This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa File: 19a2984e-942a-4280-ac0b-904c9860af2f.roa (raw, json) Hash identifier: KZEzbaW+N7c9DISFoP00xz7S7aS1OPEYBvxKaeZpgZ8= Subject key identifier: 81:2B:F0:93:00:F3:DD:76:09:82:BC:81:62:D4:02:66:1F:73:E1:82 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 524F800C16169769968FC021EE1260D68C7B41E7 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa Signing time: Wed 10 Dec 2025 05:50:04 +0000 ROA not before: Wed 10 Dec 2025 05:50:04 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:4f:80:0c:16:16:97:69:96:8f:c0:21:ee:12:60:d6:8c:7b:41:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:04 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2f1167b0d777bb85eac115a870974cde1f902bc60cb63b4c1f15279316b975df, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:1b:f6:30:9e:b5:24:80:98:03:e4:05:c0:3f: c5:08:01:a1:24:99:c6:92:4b:d0:3b:ad:f2:10:0f: 54:9f:84:e8:17:f5:0d:33:71:5f:36:15:21:e6:30: 5b:91:8c:f5:cf:fd:bb:81:fe:c1:2b:b8:7e:a8:41: 7a:00:a1:aa:07:c2:bd:ed:13:73:bd:3b:4e:a2:5b: 95:46:45:55:d5:34:a3:0b:b3:50:b2:f8:7a:0a:e0: 57:17:ba:cc:75:c6:8a:6e:c8:d4:43:96:21:11:a1: 1b:4b:65:6f:18:5d:56:ff:40:10:0c:31:21:2e:fa: 9f:ee:14:6b:fb:04:ee:b5:27:c6:7f:ad:22:52:0f: 3e:00:a9:26:ba:4b:21:02:3c:de:05:ef:91:b2:77: 8f:d0:2d:8f:35:4b:06:fa:d7:69:04:a7:fa:fd:f7: 1d:4b:31:47:c7:99:a4:5a:cd:c6:ba:d1:9d:0d:98: 19:67:fe:7b:fa:c4:dc:25:08:51:f0:5a:97:af:c4: b6:e5:ec:dc:7b:07:9c:3d:c1:d8:da:b3:1f:7f:44: e2:ec:f2:3d:2b:a3:2f:19:bf:c9:f1:ba:59:73:20: 72:e3:f1:99:01:41:2c:26:63:df:06:ae:61:4e:e6: 57:fc:25:d3:74:c6:c1:03:1c:bc:63:78:1a:8f:87: e1:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:2B:F0:93:00:F3:DD:76:09:82:BC:81:62:D4:02:66:1F:73:E1:82 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/19a2984e-942a-4280-ac0b-904c9860af2f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:8020::/48 Signature Algorithm: sha256WithRSAEncryption 81:67:f9:f5:af:5c:43:79:59:27:ee:52:2a:f8:79:08:ec:1b: 4c:03:24:79:eb:00:fb:4c:6b:e4:08:64:0a:f3:88:ba:5b:89: d8:46:9c:9a:33:02:93:2d:6e:8c:ac:09:4c:9a:4f:2c:17:a1: e2:95:69:c9:04:b1:e3:a2:fc:a4:5c:13:55:cf:55:c7:23:b4: 11:bf:28:86:0b:10:85:eb:b8:27:ca:41:fc:6a:75:13:30:6a: 24:ac:1c:2e:70:98:fb:dd:5b:d0:6a:94:2a:f9:1a:0e:7f:07: 11:4d:42:1a:ef:7c:ca:10:14:e5:0d:20:31:e9:22:1f:f9:bc: 94:16:89:52:62:a4:31:f9:28:50:0c:7a:17:fe:f0:1c:c9:12: bd:c9:74:fe:4e:cf:b2:92:c9:3d:c0:e9:93:d3:1f:bd:39:72: 38:9d:05:95:3f:ea:2a:ef:4e:0f:15:07:cf:83:8d:31:83:ae: 5b:b4:ea:d7:33:a6:e4:64:59:0d:f6:ea:8c:56:f1:87:82:21: 71:93:3b:c4:8e:07:b4:c9:65:90:cb:e0:ba:c4:f7:b4:1f:5c: b2:2e:c8:46:48:cf:98:8d:f7:6b:c6:cf:d8:db:79:62:3e:9f: 39:ea:95:6e:ed:de:d2:5b:5e:50:f4:49:21:bc:f1:e6:eb:94: 9d:89:aa:27 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUUk+ADBYWl2mWj8Ah7hJg1ox7QecwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwMDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDJmMTE2N2IwZDc3N2JiODVlYWMxMTVhODcwOTc0Y2RlMWY5MDJiYzYwY2I2 M2I0YzFmMTUyNzkzMTZiOTc1ZGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPMb9jCetSSAmAPkBcA/xQgBoSSZxpJL0Dut8hAPVJ+E6Bf1DTNxXzYVIeYw W5GM9c/9u4H+wSu4fqhBegChqgfCve0Tc707TqJblUZFVdU0owuzULL4egrgVxe6 zHXGim7I1EOWIRGhG0tlbxhdVv9AEAwxIS76n+4Ua/sE7rUnxn+tIlIPPgCpJrpL IQI83gXvkbJ3j9AtjzVLBvrXaQSn+v33HUsxR8eZpFrNxrrRnQ2YGWf+e/rE3CUI UfBal6/EtuXs3HsHnD3B2NqzH39E4uzyPSujLxm/yfG6WXMgcuPxmQFBLCZj3wau YU7mV/wl03TGwQMcvGN4Go+H4ZkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSBK/CT APPddgmCvIFi1AJmH3PhgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MTlhMjk4NGUtOTQyYS00MjgwLWFjMGItOTA0Yzk4NjBhZjJmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA IDANBgkqhkiG9w0BAQsFAAOCAQEAgWf59a9cQ3lZJ+5SKvh5COwbTAMkeesA+0xr 5AhkCvOIuluJ2EacmjMCky1ujKwJTJpPLBeh4pVpyQSx46L8pFwTVc9VxyO0Eb8o hgsQheu4J8pB/Gp1EzBqJKwcLnCY+91b0GqUKvkaDn8HEU1CGu98yhAU5Q0gMeki H/m8lBaJUmKkMfkoUAx6F/7wHMkSvcl0/k7PspLJPcDpk9MfvTlyOJ0FlT/qKu9O DxUHz4ONMYOuW7Tq1zOm5GRZDfbqjFbxh4IhcZM7xI4HtMllkMvgusT3tB9csi7I RkjPmI33a8bP2Nt5Yj6fOeqVbu3e0lteUPRJIbzx5uuUnYmqJw== -----END CERTIFICATE-----Generated at Mon Dec 15 15:31:41 2025 by rpki-client