This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa File: 0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa (raw, json) Hash identifier: Rw8lremMCDsriQEyOnUPKRrX7ET2xj56bommF32kghQ= Subject key identifier: FF:9E:6D:9C:9E:06:6A:5C:2E:33:37:18:D5:6D:14:F1:80:CF:60:4C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 18A6F22A349803232B3857ED9BAA058A2F193928 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa Signing time: Sat 15 Nov 2025 05:40:12 +0000 ROA not before: Sat 15 Nov 2025 05:40:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:a6:f2:2a:34:98:03:23:2b:38:57:ed:9b:aa:05:8a:2f:19:39:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:40:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=6314f0921d12bbf7d2142b800bfa21335b65758379a7aa5daf457a4d279dccb9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:dc:3e:61:b5:36:b5:b9:0e:f8:ed:41:b1:9d: 29:97:37:8c:98:ab:92:bd:52:8e:a1:39:cf:37:85: 2a:68:ea:2b:61:14:d5:17:61:f0:48:73:52:a4:9a: 1e:f7:96:f4:39:71:73:5e:02:76:89:71:6d:8a:04: 74:2b:24:b0:09:ca:c4:26:b0:61:d0:f4:5b:45:8b: 80:03:58:9c:ef:c9:de:35:9a:26:a9:45:d6:43:d9: 09:64:e6:ee:d5:f3:d0:81:67:3b:48:31:6b:66:c4: 04:6a:bb:37:d3:b0:23:77:02:c8:fb:62:05:32:40: 6e:10:de:20:fe:f1:6b:c4:7b:cc:fb:c2:43:73:6a: 7c:f4:ce:be:c1:9b:79:05:3b:39:f2:e8:72:24:64: af:ca:e4:22:1d:31:2e:0a:7d:c2:ee:d6:98:81:8b: 51:4c:c0:9d:5c:33:c4:64:ab:96:6e:c8:95:09:78: 69:9c:37:de:53:0c:b3:32:a0:41:e5:35:d3:ae:d9: 0c:22:b2:59:05:20:39:ea:47:e6:23:ae:2f:98:65: a9:16:62:82:8a:df:e3:21:1e:aa:3b:18:37:a6:cb: c4:a0:b4:39:46:20:fc:54:ec:91:35:1e:60:e0:34: 74:e1:47:0f:a7:08:c3:f2:19:c1:2c:d4:bc:e9:b5: 68:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:9E:6D:9C:9E:06:6A:5C:2E:33:37:18:D5:6D:14:F1:80:CF:60:4C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b2e309e-e9d4-4546-8969-2d7b4b9d513f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:10c0::/48 Signature Algorithm: sha256WithRSAEncryption a8:ad:38:a9:8b:e1:85:06:10:2e:c7:fb:e3:ad:dc:24:51:c7: 0c:6b:5a:b7:e7:7a:ac:11:55:0c:9a:89:f5:6e:a5:4a:53:f7: 02:dc:86:cb:2f:00:ef:bc:39:ea:2b:a6:0c:b5:7a:e9:da:9c: 59:9c:6f:04:68:1d:88:e3:6c:80:1f:ca:78:49:f7:f2:89:18: 72:87:fc:11:d7:79:97:6a:d2:b7:6e:a9:a3:fe:db:63:fd:4f: c2:9a:34:e8:ac:f0:ca:7b:c9:ec:fd:f9:e9:3a:2a:92:16:8f: c4:c0:db:56:1f:85:63:45:ca:31:73:d7:f4:ff:50:5a:d3:dd: fb:38:d4:57:6c:47:7e:fd:1b:cc:d3:e9:db:93:9c:f6:a8:63: 70:c0:3d:38:73:cd:22:56:b0:32:77:43:98:d3:95:a0:80:a5: 52:19:8d:6c:8b:9f:de:0e:59:67:e6:0a:9c:1d:ad:d4:c1:bc: 68:6e:2c:00:a8:39:3b:84:e7:63:15:88:f1:a5:8f:1b:10:34: dd:73:12:99:64:e0:d7:1b:c2:ce:e8:7a:e4:77:8b:8b:b3:ba: e0:ce:14:77:f7:a5:bb:c6:3c:72:9f:47:d1:a8:0b:bd:44:03: 63:85:45:31:09:62:5f:d9:2b:e5:b7:fd:25:64:eb:50:74:32: 66:93:7f:e3 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUGKbyKjSYAyMrOFftm6oFii8ZOSgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQwMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDYzMTRmMDkyMWQxMmJiZjdkMjE0MmI4MDBiZmEyMTMzNWI2NTc1ODM3OWE3 YWE1ZGFmNDU3YTRkMjc5ZGNjYjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPHcPmG1NrW5DvjtQbGdKZc3jJirkr1SjqE5zzeFKmjqK2EU1Rdh8EhzUqSa HveW9Dlxc14CdolxbYoEdCsksAnKxCawYdD0W0WLgANYnO/J3jWaJqlF1kPZCWTm 7tXz0IFnO0gxa2bEBGq7N9OwI3cCyPtiBTJAbhDeIP7xa8R7zPvCQ3NqfPTOvsGb eQU7OfLociRkr8rkIh0xLgp9wu7WmIGLUUzAnVwzxGSrlm7IlQl4aZw33lMMszKg QeU1067ZDCKyWQUgOepH5iOuL5hlqRZigorf4yEeqjsYN6bLxKC0OUYg/FTskTUe YOA0dOFHD6cIw/IZwSzUvOm1aLECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT/nm2c ngZqXC4zNxjVbRTxgM9gTDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGIyZTMwOWUtZTlkNC00NTQ2LTg5NjktMmQ3YjRiOWQ1MTNmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DEQ wDANBgkqhkiG9w0BAQsFAAOCAQEAqK04qYvhhQYQLsf7463cJFHHDGtat+d6rBFV DJqJ9W6lSlP3AtyGyy8A77w56iumDLV66dqcWZxvBGgdiONsgB/KeEn38okYcof8 Edd5l2rSt26po/7bY/1Pwpo06KzwynvJ7P356ToqkhaPxMDbVh+FY0XKMXPX9P9Q WtPd+zjUV2xHfv0bzNPp25Oc9qhjcMA9OHPNIlawMndDmNOVoIClUhmNbIuf3g5Z Z+YKnB2t1MG8aG4sAKg5O4TnYxWI8aWPGxA03XMSmWTg1xvCzuh65HeLi7O64M4U d/elu8Y8cp9H0agLvUQDY4VFMQliX9kr5bf9JWTrUHQyZpN/4w== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:55 2025 by rpki-client