This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa File: 0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa (raw, json) Hash identifier: zxTgkKZ42YECEgIkJiYCTIUcRFJlj60f7pDYrj7wFLY= Subject key identifier: 69:EF:75:36:C2:18:B3:52:F9:9A:F4:CA:E9:C0:CA:65:C6:D7:B1:AB Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 32128959D58537964DCC2D3ED6B5F7DA5797B916 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa Signing time: Tue 25 Nov 2025 20:00:05 +0000 ROA not before: Tue 25 Nov 2025 20:00:05 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:20c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:12:89:59:d5:85:37:96:4d:cc:2d:3e:d6:b5:f7:da:57:97:b9:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:00:05 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=4d7be4843d8b5a67b58db2fcae3e2b16ed8892923f137e61a40ac905a36c3d70, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:75:7f:81:96:95:7f:b1:ba:d2:47:59:b8:95: cb:2d:ba:09:5e:76:d3:ac:9e:ec:9e:f2:62:85:04: e6:84:a9:16:c2:c1:ee:dc:5e:7b:77:c9:30:36:99: 80:43:9e:cb:f2:32:b2:ae:4a:f5:5a:aa:f7:f0:d4: 4a:57:a7:7f:d3:5e:0e:f3:54:5c:b7:24:31:85:7f: 7d:2d:14:c0:0b:3c:c0:fb:f6:64:08:c3:5d:f7:a0: 51:77:54:c1:07:a5:60:30:b6:fe:1e:b3:94:7a:02: 32:b1:43:f2:85:7b:88:b7:bd:cd:ad:84:e4:36:0a: 5a:97:90:24:21:c2:7a:50:80:21:af:65:1f:d9:a0: 44:fb:6f:da:e3:67:43:a1:5f:ad:28:8f:f8:bc:57: 55:2b:76:4b:9d:83:80:0a:50:d8:99:2b:d0:b0:3f: f4:5d:70:2e:21:52:d0:a0:12:20:86:f4:1e:6f:3e: 36:6b:f8:07:31:f4:8a:11:76:24:3b:f6:85:b9:a1: 73:d9:eb:f3:a8:6a:1f:a3:5f:55:b9:a8:5c:11:9c: 43:99:bb:84:3e:ef:f1:0f:8b:97:d8:cf:0d:8d:a4: 8c:9f:71:e0:9a:77:72:2e:95:14:8e:ba:11:cb:35: eb:06:c8:75:32:5a:14:b6:3c:0e:0c:62:a5:a0:1d: f6:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:EF:75:36:C2:18:B3:52:F9:9A:F4:CA:E9:C0:CA:65:C6:D7:B1:AB X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:20c0::/46 Signature Algorithm: sha256WithRSAEncryption 10:80:da:57:2b:74:01:16:2a:96:6a:00:e1:ed:a3:6b:9b:38: e3:76:3e:70:39:69:7d:99:0d:ea:43:6b:f9:66:b3:c0:05:09: 2e:01:49:8b:e5:11:72:3f:35:9d:23:d8:0c:6f:d7:0e:b7:24: 9d:d1:0d:d2:52:7a:cd:cc:a8:3b:7c:e7:4e:73:35:ca:48:5b: 11:4a:d9:4b:3e:01:47:e9:28:94:80:fc:84:48:24:be:7c:cc: 30:84:7c:10:b1:47:3e:79:e9:c5:48:c1:91:55:c4:b7:61:b7: 84:e8:a3:16:37:2d:d1:63:6e:62:f5:18:7d:99:42:fb:ac:db: 29:cf:e1:80:3c:16:e8:77:43:d2:c5:77:bd:0d:a1:bc:90:e0: aa:d8:2e:55:02:cf:27:c1:b7:d9:db:bf:ad:12:e5:e9:5b:c1: 18:00:a4:17:d1:9e:0d:2b:42:bb:e3:a2:4e:c3:b6:b9:98:3b: ac:26:a9:ca:35:9d:d8:33:f3:57:f4:3b:60:fb:58:26:b0:b9: 43:b7:8a:91:1d:1e:ad:16:5c:a2:58:7e:a8:3c:28:e1:47:eb: fa:22:51:8a:e3:9d:6f:43:2a:88:78:7c:4e:66:ee:89:7c:ce: 5f:ee:02:07:99:9f:d9:6c:b0:99:69:c8:3f:d5:eb:fb:fb:a7: 96:ac:b0:46 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUMhKJWdWFN5ZNzC0+1rX32leXuRYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAwMDVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDRkN2JlNDg0M2Q4YjVhNjdiNThkYjJmY2FlM2UyYjE2ZWQ4ODkyOTIzZjEz N2U2MWE0MGFjOTA1YTM2YzNkNzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAON1f4GWlX+xutJHWbiVyy26CV5206ye7J7yYoUE5oSpFsLB7txee3fJMDaZ gEOey/Iysq5K9Vqq9/DUSlenf9NeDvNUXLckMYV/fS0UwAs8wPv2ZAjDXfegUXdU wQelYDC2/h6zlHoCMrFD8oV7iLe9za2E5DYKWpeQJCHCelCAIa9lH9mgRPtv2uNn Q6FfrSiP+LxXVSt2S52DgApQ2Jkr0LA/9F1wLiFS0KASIIb0Hm8+Nmv4BzH0ihF2 JDv2hbmhc9nr86hqH6NfVbmoXBGcQ5m7hD7v8Q+Ll9jPDY2kjJ9x4Jp3ci6VFI66 Ecs16wbIdTJaFLY8DgxipaAd9pUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRp73U2 whizUvma9MrpwMplxtexqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGRjOGY2YjktOWIyZS00NTU5LWIzZTMtYjYxYjBkNjg1ZTRhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg wDANBgkqhkiG9w0BAQsFAAOCAQEAEIDaVyt0ARYqlmoA4e2ja5s443Y+cDlpfZkN 6kNr+WazwAUJLgFJi+URcj81nSPYDG/XDrckndEN0lJ6zcyoO3znTnM1ykhbEUrZ Sz4BR+kolID8hEgkvnzMMIR8ELFHPnnpxUjBkVXEt2G3hOijFjct0WNuYvUYfZlC +6zbKc/hgDwW6HdD0sV3vQ2hvJDgqtguVQLPJ8G32du/rRLl6VvBGACkF9GeDStC u+OiTsO2uZg7rCapyjWd2DPzV/Q7YPtYJrC5Q7eKkR0erRZcolh+qDwo4Ufr+iJR iuOdb0MqiHh8TmbuiXzOX+4CB5mf2WywmWnIP9Xr+/unlqywRg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:24 2025 by rpki-client