This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa File: 0e68fbde-eead-4e29-b902-4eed053693ac.roa (raw, json) Hash identifier: 6CPppYwIL7RyQ9xS/+ULSgYBzSZrE42Vj6LOP2+8HMI= Subject key identifier: 98:18:95:D7:27:75:D9:18:FA:1D:9E:A5:F2:77:32:35:B5:53:E4:39 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1E4F7D23B703548F5BE3D95128B806961BABC332 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa Signing time: Sat 15 Nov 2025 05:41:06 +0000 ROA not before: Sat 15 Nov 2025 05:41:06 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01b::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:4f:7d:23:b7:03:54:8f:5b:e3:d9:51:28:b8:06:96:1b:ab:c3:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:41:06 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=bbb8541e80740ed313631b3b1e301dbcc573b220bc548648398151ba47e59fb2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5a:78:16:eb:2a:3d:a6:3c:9f:ff:ba:f2:0f: 1a:e4:63:78:09:e9:8a:2d:33:88:84:79:30:0f:26: ae:84:46:5f:0b:8e:fe:28:df:00:2f:41:13:1a:fa: d9:35:8f:e7:70:9f:34:a1:8b:03:2a:bf:f6:0a:8a: 91:b9:9b:5b:4e:56:ad:e5:4f:af:f2:7d:7c:db:4c: c2:22:03:b1:f8:5d:67:c8:4d:84:df:75:3a:42:80: ae:04:91:09:66:17:47:bd:64:42:e0:ae:51:05:40: 58:34:83:f5:49:94:17:38:4c:f6:f0:fa:04:06:50: a1:2e:ad:27:6a:0f:c5:42:3f:7c:52:3a:15:69:d6: a3:6c:d8:e8:1a:e4:9c:77:37:b2:4d:e3:59:1d:89: dd:3c:bf:13:58:17:df:b3:18:e1:9a:97:12:62:d8: 92:a8:21:6f:61:b6:2c:72:31:dd:03:20:77:92:c7: 5b:e1:33:73:65:64:d3:5a:0e:39:07:c2:24:a3:78: a9:c3:46:21:74:e4:e3:ad:94:b2:d7:51:12:a5:e0: ca:80:d4:1f:45:55:6c:b0:62:87:6f:e7:8a:4f:b9: 65:84:dd:54:aa:a0:8b:37:ce:bd:3e:e3:fb:c8:15: d5:d5:d8:f3:70:ce:bc:f0:ef:87:77:eb:c9:80:a7: 5c:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:18:95:D7:27:75:D9:18:FA:1D:9E:A5:F2:77:32:35:B5:53:E4:39 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e68fbde-eead-4e29-b902-4eed053693ac.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01b::/36 Signature Algorithm: sha256WithRSAEncryption 6e:bb:85:2d:39:c0:23:50:3c:ed:18:79:67:5d:cd:e3:21:1b: f3:d1:ba:ca:1a:10:52:dc:78:7d:9a:d4:cc:e3:d6:16:9d:9f: d5:dc:61:cf:80:c8:07:e2:d3:bb:59:8f:8b:42:36:2d:48:ca: b3:3c:6a:fb:58:53:50:7f:d6:e2:b4:07:08:d4:41:32:ae:5a: 1e:b5:a5:58:73:27:ba:11:75:7e:1c:20:ae:ec:a6:23:42:cb: 3b:d8:8e:a6:08:a9:f1:71:00:26:9d:22:96:cb:6a:d9:47:7f: 9b:a2:a5:c1:82:c1:29:97:04:47:37:01:e8:28:c7:06:f1:68: 12:98:9b:4f:f6:94:44:ac:38:e4:00:65:f2:bb:ba:62:f0:04: ca:52:e1:c0:31:92:3e:05:51:39:d6:0d:07:0b:26:eb:30:60: 78:79:5f:d7:a1:cf:6d:2b:ae:54:b7:3c:7a:25:0a:0b:9a:31: 29:e0:45:c3:98:ba:8f:13:32:41:43:66:9a:25:c8:6a:7a:cb: 36:3e:8c:91:68:81:e8:57:da:cd:43:5a:0c:d8:45:e0:64:83: 0d:6c:7f:7c:2c:b5:49:a9:12:9c:2e:b4:d2:00:d5:6c:de:da: 56:ba:d1:dd:ce:a7:40:d1:14:68:90:40:2d:67:8e:7b:43:f1: 9d:26:61:8f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHk99I7cDVI9b49lRKLgGlhurwzIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQxMDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGJiYjg1NDFlODA3NDBlZDMxMzYzMWIzYjFlMzAxZGJjYzU3M2IyMjBiYzU0 ODY0ODM5ODE1MWJhNDdlNTlmYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMRaeBbrKj2mPJ//uvIPGuRjeAnpii0ziIR5MA8mroRGXwuO/ijfAC9BExr6 2TWP53CfNKGLAyq/9gqKkbmbW05WreVPr/J9fNtMwiIDsfhdZ8hNhN91OkKArgSR CWYXR71kQuCuUQVAWDSD9UmUFzhM9vD6BAZQoS6tJ2oPxUI/fFI6FWnWo2zY6Brk nHc3sk3jWR2J3Ty/E1gX37MY4ZqXEmLYkqghb2G2LHIx3QMgd5LHW+Ezc2Vk01oO OQfCJKN4qcNGIXTk462UstdREqXgyoDUH0VVbLBih2/nik+5ZYTdVKqgizfOvT7j +8gV1dXY83DOvPDvh3fryYCnXPUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSYGJXX J3XZGPodnqXydzI1tVPkOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGU2OGZiZGUtZWVhZC00ZTI5LWI5MDItNGVlZDA1MzY5M2FjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BsA MA0GCSqGSIb3DQEBCwUAA4IBAQBuu4UtOcAjUDztGHlnXc3jIRvz0brKGhBS3Hh9 mtTM49YWnZ/V3GHPgMgH4tO7WY+LQjYtSMqzPGr7WFNQf9bitAcI1EEyrloetaVY cye6EXV+HCCu7KYjQss72I6mCKnxcQAmnSKWy2rZR3+boqXBgsEplwRHNwHoKMcG 8WgSmJtP9pRErDjkAGXyu7pi8ATKUuHAMZI+BVE51g0HCybrMGB4eV/Xoc9tK65U tzx6JQoLmjEp4EXDmLqPEzJBQ2aaJchqess2PoyRaIHoV9rNQ1oM2EXgZIMNbH98 LLVJqRKcLrTSANVs3tpWutHdzqdA0RRokEAtZ457Q/GdJmGP -----END CERTIFICATE-----Generated at Sat Dec 6 12:45:31 2025 by rpki-client