This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa File: 04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa (raw, json) Hash identifier: P8zCaY9m7+zjwRDKH237VXEgQPYsJ6KuewVhwoZmo8c= Subject key identifier: A8:CA:AD:C0:22:5D:16:28:6B:2E:AE:07:8C:50:7E:6D:24:80:76:AC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 386949FA6996CBF1046991216021E4D77B4F4229 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa Signing time: Tue 25 Nov 2025 20:10:04 +0000 ROA not before: Tue 25 Nov 2025 20:10:04 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:69:49:fa:69:96:cb:f1:04:69:91:21:60:21:e4:d7:7b:4f:42:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:10:04 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=c9d370e99a8350c7938d0cbf30ae66214d9d0700db289f15347dc56875ca27fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:4d:63:ae:6f:40:68:a7:9a:56:3c:1e:0a:bf: 1a:bd:40:70:47:11:bd:f9:8c:22:e5:78:9a:c7:c1: e7:a5:b8:06:22:49:25:ec:72:ad:ff:62:d4:3d:03: 36:d8:db:04:7c:8c:8e:2b:5e:7a:12:1f:34:14:30: 55:a1:b0:33:9e:af:bb:f4:4b:b0:7f:32:83:5c:61: ed:9b:3f:f8:ff:93:c8:65:67:91:85:ea:ed:18:d0: bf:72:89:20:3e:ba:f6:49:08:31:cc:a8:3c:e0:83: dc:b7:ba:46:4e:cc:eb:b6:93:93:b2:ca:bc:96:0d: 21:fe:9a:a8:86:ee:c2:46:7a:49:4c:a7:89:e6:a7: 5c:3f:05:be:c4:15:c3:81:2f:11:1d:43:f0:26:46: a6:39:1c:3a:93:14:4f:e7:d4:0b:e2:21:09:5a:81: 40:a2:92:da:44:96:c4:0e:d3:ef:f5:e8:85:00:9b: 2a:c4:de:33:d2:01:33:6c:40:fa:ba:7d:5b:25:ad: 6d:cd:d6:18:5d:56:62:a0:29:30:11:4e:4c:cd:a7: c2:bc:f8:8f:2b:7b:31:32:fa:65:e3:25:2f:31:1a: 5c:c4:0c:97:12:1e:63:bc:f1:b2:75:84:36:19:6a: 89:55:27:92:1b:a9:53:2e:d9:ce:a3:5f:e5:a4:73: fa:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:CA:AD:C0:22:5D:16:28:6B:2E:AE:07:8C:50:7E:6D:24:80:76:AC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04c34ea1-cddb-45aa-979f-bfe1fa0995af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:c000::/40 Signature Algorithm: sha256WithRSAEncryption b7:1a:b7:4f:62:88:b7:fa:91:cb:27:a5:ec:48:39:05:b2:b0: 4f:49:e3:93:a4:bc:e9:fb:20:8e:08:7e:c9:16:bd:72:d2:bf: dc:49:5f:ce:01:8c:34:83:cc:cb:5b:b4:66:c9:d9:c9:42:48: 76:17:4a:d8:07:3c:d2:27:ec:82:f9:7e:70:95:14:6c:a5:78: cd:41:c8:68:6a:d1:38:1b:08:05:f4:65:ba:67:81:1b:1e:17: 08:68:4b:0b:f6:4e:d4:fc:ae:93:d9:7a:aa:a8:d6:db:4f:f6: 11:5c:16:0c:28:b2:36:f3:e1:a1:84:4a:59:33:a5:46:f4:97: e1:9c:79:73:2d:4a:d3:d1:8e:35:8d:40:1d:15:89:8f:cf:15: 7b:64:0c:d7:5f:e8:d2:55:81:f6:3e:95:a1:92:c5:39:bb:02: d1:ea:6e:03:ff:b0:91:b7:89:27:46:96:c6:34:f7:9c:18:55: 55:64:c1:cf:58:54:6c:f9:d8:09:06:b4:bd:16:89:f9:5b:8e: 0a:2d:89:af:08:55:63:5c:40:f4:d3:d0:93:e0:7c:17:a2:e9: 6c:dc:8e:b2:9c:a0:47:80:ea:4a:8c:0c:5f:4f:b4:1d:c6:63: 02:50:15:fb:d3:c6:3b:ed:4b:f5:89:bc:da:f4:7b:c1:85:72: 3a:3e:3a:61 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUOGlJ+mmWy/EEaZEhYCHk13tPQikwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDEwMDRaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGM5ZDM3MGU5OWE4MzUwYzc5MzhkMGNiZjMwYWU2NjIxNGQ5ZDA3MDBkYjI4 OWYxNTM0N2RjNTY4NzVjYTI3ZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJVNY65vQGinmlY8Hgq/Gr1AcEcRvfmMIuV4msfB56W4BiJJJexyrf9i1D0D NtjbBHyMjiteehIfNBQwVaGwM56vu/RLsH8yg1xh7Zs/+P+TyGVnkYXq7RjQv3KJ ID669kkIMcyoPOCD3Le6Rk7M67aTk7LKvJYNIf6aqIbuwkZ6SUynieanXD8FvsQV w4EvER1D8CZGpjkcOpMUT+fUC+IhCVqBQKKS2kSWxA7T7/XohQCbKsTeM9IBM2xA +rp9WyWtbc3WGF1WYqApMBFOTM2nwrz4jyt7MTL6ZeMlLzEaXMQMlxIeY7zxsnWE NhlqiVUnkhupUy7ZzqNf5aRz+pMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSoyq3A Il0WKGsurgeMUH5tJIB2rDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDRjMzRlYTEtY2RkYi00NWFhLTk3OWYtYmZlMWZhMDk5NWFmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DHA MA0GCSqGSIb3DQEBCwUAA4IBAQC3GrdPYoi3+pHLJ6XsSDkFsrBPSeOTpLzp+yCO CH7JFr1y0r/cSV/OAYw0g8zLW7RmydnJQkh2F0rYBzzSJ+yC+X5wlRRspXjNQcho atE4GwgF9GW6Z4EbHhcIaEsL9k7U/K6T2XqqqNbbT/YRXBYMKLI28+GhhEpZM6VG 9JfhnHlzLUrT0Y41jUAdFYmPzxV7ZAzXX+jSVYH2PpWhksU5uwLR6m4D/7CRt4kn RpbGNPecGFVVZMHPWFRs+dgJBrS9Fon5W44KLYmvCFVjXED009CT4HwXouls3I6y nKBHgOpKjAxfT7QdxmMCUBX708Y77Uv1ibza9HvBhXI6Pjph -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:04 2025 by rpki-client