This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa File: 1ec007f6-6684-43b6-8751-2e5b258a98b3.roa (raw, json) Hash identifier: yM51W8rJUGTlJyymEr5aZQDXWSVBk2+4960nBn54PqY= Subject key identifier: 30:06:6C:51:74:CC:EF:08:33:F6:DC:19:89:C7:81:57:29:17:92:F4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 661E1B8E6E9A24788C71B6455B4E75270F997EF3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa Signing time: Sat 15 Nov 2025 05:41:22 +0000 ROA not before: Sat 15 Nov 2025 05:41:22 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d034:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:1e:1b:8e:6e:9a:24:78:8c:71:b6:45:5b:4e:75:27:0f:99:7e:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:41:22 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=45dd1567262b91b0bdad9ef38928d2d4317b81522cd16bf6158b4e835f8097e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:8a:2c:ba:7d:4e:eb:86:4b:1c:2f:c2:e2:cc: 55:62:ed:1a:78:87:85:e0:1d:61:41:74:22:da:eb: c5:7a:e3:0e:c7:b2:30:ef:f3:7c:aa:7d:8a:78:bf: e7:b6:ca:11:b0:71:90:86:8b:bf:69:ec:27:5c:36: fc:1f:92:ee:75:69:6f:08:4a:18:d8:53:87:d4:b1: 38:a9:f4:c0:53:e6:4d:5c:7f:07:e9:bc:68:6e:99: d9:e3:e6:2a:ab:27:d0:2c:df:96:68:64:79:29:79: bb:a5:29:17:8c:18:e9:ca:d5:18:67:e8:eb:7b:e5: 91:b8:dc:66:7e:95:f5:73:d9:9f:00:47:16:83:c0: ab:95:98:a6:b2:73:f3:ba:90:fd:15:bb:bf:13:6b: 07:1a:89:89:b0:15:ff:3e:e9:b7:ae:ba:98:c5:e5: 92:89:e6:f1:7e:18:8a:df:d4:e8:35:b0:8c:72:45: 79:08:48:20:fd:f1:92:a0:5b:07:69:58:bf:be:f3: c9:9e:6b:51:2b:f4:dd:0a:a3:12:2c:27:b6:b6:51: 37:00:b4:9e:0b:85:6c:f9:5f:da:6e:74:3d:f8:73: ff:98:a5:4f:53:69:e9:2a:b3:70:60:e5:13:de:be: 85:f1:e1:cb:b6:5a:0a:5c:0b:bc:0a:26:1b:2d:34: d1:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:06:6C:51:74:CC:EF:08:33:F6:DC:19:89:C7:81:57:29:17:92:F4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ec007f6-6684-43b6-8751-2e5b258a98b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:2000::/40 Signature Algorithm: sha256WithRSAEncryption a6:2e:c4:15:ef:25:22:46:af:2c:40:d2:9b:eb:eb:f2:b7:04: 97:5c:2b:47:b0:5b:85:ce:82:10:e1:54:27:ef:60:f4:64:84: 25:3c:0d:ed:2d:c6:59:c7:72:6c:50:01:b4:ab:4d:d3:27:48: e6:6d:1a:cc:bd:96:c5:3e:03:8a:40:8f:fb:3b:e3:5c:b8:91: 7f:be:da:e1:e3:54:0c:64:37:39:4d:2c:ca:ac:c5:5a:fc:a7: e3:62:a4:9e:6b:0d:ac:c1:9d:b7:8b:69:06:98:49:e3:8c:1c: 60:22:34:da:8c:ec:9c:20:00:14:db:5c:f5:51:6b:98:20:92: 48:76:aa:3e:a9:6e:db:89:47:54:32:f2:40:31:78:97:e9:98: 1f:c8:cd:e6:19:ee:cf:84:2b:4f:97:a2:b0:8b:b8:60:21:94: 86:c3:f9:84:53:35:a7:06:de:f3:fb:fd:08:14:e6:24:b9:b5: 2b:ee:f4:c0:2e:a8:1b:02:c0:36:0a:33:b1:bd:3e:87:57:f4: 62:98:f7:4a:9e:3c:29:a4:e6:4e:75:b5:29:b4:69:b2:5d:2a: 40:74:61:15:8a:af:4f:0d:5f:f0:80:f9:aa:f4:b8:4c:34:14: b4:5a:a8:59:59:82:58:92:8f:bf:2a:e9:1a:13:c7:b9:a4:71: 13:7e:32:e3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZh4bjm6aJHiMcbZFW051Jw+ZfvMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQxMjJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ1ZGQxNTY3MjYyYjkxYjBiZGFkOWVmMzg5MjhkMmQ0MzE3YjgxNTIyY2Qx NmJmNjE1OGI0ZTgzNWY4MDk3ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKWKLLp9TuuGSxwvwuLMVWLtGniHheAdYUF0ItrrxXrjDseyMO/zfKp9ini/ 57bKEbBxkIaLv2nsJ1w2/B+S7nVpbwhKGNhTh9SxOKn0wFPmTVx/B+m8aG6Z2ePm Kqsn0CzflmhkeSl5u6UpF4wY6crVGGfo63vlkbjcZn6V9XPZnwBHFoPAq5WYprJz 87qQ/RW7vxNrBxqJibAV/z7pt666mMXlkonm8X4Yit/U6DWwjHJFeQhIIP3xkqBb B2lYv77zyZ5rUSv03QqjEiwntrZRNwC0nguFbPlf2m50Pfhz/5ilT1Np6SqzcGDl E96+hfHhy7ZaClwLvAomGy000SMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwBmxR dMzvCDP23BmJx4FXKReS9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWVjMDA3ZjYtNjY4NC00M2I2LTg3NTEtMmU1YjI1OGE5OGIzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DQg MA0GCSqGSIb3DQEBCwUAA4IBAQCmLsQV7yUiRq8sQNKb6+vytwSXXCtHsFuFzoIQ 4VQn72D0ZIQlPA3tLcZZx3JsUAG0q03TJ0jmbRrMvZbFPgOKQI/7O+NcuJF/vtrh 41QMZDc5TSzKrMVa/KfjYqSeaw2swZ23i2kGmEnjjBxgIjTajOycIAAU21z1UWuY IJJIdqo+qW7biUdUMvJAMXiX6ZgfyM3mGe7PhCtPl6Kwi7hgIZSGw/mEUzWnBt7z +/0IFOYkubUr7vTALqgbAsA2CjOxvT6HV/RimPdKnjwppOZOdbUptGmyXSpAdGEV iq9PDV/wgPmq9LhMNBS0WqhZWYJYko+/KukaE8e5pHETfjLj -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:26 2025 by rpki-client