This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa File: 1af8ee5d-0148-4672-a9da-a1980cfe4768.roa (raw, json) Hash identifier: BqCTExovNoF4L3Jrubs741ofyjbbVY18wFxD/coTikQ= Subject key identifier: 40:A3:C8:9C:A3:AB:69:B6:41:F4:C4:77:36:28:1C:A9:47:62:29:2E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 05864E829B35C87CB61B27C47E0108DC6D218711 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa Signing time: Wed 10 Dec 2025 06:21:28 +0000 ROA not before: Wed 10 Dec 2025 06:21:28 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:86:4e:82:9b:35:c8:7c:b6:1b:27:c4:7e:01:08:dc:6d:21:87:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:21:28 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=bfb8cd53602ddae6189b297e1fceac0ee17df346abb9a1e542dc355fa0e3ab35, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:a9:20:50:d5:e9:b8:36:83:a2:80:a4:b2:ee: b6:81:67:d3:9d:27:0d:ae:a4:85:03:03:61:42:ff: d5:fa:4c:64:47:8b:c5:14:8f:8a:d6:ed:48:c5:20: 2b:6f:86:a4:3d:2f:c7:e0:30:87:4e:ed:81:3f:f3: 6a:7e:2d:09:18:72:60:1b:c5:5c:fb:33:20:bb:29: a4:6e:45:70:c5:7f:86:89:18:93:0e:be:cb:54:f7: 99:1d:40:89:4f:cf:7d:6c:12:02:e4:31:e8:32:dc: 3d:13:5d:3b:ad:18:b7:9e:5e:9e:1d:31:02:1b:2b: ca:38:8d:20:4e:a5:34:96:e5:af:cc:43:3c:c3:84: 15:98:bd:2e:88:78:50:a9:f3:5d:fc:e7:23:ea:5f: 01:bd:34:63:c6:d3:d2:f9:b5:06:52:f8:32:22:6c: 32:29:01:b9:02:3a:bc:15:f4:02:07:7b:b0:db:ee: ed:24:47:f1:29:9a:29:89:15:1d:57:8c:31:bf:89: 9c:50:35:97:2c:3a:00:97:3e:5a:d2:c7:e5:bf:20: 6e:37:cc:c4:10:41:4e:20:db:cf:98:cd:e1:8c:ad: a5:bf:6c:1c:f0:af:42:80:70:c0:66:9a:b3:c8:4f: 72:ca:ce:57:7d:98:87:ed:54:75:f0:e1:22:60:d1: 60:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:A3:C8:9C:A3:AB:69:B6:41:F4:C4:77:36:28:1C:A9:47:62:29:2E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1af8ee5d-0148-4672-a9da-a1980cfe4768.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:8080::/48 Signature Algorithm: sha256WithRSAEncryption 7a:b9:4a:61:99:75:30:44:a1:7d:e1:6f:3d:b4:bd:b0:ab:a9: fd:80:71:25:79:3e:34:90:28:52:29:32:97:7f:48:74:cb:d8: 95:fc:cb:d7:22:c3:81:28:c7:d3:d0:1f:c6:24:0b:bf:4f:38: 3a:4a:aa:f5:a4:01:12:36:19:f6:3c:07:70:18:87:53:b3:33: d3:ca:b6:88:2a:97:8e:f0:a0:88:b0:9e:89:8c:98:c7:81:24: 14:47:92:bb:1a:73:77:39:aa:19:63:3b:71:02:55:99:38:7e: 04:7b:34:4a:0d:8c:69:06:12:ac:74:89:24:27:66:83:74:7d: f1:8d:9a:e1:a7:8a:a5:9b:8f:80:79:f3:13:2d:07:bb:cc:2e: 55:25:0a:85:b8:6f:c7:a4:bd:47:85:de:29:8d:7b:14:15:c4: b7:da:60:fe:35:be:8a:44:8b:e3:5b:99:15:2a:21:06:36:b1: ce:2a:07:ad:69:1e:92:e9:55:9e:e8:ac:7c:cd:56:71:f1:30: 46:c8:01:65:62:b8:51:ce:5c:e2:19:89:a4:ae:61:6f:e6:d4: 7c:e0:8f:3f:12:3a:f4:a3:47:96:42:54:36:3c:da:6f:0d:a1: c2:5d:59:b0:db:0a:0d:88:45:12:99:86:ba:d2:19:39:d8:fc: d3:65:0c:d8 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUBYZOgps1yHy2GyfEfgEI3G0hhxEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIxMjhaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGJmYjhjZDUzNjAyZGRhZTYxODliMjk3ZTFmY2VhYzBlZTE3ZGYzNDZhYmI5 YTFlNTQyZGMzNTVmYTBlM2FiMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOGpIFDV6bg2g6KApLLutoFn050nDa6khQMDYUL/1fpMZEeLxRSPitbtSMUg K2+GpD0vx+Awh07tgT/zan4tCRhyYBvFXPszILsppG5FcMV/hokYkw6+y1T3mR1A iU/PfWwSAuQx6DLcPRNdO60Yt55enh0xAhsryjiNIE6lNJblr8xDPMOEFZi9Loh4 UKnzXfznI+pfAb00Y8bT0vm1BlL4MiJsMikBuQI6vBX0Agd7sNvu7SRH8SmaKYkV HVeMMb+JnFA1lyw6AJc+WtLH5b8gbjfMxBBBTiDbz5jN4Yytpb9sHPCvQoBwwGaa s8hPcsrOV32Yh+1UdfDhImDRYMcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRAo8ic o6tptkH0xHc2KBypR2IpLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWFmOGVlNWQtMDE0OC00NjcyLWE5ZGEtYTE5ODBjZmU0NzY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DGA gDANBgkqhkiG9w0BAQsFAAOCAQEAerlKYZl1MEShfeFvPbS9sKup/YBxJXk+NJAo Uikyl39IdMvYlfzL1yLDgSjH09AfxiQLv084Okqq9aQBEjYZ9jwHcBiHU7Mz08q2 iCqXjvCgiLCeiYyYx4EkFEeSuxpzdzmqGWM7cQJVmTh+BHs0Sg2MaQYSrHSJJCdm g3R98Y2a4aeKpZuPgHnzEy0Hu8wuVSUKhbhvx6S9R4XeKY17FBXEt9pg/jW+ikSL 41uZFSohBjaxzioHrWkekulVnuisfM1WcfEwRsgBZWK4Uc5c4hmJpK5hb+bUfOCP PxI69KNHlkJUNjzabw2hwl1ZsNsKDYhFEpmGutIZOdj802UM2A== -----END CERTIFICATE-----Generated at Mon Dec 15 15:34:43 2025 by rpki-client