This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10aa39be-4f99-4b39-b428-f034a0b57d69.roa File: 10aa39be-4f99-4b39-b428-f034a0b57d69.roa (raw, json) Hash identifier: /EyhKiyXMWC2zewzb3NADdc67CSojLfS9sDAOCiyjI0= Subject key identifier: 59:BD:F0:04:1F:C6:FC:30:D3:77:0D:F4:13:AC:1B:6B:07:D8:E1:F3 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7F5704B22FB9B70B10178C66E11257AC546018 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10aa39be-4f99-4b39-b428-f034a0b57d69.roa Signing time: Sat 15 Nov 2025 05:50:09 +0000 ROA not before: Sat 15 Nov 2025 05:50:09 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:57:04:b2:2f:b9:b7:0b:10:17:8c:66:e1:12:57:ac:54:60:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:09 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=7176e420dd2ed75ac2393a2f3eafc5abfdd25846b0baabe1090134a15864b57c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:03:0b:10:21:a4:3b:39:5e:4b:d3:d8:fd:96: 0c:19:21:59:b8:09:dc:c5:c6:c1:d4:f7:73:5c:4b: 4d:e3:10:72:8a:8c:c5:d1:d2:dd:fb:07:e2:78:6d: 20:72:d5:9c:91:87:07:83:fd:2c:f7:bd:c0:5a:6c: 84:55:e2:c6:c9:6d:42:91:56:8d:80:4d:ad:ad:8b: 61:07:c4:d1:51:e7:64:d4:16:c1:f3:0f:70:07:8e: 3d:23:56:75:bc:73:d1:f8:99:78:b6:b7:71:12:f6: 08:e1:4c:05:98:c4:b2:f1:69:d0:37:a5:65:1a:b7: e7:f1:14:09:3c:a5:c6:29:d1:d9:e8:7b:dd:74:6a: d7:7c:56:96:ba:6b:4d:89:17:1d:86:8f:4f:f3:6c: 04:5c:11:9d:b0:5d:79:1c:fc:a7:d2:51:d8:66:6b: b2:f8:35:43:69:cf:7b:23:83:68:18:e3:c7:9d:82: aa:df:7d:33:c0:92:a2:fa:5e:c9:7a:f5:de:0a:93: 8b:47:2a:e8:e9:d3:84:ae:16:01:1f:c6:c9:91:28: 3b:d5:39:d1:91:d7:50:57:28:a6:9e:57:db:a0:8a: a7:de:b0:5a:29:30:35:21:9f:ca:20:c8:dc:46:37: 03:c9:ed:4e:3e:b2:cc:d5:ea:6d:ed:3f:80:ba:16: f2:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:BD:F0:04:1F:C6:FC:30:D3:77:0D:F4:13:AC:1B:6B:07:D8:E1:F3 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10aa39be-4f99-4b39-b428-f034a0b57d69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:b000::/40 Signature Algorithm: sha256WithRSAEncryption a0:21:e8:f4:12:e8:8f:5a:61:67:aa:f4:d3:43:bb:b3:b4:e7: 11:b5:67:70:7d:81:2c:58:45:fb:98:61:05:55:5c:2e:1f:06: e5:f6:40:44:fc:6e:a9:fa:95:29:f1:7a:3a:ab:1b:9d:59:46: 54:30:01:ec:88:60:c4:c3:7a:d7:19:fd:42:54:38:24:3a:68: 67:9c:4c:d6:ca:b3:55:20:af:8f:ae:0a:ca:4a:bd:6d:01:8c: b8:ac:e1:b9:0f:ac:e0:b2:73:f0:ad:5c:e0:73:99:53:f4:1e: 01:5c:4b:a4:38:ad:b0:3b:6e:d8:e0:9e:6f:71:92:fd:4c:e0: c6:94:19:cb:f9:7d:b3:1c:73:53:44:62:9a:2a:c2:1b:06:ce: 02:1f:03:f2:ae:fa:fe:9d:49:e6:ff:2a:cb:03:85:54:65:aa: 87:29:28:2c:67:82:f7:a8:e8:63:11:24:25:81:ca:0e:2b:80: 8e:2b:19:e2:22:82:28:ed:c4:4c:77:d7:4f:d1:50:f4:7c:20: 26:d6:fe:d3:fb:51:4a:34:37:59:2f:bb:b3:82:66:31:34:95: b6:06:3a:fe:38:a8:05:b9:84:d8:1f:9e:71:ab:ac:f1:c5:15: d0:f5:76:e1:20:57:92:79:81:41:8d:08:d0:6b:b5:0e:ae:40: 51:e5:ba:eb -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgITf1cEsi+5twsQF4xm4RJXrFRgGDANBgkqhkiG9w0BAQsF ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0 OTk3MGJjMB4XDTI1MTExNTA1NTAwOVoXDTI1MTIyMDIzNTk1OVowejFJMEcGA1UE BRNANzE3NmU0MjBkZDJlZDc1YWMyMzkzYTJmM2VhZmM1YWJmZGQyNTg0NmIwYmFh YmUxMDkwMTM0YTE1ODY0YjU3YzEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3 LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvwMLECGkOzleS9PY/ZYMGSFZuAncxcbB1PdzXEtN4xByiozF0dLd+wfieG0g ctWckYcHg/0s973AWmyEVeLGyW1CkVaNgE2trYthB8TRUedk1BbB8w9wB449I1Z1 vHPR+Jl4trdxEvYI4UwFmMSy8WnQN6VlGrfn8RQJPKXGKdHZ6HvddGrXfFaWumtN iRcdho9P82wEXBGdsF15HPyn0lHYZmuy+DVDac97I4NoGOPHnYKq330zwJKi+l7J evXeCpOLRyro6dOErhYBH8bJkSg71TnRkddQVyimnlfboIqn3rBaKTA1IZ/KIMjc RjcDye1OPrLM1ept7T+AuhbyBwIDAQABo4ICIzCCAh8wHQYDVR0OBBYEFFm98AQf xvww03cN9BOsG2sH2OHzMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8 MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC8x MGFhMzliZS00Zjk5LTRiMzktYjQyOC1mMDM0YTBiNTdkNjkucm9hMIGIBgNVHR8E gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXQALAw DQYJKoZIhvcNAQELBQADggEBAKAh6PQS6I9aYWeq9NNDu7O05xG1Z3B9gSxYRfuY YQVVXC4fBuX2QET8bqn6lSnxejqrG51ZRlQwAeyIYMTDetcZ/UJUOCQ6aGecTNbK s1Ugr4+uCspKvW0BjLis4bkPrOCyc/CtXOBzmVP0HgFcS6Q4rbA7btjgnm9xkv1M 4MaUGcv5fbMcc1NEYpoqwhsGzgIfA/Ku+v6dSeb/KssDhVRlqocpKCxngveo6GMR JCWByg4rgI4rGeIigijtxEx310/RUPR8ICbW/tP7UUo0N1kvu7OCZjE0lbYGOv44 qAW5hNgfnnGrrPHFFdD1duEgV5J5gUGNCNBrtQ6uQFHluus= -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:29 2025 by rpki-client