7f:82: 51:24:73:f6:ab:3b:83:c5:b3:4f:3a:84:cc:f1:5c:a4:0f:77: f2:9d:c5:a8:22:c0:78:c8:81:f2:e8:b3:a5:33:05:4d:6b:21: f3:16:53:7b:5d:ff:6c:fd:04:5c:4b:84:c6:74:1b:18:e1:e0: 5a:3d:2e:9d:25:5c:b0:2f:a9:01:5c:75:81:ac:af:7d:cf:f7: a5:10:d2:6d:c5:7a:53:f7:15:d1:47:54:7d:c2:38:28:58:16: 12:18:af:49:c0:06:22:77:1a:0e:d5:f1:6a:0f:e2:41:26:17: cb:5d:18:8b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIURtltJERQwPFNZKIzRQMR9aOr6ZwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMjhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDEzNDczNjllYzU4ZWI5ZDBlYjAyYjA4MzA0N2E4NzE5NjgzZTY4NDUxNGQy NDhlNmE2OGRmZGIzNWE3NzljODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALUR0Nh0l+8hgMtXD/gNkw6xpIgownyTuIxZtCdRnse883fO7yQ9ThQuOtB2 C9e4Krkeds1l+37jLYKjLUYZXkwoY3u64Cv5c5WgZfgHScTXU4Jl/RuqlkmOUW/v LnVKINj8uyee7BwuPmUjpXeMEzd2RGhv2GhucQaAlWzzJG0+gY61553WoAxesYxn XCqrrX0ISoVDE/e/L1u8H7Dr7NfOdGs6qKJ1dvwYA8kMSvHRER1h2kFmt/y/P1O4 KtMtk+kWaYkts9k7SgLO89WPp1eSmwJWljKKKYnpc7zdxGN95npflSXksh3IwiQU YMXolurHZkUM66GC+0k2Q+GElzUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTflA85 4NabzenWQXTv5HBTvnX25DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDAxNTBmZjQtMGFiOS00MjhmLWFlOWEtY2NkOWRjNjY5Y2I4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G9g MA0GCSqGSIb3DQEBCwUAA4IBAQB97zHsNqWDs6qiZ02PCvX2aHUt4WW6dkPMxfjm CgKDanspfRb9EmDhXULWXp6rhTfMDGj1GsYFQNWr7su/9dbFTobtpd9EnyRWxlVj HtxKJ9QSWY4wPhL3i876Lya7FW45lMXRn3tkrSgoN88+AW+GCmAHGY7iA9Dd4IXZ rOhuILc4e1lon49k4sqV7URTf4JRJHP2qzuDxbNPOoTM8VykD3fyncWoIsB4yIHy 6LOlMwVNayHzFlN7Xf9s/QRcS4TGdBsY4eBaPS6dJVywL6kBXHWBrK99z/elENJt xXpT9xXRR1R9wjgoWBYSGK9JwAYidxoO1fFqD+JBJhfLXRiL -----END CERTIFICATE-----Generated at Mon Dec 15 17:04:58 2025 by rpki-client