This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa File: 04593af5-4653-4d6a-8bb5-65270db84a4f.roa (raw, json) Hash identifier: benv/vgivBBVCSK+bR6nylJRcfQ9rRdOWD0u8I8OYHs= Subject key identifier: E3:FF:F5:3E:45:BF:89:46:71:F0:E9:8D:8C:3B:3D:8B:FC:13:4C:68 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 388FA130BF5D1DA4EEF38A87831006B38EDAFA68 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa Signing time: Sat 15 Nov 2025 06:20:04 +0000 ROA not before: Sat 15 Nov 2025 06:20:04 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d02d::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:8f:a1:30:bf:5d:1d:a4:ee:f3:8a:87:83:10:06:b3:8e:da:fa:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:04 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=a1d40a0fc75e3c5025df52c1c28f251db847a993fca87e409974a2f9ea85c3b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:07:53:ac:c6:f5:8a:47:f1:b2:fd:e2:fa:95: 44:e7:64:e6:e2:98:19:b6:46:29:bd:13:88:31:15: fb:7b:ce:7a:8d:8e:52:0c:c8:61:a5:67:14:a7:bd: 87:54:87:ef:97:fb:64:75:df:1b:3f:cc:3b:29:84: 7c:92:86:10:fb:77:96:87:50:f4:c3:b9:07:78:93: a7:3b:98:ea:05:e6:79:e3:71:cb:dd:f4:4f:48:55: 85:25:eb:2e:c0:fe:fa:c2:5e:16:2e:da:b6:17:7b: 51:c7:5b:0e:6a:eb:d2:17:75:de:83:29:e4:ac:11: 37:c9:f0:51:18:44:df:0d:db:22:49:ad:e1:1f:8a: 0c:e1:26:f4:23:91:7a:69:77:1e:85:f9:d6:2d:2c: d0:41:e4:f1:08:ca:65:4c:a7:60:55:d3:f1:b3:9b: 89:98:0a:fa:5d:db:12:36:e0:74:ef:34:15:29:12: cd:ce:a4:71:30:17:bf:24:b1:82:05:35:3d:96:e5: 39:93:40:ae:93:1c:69:3c:b0:15:0d:b0:5d:45:f4: 73:3d:f7:5e:74:6d:b0:36:70:3d:f0:b5:c8:f5:67: 66:4a:41:4f:0b:c7:b8:58:33:13:35:16:3f:47:b0: a8:3f:44:23:15:67:7f:10:1e:28:73:2f:62:61:74: 53:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:FF:F5:3E:45:BF:89:46:71:F0:E9:8D:8C:3B:3D:8B:FC:13:4C:68 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04593af5-4653-4d6a-8bb5-65270db84a4f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d02d::/36 Signature Algorithm: sha256WithRSAEncryption 33:38:e4:a9:54:07:6f:5c:ee:7a:e5:6d:f3:1e:f5:82:fb:41: bb:47:ed:be:53:f7:5c:c0:b1:64:cd:2c:68:a7:fd:dd:42:b5: bf:65:73:3b:bf:b4:40:c6:f0:e7:d2:c6:e3:58:59:83:d1:23: d1:c2:6b:8c:3b:b0:77:08:65:07:33:fc:76:65:4d:ef:6f:f9: db:72:93:70:94:27:e3:1f:70:e2:54:47:f4:8c:1f:02:80:cb: 55:a7:91:3d:87:d7:cb:b9:d2:bb:12:2e:51:df:45:64:bb:6f: 8e:49:ad:c9:9b:b9:8f:f3:c8:eb:52:33:c1:30:b0:ea:77:ad: a0:10:3a:93:17:e0:44:c6:40:1a:c3:58:a9:4d:cc:aa:9a:fe: 92:2b:bc:0b:a3:5a:15:ed:2c:6f:dd:79:89:a7:3f:5d:85:25: 2b:35:55:ea:4b:eb:f5:c3:36:44:2a:5a:4b:05:85:58:ac:7f: 93:cd:de:2d:e4:c7:31:1e:4b:5b:9d:1d:53:f9:5f:a6:5d:b7: 18:fc:22:7a:ec:53:2a:75:e4:06:2d:db:33:69:96:6c:53:40: c6:be:e2:c4:b7:47:28:e7:9a:98:e7:01:b3:fe:5e:79:8c:94: 9c:d1:dd:b7:22:22:5e:fe:78:95:e3:fb:5b:10:0c:eb:36:37: 7f:c3:cd:bf -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOI+hML9dHaTu84qHgxAGs47a+mgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwMDRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGExZDQwYTBmYzc1ZTNjNTAyNWRmNTJjMWMyOGYyNTFkYjg0N2E5OTNmY2E4 N2U0MDk5NzRhMmY5ZWE4NWMzYjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKgHU6zG9YpH8bL94vqVROdk5uKYGbZGKb0TiDEV+3vOeo2OUgzIYaVnFKe9 h1SH75f7ZHXfGz/MOymEfJKGEPt3lodQ9MO5B3iTpzuY6gXmeeNxy930T0hVhSXr LsD++sJeFi7athd7UcdbDmrr0hd13oMp5KwRN8nwURhE3w3bIkmt4R+KDOEm9COR eml3HoX51i0s0EHk8QjKZUynYFXT8bObiZgK+l3bEjbgdO80FSkSzc6kcTAXvySx ggU1PZblOZNArpMcaTywFQ2wXUX0cz33XnRtsDZwPfC1yPVnZkpBTwvHuFgzEzUW P0ewqD9EIxVnfxAeKHMvYmF0U3cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTj//U+ Rb+JRnHw6Y2MOz2L/BNMaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDQ1OTNhZjUtNDY1My00ZDZhLThiYjUtNjUyNzBkYjg0YTRmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0C0A MA0GCSqGSIb3DQEBCwUAA4IBAQAzOOSpVAdvXO565W3zHvWC+0G7R+2+U/dcwLFk zSxop/3dQrW/ZXM7v7RAxvDn0sbjWFmD0SPRwmuMO7B3CGUHM/x2ZU3vb/nbcpNw lCfjH3DiVEf0jB8CgMtVp5E9h9fLudK7Ei5R30Vku2+OSa3Jm7mP88jrUjPBMLDq d62gEDqTF+BExkAaw1ipTcyqmv6SK7wLo1oV7Sxv3XmJpz9dhSUrNVXqS+v1wzZE KlpLBYVYrH+Tzd4t5McxHktbnR1T+V+mXbcY/CJ67FMqdeQGLdszaZZsU0DGvuLE t0co55qY5wGz/l55jJSc0d23IiJe/niV4/tbEAzrNjd/w82/ -----END CERTIFICATE-----Generated at Sat Dec 6 12:45:29 2025 by rpki-client