This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa File: 0f3fbd71-85b4-48a7-8479-e942c9578262.roa (raw, json) Hash identifier: gXDi5u3fgUa1tixIg/bJGuJ71pQNHffPwyQDQ6DDU+k= Subject key identifier: 7D:06:A0:BB:3E:B6:A9:34:E4:5C:64:6D:AA:51:09:E2:65:A8:42:D3 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1D147256C77C10B27374BD42270D313419557CBF Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa Signing time: Sat 15 Nov 2025 06:20:38 +0000 ROA not before: Sat 15 Nov 2025 06:20:38 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:14:72:56:c7:7c:10:b2:73:74:bd:42:27:0d:31:34:19:55:7c:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:38 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=1a084f598a077218828940a131f965972db94b1441e4e83a480512d3d8bd9356, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:7f:19:2a:b7:cd:43:99:b1:bd:d2:a1:4d:d3: 78:8b:ad:db:19:8b:17:5d:a3:50:89:31:ac:1a:55: 58:81:df:87:b0:e0:d7:03:ba:9b:ba:10:8a:16:89: 1c:a5:3f:bb:6e:26:8d:ab:7f:0f:26:a1:1b:d1:7a: 44:7f:09:9d:f3:23:0c:92:04:fe:ce:3f:fa:55:c5: 2c:ea:b7:a2:c9:ab:b0:88:a4:4e:73:8b:85:8d:c2: 02:fc:87:88:b9:31:87:99:e9:d9:0e:df:24:b7:bb: 86:1f:79:be:f7:eb:75:f5:11:90:0d:c2:87:ad:2f: 81:f6:14:1b:b7:d7:f6:22:61:94:6a:27:97:43:c6: 40:5b:b3:9d:af:3f:4e:c8:51:d0:30:68:f6:6d:f8: fe:f1:32:3f:20:83:9a:ea:f4:c9:7d:da:90:5d:18: 2e:f0:a6:6e:e5:34:c4:61:b4:22:41:d1:0f:52:a7: 5b:72:c8:51:e9:4e:ea:88:9c:55:79:aa:ec:66:22: ad:1e:d2:ba:77:ba:ff:22:82:de:cf:d1:ea:ed:49: 74:c1:24:e6:85:0f:3d:88:be:76:27:b3:5b:61:24: a1:52:d0:9c:83:90:b7:d1:d2:df:66:0f:af:55:ad: cf:dc:af:16:b0:25:5f:16:d9:ac:15:43:ad:2c:d3: 1e:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:06:A0:BB:3E:B6:A9:34:E4:5C:64:6D:AA:51:09:E2:65:A8:42:D3 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f3fbd71-85b4-48a7-8479-e942c9578262.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:1000::/40 Signature Algorithm: sha256WithRSAEncryption c6:f2:a2:d0:43:f4:42:cb:c9:bc:53:13:41:f8:82:57:fa:19: ab:87:11:de:34:f0:3a:18:f2:7f:58:d0:2c:87:4e:72:b2:e0: 0e:7e:77:62:9f:c5:fc:28:cf:15:84:8e:10:c9:e3:5f:ed:55: 99:e1:a8:cb:6d:11:05:d5:3f:ae:10:d7:8e:1e:35:19:ee:e4: f9:2d:19:e6:f3:28:cb:65:a3:21:60:5e:70:98:ab:6c:e7:00: 31:8b:b0:cc:91:bd:8e:8c:a4:60:29:46:fa:59:f2:60:08:0f: d3:cf:2f:2f:47:f1:c5:6e:65:78:92:95:81:40:41:dc:fd:46: 4b:34:ca:96:0a:b2:6f:16:ea:31:43:6c:ea:63:d9:ee:11:5c: 2d:c7:23:e9:90:72:64:10:b5:5b:56:90:95:e2:74:79:9e:18: c3:0b:f6:10:66:3c:0c:84:f6:79:78:ef:3d:9b:cf:3d:24:70: 8a:e7:e9:d9:f8:1f:00:78:c9:f1:54:b1:f2:cd:00:1c:95:f6: a1:d5:08:c5:4a:fe:ee:b6:39:f3:bd:9d:94:37:a6:02:20:56: 59:d4:c6:e7:36:df:34:58:a4:9d:56:ca:21:e8:3e:e0:d2:bb: 1c:0a:83:8d:b5:0a:9f:a1:77:4d:e2:13:28:06:3e:a6:34:ef: 92:fa:40:96 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHRRyVsd8ELJzdL1CJw0xNBlVfL8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwMzhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDFhMDg0ZjU5OGEwNzcyMTg4Mjg5NDBhMTMxZjk2NTk3MmRiOTRiMTQ0MWU0 ZTgzYTQ4MDUxMmQzZDhiZDkzNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOx/GSq3zUOZsb3SoU3TeIut2xmLF12jUIkxrBpVWIHfh7Dg1wO6m7oQihaJ HKU/u24mjat/DyahG9F6RH8JnfMjDJIE/s4/+lXFLOq3osmrsIikTnOLhY3CAvyH iLkxh5np2Q7fJLe7hh95vvfrdfURkA3Ch60vgfYUG7fX9iJhlGonl0PGQFuzna8/ TshR0DBo9m34/vEyPyCDmur0yX3akF0YLvCmbuU0xGG0IkHRD1KnW3LIUelO6oic VXmq7GYirR7Sune6/yKC3s/R6u1JdMEk5oUPPYi+diezW2EkoVLQnIOQt9HS32YP r1Wtz9yvFrAlXxbZrBVDrSzTHhsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR9BqC7 PrapNORcZG2qUQniZahC0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MGYzZmJkNzEtODViNC00OGE3LTg0NzktZTk0MmM5NTc4MjYyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEQ MA0GCSqGSIb3DQEBCwUAA4IBAQDG8qLQQ/RCy8m8UxNB+IJX+hmrhxHeNPA6GPJ/ WNAsh05ysuAOfndin8X8KM8VhI4QyeNf7VWZ4ajLbREF1T+uENeOHjUZ7uT5LRnm 8yjLZaMhYF5wmKts5wAxi7DMkb2OjKRgKUb6WfJgCA/Tzy8vR/HFbmV4kpWBQEHc /UZLNMqWCrJvFuoxQ2zqY9nuEVwtxyPpkHJkELVbVpCV4nR5nhjDC/YQZjwMhPZ5 eO89m889JHCK5+nZ+B8AeMnxVLHyzQAclfah1QjFSv7utjnzvZ2UN6YCIFZZ1Mbn Nt80WKSdVsoh6D7g0rscCoONtQqfoXdN4hMoBj6mNO+S+kCW -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:39 2025 by rpki-client