This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa File: 075bdd7a-ba79-4543-9f8e-ac092351419b.roa (raw, json) Hash identifier: qAaYChUVcBQt4Lfpy30dwrSt3kbVRwiZNwBW67dtgpw= Subject key identifier: 42:CC:02:FD:83:06:1B:F2:A8:28:E6:5E:F1:2F:CB:A0:64:E4:E6:76 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2EACAC5695E0495B687CD84B789934A3FAC5C90A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa Signing time: Sun 23 Nov 2025 01:30:11 +0000 ROA not before: Sun 23 Nov 2025 01:30:11 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:ac:ac:56:95:e0:49:5b:68:7c:d8:4b:78:99:34:a3:fa:c5:c9:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:11 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=41987530da96c76ed09bd189afb746e1847a2df9e2edf411c4aefa4dbcea47b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:91:57:ba:41:3f:76:4d:8f:69:95:a5:b4:a8: 61:36:a6:4f:71:2a:d0:3b:f8:3f:a1:2a:b4:29:4a: 7f:14:49:83:23:2f:9e:06:b0:41:26:64:a5:c0:1a: b7:21:08:b3:b8:65:64:92:ad:1c:c5:1b:79:e3:f5: 2a:ad:8d:42:36:25:04:32:41:78:f6:8e:02:41:31: 33:bf:e7:fc:97:da:3d:c4:f1:be:8f:10:fb:6e:16: 34:13:d3:c0:a4:43:cb:a6:ee:4f:3d:b8:ff:6d:70: 3f:9a:d3:c9:90:9b:2e:37:c3:fd:4e:36:67:3f:9a: f7:f0:9e:51:b3:a6:97:4d:6a:28:ab:e4:99:9d:f1: e8:46:4f:28:50:a9:21:bc:9d:92:ca:9c:2e:2e:94: e9:05:35:39:be:db:09:39:8e:6a:35:d3:e6:99:d6: c4:eb:d7:09:9a:a4:05:d7:56:8e:17:59:bf:fb:c2: a0:e8:36:c0:b2:ea:b4:44:bb:4a:09:95:7c:db:c1: 49:75:8b:7e:f9:5e:26:6c:d5:b0:ed:99:cd:49:9d: ff:e4:85:83:f1:b3:d8:39:b5:8e:5b:96:84:ba:db: 9e:b9:f3:c6:85:bd:d7:12:ed:dc:fb:94:d3:2d:8d: e7:57:e6:be:b2:c2:bc:ee:07:d7:03:8a:54:c7:87: 69:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:CC:02:FD:83:06:1B:F2:A8:28:E6:5E:F1:2F:CB:A0:64:E4:E6:76 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/075bdd7a-ba79-4543-9f8e-ac092351419b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:6000::/40 Signature Algorithm: sha256WithRSAEncryption a5:ad:96:6c:8e:b8:9c:bf:c5:60:39:8f:fd:ac:f3:a1:8b:99: f6:1e:9a:db:a3:4b:da:a0:62:be:77:f2:9d:42:7d:e6:a4:48: 49:4f:f5:40:f5:4b:ba:b3:8f:40:e0:64:8a:4b:df:6f:9c:4c: 24:08:8c:6c:c2:ab:89:ab:c5:7d:b2:e0:6c:6f:2d:c5:f9:c3: 98:81:be:c7:29:b7:e7:df:f1:4b:a9:17:83:9e:e5:c0:e1:a9: 5e:9d:25:47:c9:ca:24:00:02:02:9b:2a:56:90:39:e3:12:c1: 56:60:0d:9f:2e:14:a7:26:f7:0f:5c:29:b0:8a:36:49:29:94: b8:3a:c3:55:d4:72:82:fd:05:ff:38:8e:d1:ec:66:c3:3e:23: 6d:77:f4:1b:f1:7a:26:68:c8:e1:24:86:a9:cc:82:b0:25:52: 5a:50:25:b0:1a:d0:91:8d:3e:04:ac:fb:f4:8b:a6:e1:58:12: 62:19:06:ea:d3:71:89:76:2c:4b:d3:9d:7c:d9:03:dd:ab:f0: b0:00:25:e3:b8:14:ff:e9:e0:fb:be:08:d3:ea:e4:86:44:be: 63:e4:53:22:d9:51:f6:da:7d:75:04:ba:90:1f:83:af:ee:fa: d5:a5:33:34:26:a3:6c:d7:e2:fa:6e:92:44:84:25:6a:1b:d5: df:00:87:df -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIULqysVpXgSVtofNhLeJk0o/rFyQowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwMTFaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDQxOTg3NTMwZGE5NmM3NmVkMDliZDE4OWFmYjc0NmUxODQ3YTJkZjllMmVk ZjQxMWM0YWVmYTRkYmNlYTQ3YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKORV7pBP3ZNj2mVpbSoYTamT3Eq0Dv4P6EqtClKfxRJgyMvngawQSZkpcAa tyEIs7hlZJKtHMUbeeP1Kq2NQjYlBDJBePaOAkExM7/n/JfaPcTxvo8Q+24WNBPT wKRDy6buTz24/21wP5rTyZCbLjfD/U42Zz+a9/CeUbOml01qKKvkmZ3x6EZPKFCp IbydksqcLi6U6QU1Ob7bCTmOajXT5pnWxOvXCZqkBddWjhdZv/vCoOg2wLLqtES7 SgmVfNvBSXWLfvleJmzVsO2ZzUmd/+SFg/Gz2Dm1jluWhLrbnrnzxoW91xLt3PuU 0y2N51fmvrLCvO4H1wOKVMeHabECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCzAL9 gwYb8qgo5l7xL8ugZOTmdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MDc1YmRkN2EtYmE3OS00NTQzLTlmOGUtYWMwOTIzNTE0MTliLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gpg MA0GCSqGSIb3DQEBCwUAA4IBAQClrZZsjricv8VgOY/9rPOhi5n2Hprbo0vaoGK+ d/KdQn3mpEhJT/VA9Uu6s49A4GSKS99vnEwkCIxswquJq8V9suBsby3F+cOYgb7H Kbfn3/FLqReDnuXA4alenSVHycokAAICmypWkDnjEsFWYA2fLhSnJvcPXCmwijZJ KZS4OsNV1HKC/QX/OI7R7GbDPiNtd/Qb8XomaMjhJIapzIKwJVJaUCWwGtCRjT4E rPv0i6bhWBJiGQbq03GJdixL05182QPdq/CwACXjuBT/6eD7vgjT6uSGRL5j5FMi 2VH22n11BLqQH4Ov7vrVpTM0JqNs1+L6bpJEhCVqG9XfAIff -----END CERTIFICATE-----Generated at Sat Dec 6 11:45:34 2025 by rpki-client