This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa File: 1aa38486-cd53-4f48-891d-a0191edf04a1.roa (raw, json) Hash identifier: aSTHDlfaSEvL/sMwzhD9RwiSUVsi+wVvQ4q88fV6xfU= Subject key identifier: 85:68:B9:9B:42:B5:93:75:11:B8:A1:47:43:E4:26:D7:32:FC:D1:68 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 48BB36C304129E7CEC03CA40778662855C0BBCF3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa Signing time: Sat 15 Nov 2025 05:50:32 +0000 ROA not before: Sat 15 Nov 2025 05:50:32 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:90c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:bb:36:c3:04:12:9e:7c:ec:03:ca:40:77:86:62:85:5c:0b:bc:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:32 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=9ab31c116103558eeb373af50da08659db1c310af90516e7733bda0e74e42297, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:da:d7:b0:04:fc:bc:22:2b:7f:3b:7e:80:6d: 4e:c2:f0:cf:fa:9c:8a:30:4c:86:5d:25:83:56:37: 7d:14:04:26:0a:4a:8b:3f:a3:a2:0b:1d:02:7b:7a: c0:48:ff:d7:22:1b:b9:3e:ed:82:16:0f:21:91:65: 5e:f3:d3:fc:e6:92:e1:ab:78:b1:e8:1b:9e:05:3e: 2b:45:ee:a3:05:98:c1:73:84:9e:43:cb:a5:0d:2c: 20:77:34:13:2b:09:55:79:12:bf:58:5d:48:38:01: 61:e3:25:b2:8e:e3:ad:fc:da:23:66:b3:80:07:56: 54:72:0b:d0:4a:80:e4:6d:23:87:18:30:7d:23:89: 52:a4:d7:a8:68:0e:3d:ad:90:62:14:4b:06:84:84: 3f:d1:ea:59:89:e4:ff:eb:14:b6:04:27:4e:6c:1e: 43:07:07:07:d7:21:46:6c:48:a8:df:a5:8d:cd:0f: 57:a2:3c:62:e3:63:ac:07:2e:f3:a8:2b:5a:92:7e: 5d:7c:bb:bf:dd:95:33:46:14:db:72:72:7f:d6:e3: ae:ec:0e:8b:8c:93:f6:0a:d3:e5:08:5f:ce:0c:5f: b8:0a:8a:f3:54:ff:c2:e6:3e:0c:8e:56:63:36:a3: 85:99:67:a2:f0:5b:66:69:3a:f8:3e:2a:85:62:cb: 28:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:68:B9:9B:42:B5:93:75:11:B8:A1:47:43:E4:26:D7:32:FC:D1:68 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:90c0::/48 Signature Algorithm: sha256WithRSAEncryption 96:3a:fc:a4:4a:dd:70:95:a5:63:86:c0:d3:36:d5:cd:ac:49: ef:1b:dc:9c:20:c7:2b:e5:7b:77:8d:f3:cb:f1:36:81:02:f2: be:1f:36:7a:cc:06:6a:9f:6a:d6:d9:54:7b:3d:00:4b:29:cf: ef:79:2a:f2:5c:ac:7e:3f:50:2e:e2:e3:cb:f6:6b:9c:4d:c2: f7:4c:06:9d:d2:cb:40:e3:81:0f:51:46:79:cb:76:33:f3:5c: 15:9f:d7:c7:2a:46:ae:3f:88:8c:3a:d1:6d:f6:01:b1:f7:04: 23:64:40:39:90:dc:4d:5e:48:fe:bd:4b:9d:a5:09:44:d4:ee: c1:c8:90:4f:7a:f1:86:17:f6:82:16:ab:1e:91:9f:bf:f2:a0: fc:4a:d4:d9:29:69:67:39:52:cb:ae:b5:8c:60:0e:e1:fe:b5: d4:2b:92:96:b1:41:8f:40:44:30:a1:7c:8c:68:52:41:4d:44: bc:18:64:7a:21:28:7e:7a:35:58:56:a8:3f:be:f9:c2:1e:0a: b3:82:bf:0b:0c:6f:ef:98:ee:4c:80:bf:aa:32:3a:5c:5f:32: f6:8e:36:cf:a7:bb:85:67:ac:fd:6a:e0:76:61:a4:4b:79:5a: 89:ae:02:ab:51:01:31:83:89:7f:47:f8:37:a2:1f:d8:b2:39: a3:ef:be:67 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUSLs2wwQSnnzsA8pAd4ZihVwLvPMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMzJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDlhYjMxYzExNjEwMzU1OGVlYjM3M2FmNTBkYTA4NjU5ZGIxYzMxMGFmOTA1 MTZlNzczM2JkYTBlNzRlNDIyOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKHa17AE/LwiK387foBtTsLwz/qcijBMhl0lg1Y3fRQEJgpKiz+jogsdAnt6 wEj/1yIbuT7tghYPIZFlXvPT/OaS4at4segbngU+K0XuowWYwXOEnkPLpQ0sIHc0 EysJVXkSv1hdSDgBYeMlso7jrfzaI2azgAdWVHIL0EqA5G0jhxgwfSOJUqTXqGgO Pa2QYhRLBoSEP9HqWYnk/+sUtgQnTmweQwcHB9chRmxIqN+ljc0PV6I8YuNjrAcu 86grWpJ+XXy7v92VM0YU23Jyf9bjruwOi4yT9grT5QhfzgxfuAqK81T/wuY+DI5W YzajhZlnovBbZmk6+D4qhWLLKHUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSFaLmb QrWTdRG4oUdD5CbXMvzRaDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWFhMzg0ODYtY2Q1My00ZjQ4LTg5MWQtYTAxOTFlZGYwNGExLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ wDANBgkqhkiG9w0BAQsFAAOCAQEAljr8pErdcJWlY4bA0zbVzaxJ7xvcnCDHK+V7 d43zy/E2gQLyvh82eswGap9q1tlUez0ASynP73kq8lysfj9QLuLjy/ZrnE3C90wG ndLLQOOBD1FGect2M/NcFZ/XxypGrj+IjDrRbfYBsfcEI2RAOZDcTV5I/r1LnaUJ RNTuwciQT3rxhhf2gharHpGfv/Kg/ErU2SlpZzlSy661jGAO4f611CuSlrFBj0BE MKF8jGhSQU1EvBhkeiEofno1WFaoP775wh4Ks4K/Cwxv75juTIC/qjI6XF8y9o42 z6e7hWes/WrgdmGkS3laia4Cq1EBMYOJf0f4N6If2LI5o+++Zw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:43 2025 by rpki-client