This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10aa39be-4f99-4b39-b428-f034a0b57d69.roa File: 10aa39be-4f99-4b39-b428-f034a0b57d69.roa (raw, json) Hash identifier: CR2Yc6a19L+pa8pxP1UbiJEHPO3c95AN91yJjS7Nwnc= Subject key identifier: 6D:A3:05:E8:C6:42:1D:89:48:99:F4:F6:75:CA:DC:C6:67:BA:79:7C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 55D5B846E9916E8571ADEC13D3F6422767DAD802 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10aa39be-4f99-4b39-b428-f034a0b57d69.roa Signing time: Wed 10 Dec 2025 05:41:01 +0000 ROA not before: Wed 10 Dec 2025 05:41:01 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:d5:b8:46:e9:91:6e:85:71:ad:ec:13:d3:f6:42:27:67:da:d8:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:01 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=d9c7f08f2f95678dede7e128fde14e4fc1a09dd2bc3c4921ae7693ab18617e23, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8a:cd:08:48:b2:40:a0:5d:58:c6:ab:be:96: 18:ed:b0:0a:d5:ae:38:45:33:7d:c0:db:a9:ba:d5: da:f8:20:30:bb:61:3c:1f:3e:6b:90:d7:14:e0:c0: a4:36:a3:32:dd:26:d9:5a:99:e9:e3:b3:30:8f:2f: 90:fc:ff:84:a2:3f:5c:f8:4d:ba:08:bf:16:52:5e: ff:4e:97:aa:4b:03:68:d0:d4:bf:85:bc:8a:16:50: 00:e7:2a:4c:c0:07:2b:22:0e:e5:6d:8f:0b:48:3e: da:55:df:ba:40:0d:52:6a:cf:79:d2:11:75:41:e4: 6a:65:bd:14:07:ae:24:31:7b:b2:0e:86:de:a9:5a: 23:35:79:63:59:e9:ba:78:b6:89:b6:c5:d5:a3:fa: 90:91:5b:b0:39:b4:8b:e7:72:3b:1e:c4:d8:0d:56: 4f:22:7a:df:53:3c:f5:25:2b:6d:d8:b9:40:fc:6a: 20:82:8a:d4:a3:7e:0f:3b:fc:b3:8d:55:06:d5:90: d6:dc:95:9f:c3:57:ff:e8:30:ef:66:91:61:e1:fe: 33:8c:20:9a:02:9d:71:3f:ff:a9:3e:8b:12:89:9f: 96:4a:90:2e:32:a4:21:6c:90:2e:74:ad:1f:0a:7b: 35:1b:1e:55:1f:a7:b5:41:79:36:60:d1:14:c2:1e: 80:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:A3:05:E8:C6:42:1D:89:48:99:F4:F6:75:CA:DC:C6:67:BA:79:7C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10aa39be-4f99-4b39-b428-f034a0b57d69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:b000::/40 Signature Algorithm: sha256WithRSAEncryption 08:2e:dc:b1:13:67:61:f2:e4:32:17:a0:1a:06:44:c3:37:84: e5:27:6a:a4:b7:13:41:27:85:da:9b:7d:38:3e:64:fe:d3:dd: 6a:46:52:4f:cf:e9:5b:6f:30:5d:f7:a9:ba:26:17:b1:4e:4d: a2:f2:87:6a:03:40:72:41:7b:6e:66:cd:81:94:94:f1:9e:ed: 28:5a:ed:bf:4e:ae:eb:f0:33:cf:40:32:34:bf:4d:fa:1e:36: 88:54:73:be:72:e3:25:46:e8:7e:55:e8:64:e9:e4:df:7a:7c: a5:6b:ce:d9:d5:a6:35:e3:ff:14:a3:3a:83:91:61:6f:d8:61: e5:4d:b8:53:9f:dc:a3:b7:29:2d:04:8d:17:e0:af:2b:6c:fb: f0:c9:65:5b:27:b0:3d:03:fb:27:45:a7:0a:a2:54:5f:e7:df: b4:be:81:af:3d:d8:6f:64:a3:44:e7:90:f2:26:8a:2e:f1:7b: ef:a4:70:24:be:77:53:10:68:3e:f2:e3:af:0e:98:7d:84:ee: 30:52:e8:de:b6:73:3b:2d:a6:41:a0:03:c0:34:00:2d:85:70: cd:24:a5:e9:4b:32:83:bb:6a:31:58:83:fc:f4:82:e3:8e:65: 1d:3b:12:a3:24:cf:47:a3:09:c2:b3:4b:93:ce:c2:fc:ac:60: d9:66:c4:28 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUVdW4RumRboVxrewT0/ZCJ2fa2AIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMDFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ5YzdmMDhmMmY5NTY3OGRlZGU3ZTEyOGZkZTE0ZTRmYzFhMDlkZDJiYzNj NDkyMWFlNzY5M2FiMTg2MTdlMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALaKzQhIskCgXVjGq76WGO2wCtWuOEUzfcDbqbrV2vggMLthPB8+a5DXFODA pDajMt0m2VqZ6eOzMI8vkPz/hKI/XPhNugi/FlJe/06XqksDaNDUv4W8ihZQAOcq TMAHKyIO5W2PC0g+2lXfukANUmrPedIRdUHkamW9FAeuJDF7sg6G3qlaIzV5Y1np uni2ibbF1aP6kJFbsDm0i+dyOx7E2A1WTyJ631M89SUrbdi5QPxqIIKK1KN+Dzv8 s41VBtWQ1tyVn8NX/+gw72aRYeH+M4wgmgKdcT//qT6LEomflkqQLjKkIWyQLnSt Hwp7NRseVR+ntUF5NmDRFMIegL8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtowXo xkIdiUiZ9PZ1ytzGZ7p5fDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTBhYTM5YmUtNGY5OS00YjM5LWI0MjgtZjAzNGEwYjU3ZDY5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACw MA0GCSqGSIb3DQEBCwUAA4IBAQAILtyxE2dh8uQyF6AaBkTDN4TlJ2qktxNBJ4Xa m304PmT+091qRlJPz+lbbzBd96m6JhexTk2i8odqA0ByQXtuZs2BlJTxnu0oWu2/ Tq7r8DPPQDI0v036HjaIVHO+cuMlRuh+Vehk6eTfenyla87Z1aY14/8UozqDkWFv 2GHlTbhTn9yjtyktBI0X4K8rbPvwyWVbJ7A9A/snRacKolRf59+0voGvPdhvZKNE 55DyJoou8XvvpHAkvndTEGg+8uOvDph9hO4wUujetnM7LaZBoAPANAAthXDNJKXp SzKDu2oxWIP89ILjjmUdOxKjJM9HownCs0uTzsL8rGDZZsQo -----END CERTIFICATE-----Generated at Mon Dec 15 15:30:29 2025 by rpki-client