This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa File: 130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa (raw, json) Hash identifier: vXKyXTwvdBzgHvK4iIMxJ9xT0sqEc4v41G0O+5fxTpI= Subject key identifier: 82:EC:2F:52:E0:D7:17:0C:68:CE:F5:80:C3:06:26:38:71:F4:09:99 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 62CE29EBF2445E73B70639024F27A1A6AC9215F5 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa Signing time: Sat 29 Nov 2025 03:10:05 +0000 ROA not before: Sat 29 Nov 2025 03:10:05 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d059:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:ce:29:eb:f2:44:5e:73:b7:06:39:02:4f:27:a1:a6:ac:92:15:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:10:05 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=301395aff67dd3223b511ed0e7fd0288fd90aa6b6301a9d168b6befb2bf5332b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:35:d8:e7:3f:ae:b2:2b:42:9b:55:a9:0c:2c: ae:fc:a7:4f:d8:ae:d6:9c:0b:24:ab:09:36:65:fa: f2:fc:5a:da:97:d6:b3:85:0a:0a:0a:fa:fc:9d:e4: 03:88:75:b7:bb:c5:77:e7:71:14:e2:0a:3c:ad:e4: 1c:b4:06:2a:2b:64:5b:78:e4:9d:e1:d5:96:09:69: 73:27:f9:bf:f6:36:f2:59:74:72:86:c5:b5:cb:9d: 4f:ef:0d:ca:9e:3d:40:89:ca:37:e1:46:67:6a:5d: af:0d:ab:4f:c5:6d:6f:9c:f0:84:c4:f6:1b:be:c1: f8:12:9f:63:fe:b4:ab:70:dd:c9:14:25:ff:e4:91: 67:2a:d3:ee:12:be:57:19:58:99:23:73:df:76:29: 27:ae:90:a1:12:4c:f7:2c:2a:cc:c2:c8:0a:05:ae: 19:92:ee:35:7d:f7:79:1b:38:1b:40:90:f3:e3:a1: af:8f:99:5c:d5:9e:9f:ae:31:57:ce:df:98:3f:71: 5b:e8:f6:76:d4:e5:88:6f:d8:b7:55:ad:b8:c5:83: 36:8e:9e:57:c9:e0:72:1f:5e:22:79:cf:3b:6b:4c: 6d:c6:22:e9:61:d7:b0:0d:a8:d6:6d:39:ae:d4:30: 7d:6e:0c:bd:e2:86:b9:15:ea:e7:a7:e2:48:e0:bf: 06:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:EC:2F:52:E0:D7:17:0C:68:CE:F5:80:C3:06:26:38:71:F4:09:99 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/130bb518-ca36-43ed-b8dd-0345f5c1b3b1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:e000::/40 Signature Algorithm: sha256WithRSAEncryption 43:58:78:28:dc:d7:a9:9e:41:1b:1d:3c:af:cb:e9:f6:56:4b: d4:33:87:ca:88:42:9f:c0:0c:2f:da:66:4a:e4:42:e3:e5:cf: 0d:cf:90:28:62:cb:80:6a:df:98:77:0f:61:50:20:f2:56:7c: 7b:3a:e1:de:17:df:70:3d:1d:0a:5f:bd:23:c2:3f:38:83:61: 74:9a:64:9d:27:72:43:b2:e4:4d:52:c3:c7:26:bc:7b:70:ff: f2:b9:29:7d:ab:a9:b6:2b:01:7a:75:0c:8e:83:09:50:42:8a: ad:5a:bf:d6:28:b0:ec:41:91:51:90:96:db:17:c8:43:67:c6: 08:f6:25:78:43:02:71:55:88:ad:63:6f:63:49:8d:34:ac:4a: 19:24:3e:6f:ea:87:7f:bc:47:96:30:08:3a:f8:aa:65:39:3d: d2:82:a8:97:93:93:a3:a0:9c:ea:22:b1:b7:aa:3a:5e:7b:89: 74:5a:23:84:b4:47:b6:2d:77:9e:e5:e5:50:64:c5:20:d8:de: 69:29:3a:6f:dc:5a:a6:ba:6b:97:b1:c5:14:35:6b:8a:9d:17: 46:21:2e:3d:51:b2:bd:ee:41:83:b3:55:3d:a8:5d:99:48:89: 4f:6b:28:39:45:9b:ef:05:66:65:a6:a3:6b:7e:f7:b3:a6:3d: 8d:f8:70:c6 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUYs4p6/JEXnO3BjkCTyehpqySFfUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzEwMDVaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQDMwMTM5NWFmZjY3ZGQzMjIzYjUxMWVkMGU3ZmQwMjg4ZmQ5MGFhNmI2MzAx YTlkMTY4YjZiZWZiMmJmNTMzMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALc12Oc/rrIrQptVqQwsrvynT9iu1pwLJKsJNmX68vxa2pfWs4UKCgr6/J3k A4h1t7vFd+dxFOIKPK3kHLQGKitkW3jkneHVlglpcyf5v/Y28ll0cobFtcudT+8N yp49QInKN+FGZ2pdrw2rT8Vtb5zwhMT2G77B+BKfY/60q3DdyRQl/+SRZyrT7hK+ VxlYmSNz33YpJ66QoRJM9ywqzMLICgWuGZLuNX33eRs4G0CQ8+Ohr4+ZXNWen64x V87fmD9xW+j2dtTliG/Yt1WtuMWDNo6eV8ngch9eInnPO2tMbcYi6WHXsA2o1m05 rtQwfW4MveKGuRXq56fiSOC/Bh0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSC7C9S 4NcXDGjO9YDDBiY4cfQJmTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTMwYmI1MTgtY2EzNi00M2VkLWI4ZGQtMDM0NWY1YzFiM2IxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng MA0GCSqGSIb3DQEBCwUAA4IBAQBDWHgo3NepnkEbHTyvy+n2VkvUM4fKiEKfwAwv 2mZK5ELj5c8Nz5AoYsuAat+Ydw9hUCDyVnx7OuHeF99wPR0KX70jwj84g2F0mmSd J3JDsuRNUsPHJrx7cP/yuSl9q6m2KwF6dQyOgwlQQoqtWr/WKLDsQZFRkJbbF8hD Z8YI9iV4QwJxVYitY29jSY00rEoZJD5v6od/vEeWMAg6+KplOT3SgqiXk5OjoJzq IrG3qjpee4l0WiOEtEe2LXee5eVQZMUg2N5pKTpv3FqmumuXscUUNWuKnRdGIS49 UbK97kGDs1U9qF2ZSIlPayg5RZvvBWZlpqNrfvezpj2N+HDG -----END CERTIFICATE-----Generated at Sat Dec 6 10:54:45 2025 by rpki-client