This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa File: 04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa (raw, json) Hash identifier: d2AM7GuXC1xOXVQSXIClsmDUb5TEBneKynayN1j6VNc= Subject key identifier: 46:4D:8D:3C:0F:88:D8:F5:08:B4:04:B2:CA:3C:BC:94:51:35:8F:50 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 381B5E6882D6A224A77734A5634C5236CC65AF1C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa Signing time: Sat 29 Nov 2025 03:00:27 +0000 ROA not before: Sat 29 Nov 2025 03:00:27 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d059:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:1b:5e:68:82:d6:a2:24:a7:77:34:a5:63:4c:52:36:cc:65:af:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:27 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=214b729eac0f4344a8e343c126703a21e0f43cf45b415ff716d5deabf55599d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:4b:2f:62:10:7e:e7:cc:10:86:78:71:c5:96: eb:9d:55:cb:7a:81:33:de:c1:75:7f:44:0e:a1:c4: 3e:18:56:58:f3:98:68:57:34:c2:a3:26:7b:92:cd: dc:4e:c5:a9:7b:4f:6f:3f:e1:b2:33:c0:9a:0c:56: b7:b0:6e:d4:77:ba:25:f7:22:8e:75:18:32:0a:17: 05:45:13:ea:c9:27:4c:e0:83:af:7b:f1:10:f4:1a: 0a:c1:21:91:c3:ac:14:00:80:e6:ea:02:12:07:81: c6:fc:ba:65:68:78:85:38:e6:fb:bd:b4:43:ac:b0: 6b:58:62:cf:fb:d1:fe:19:28:ef:e5:95:80:a4:70: 26:07:a4:76:4a:cc:63:11:ed:92:70:b6:2e:0c:a6: 42:b3:d2:29:79:ba:f0:6d:89:cd:9f:22:9a:89:0a: 53:9c:23:2d:76:8f:50:6a:95:a5:1f:43:37:61:d9: c1:35:fd:09:2c:93:e1:2b:9c:db:54:da:f6:56:bc: 54:cb:5b:33:62:7a:ce:1a:d2:32:45:cb:9f:7b:29: 3f:64:a7:bc:35:a9:4a:95:c1:40:2f:97:10:19:f9: d3:b7:41:3b:4d:d6:7f:fc:90:40:ab:89:70:21:d7: 20:ce:b2:5d:4f:62:87:03:85:52:ce:bb:13:48:fd: b0:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:4D:8D:3C:0F:88:D8:F5:08:B4:04:B2:CA:3C:BC:94:51:35:8F:50 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:b000::/40 Signature Algorithm: sha256WithRSAEncryption 31:13:01:06:7b:38:e1:db:29:e9:cf:58:b1:5b:cb:c4:6a:56: 77:dc:f7:b5:3d:5e:8a:19:e2:54:8d:b6:0d:19:13:39:ad:58: 8c:13:df:76:2e:35:10:d2:c1:3d:18:bb:af:52:77:0b:ca:7f: 3b:9f:17:e6:36:37:bc:72:f3:af:39:1e:97:90:bb:79:f5:61: 18:e1:fd:a0:80:9c:22:aa:61:20:58:b8:b5:94:08:0c:c3:f0: e7:dc:77:3c:0e:26:8f:48:a4:05:60:b6:fc:e6:64:fb:1b:dd: 4f:71:73:06:94:dc:f4:45:11:a1:d0:7b:a9:6b:6c:1b:09:04: 96:90:76:a2:8e:7d:7b:7a:df:0c:38:f1:fe:a2:2b:3f:72:64: a4:f1:2a:c9:6f:db:a0:66:fb:62:26:28:d9:1d:a2:9f:8e:d2: a9:59:19:6e:66:f8:2b:96:7e:bb:a1:27:2b:1f:2f:b4:63:5e: 93:cc:d1:c7:fc:3b:9b:7f:65:79:42:29:f1:96:2a:a6:7f:25: ed:45:8f:d5:e2:11:12:6c:66:b7:9b:ea:86:14:67:c6:71:1e: c0:b1:ba:d5:4b:1b:19:ab:77:1b:ba:e9:fc:ca:c7:fb:af:ba: e1:b6:20:1a:49:b7:2e:e3:1e:d3:1e:b2:58:3f:3e:ad:f4:db: 37:6e:23:bc -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOBteaILWoiSndzSlY0xSNsxlrxwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwMjdaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDIxNGI3MjllYWMwZjQzNDRhOGUzNDNjMTI2NzAzYTIxZTBmNDNjZjQ1YjQx NWZmNzE2ZDVkZWFiZjU1NTk5ZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALlLL2IQfufMEIZ4ccWW651Vy3qBM97BdX9EDqHEPhhWWPOYaFc0wqMme5LN 3E7FqXtPbz/hsjPAmgxWt7Bu1He6JfcijnUYMgoXBUUT6sknTOCDr3vxEPQaCsEh kcOsFACA5uoCEgeBxvy6ZWh4hTjm+720Q6ywa1hiz/vR/hko7+WVgKRwJgekdkrM YxHtknC2LgymQrPSKXm68G2JzZ8imokKU5wjLXaPUGqVpR9DN2HZwTX9CSyT4Suc 21Ta9la8VMtbM2J6zhrSMkXLn3spP2SnvDWpSpXBQC+XEBn507dBO03Wf/yQQKuJ cCHXIM6yXU9ihwOFUs67E0j9sHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGTY08 D4jY9Qi0BLLKPLyUUTWPUDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDQwMzQzMDYtYWFhNC00MGM4LTljMWItYzNmMWNmYzIzZDViLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmw MA0GCSqGSIb3DQEBCwUAA4IBAQAxEwEGezjh2ynpz1ixW8vEalZ33Pe1PV6KGeJU jbYNGRM5rViME992LjUQ0sE9GLuvUncLyn87nxfmNje8cvOvOR6XkLt59WEY4f2g gJwiqmEgWLi1lAgMw/Dn3Hc8DiaPSKQFYLb85mT7G91PcXMGlNz0RRGh0Hupa2wb CQSWkHaijn17et8MOPH+ois/cmSk8SrJb9ugZvtiJijZHaKfjtKpWRluZvgrln67 oScrHy+0Y16TzNHH/Dubf2V5QinxliqmfyXtRY/V4hESbGa3m+qGFGfGcR7AsbrV SxsZq3cbuun8ysf7r7rhtiAaSbcu4x7THrJYPz6t9Ns3biO8 -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:42 2025 by rpki-client