This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef3372e-f216-40b8-b019-7230e30b3283.roa File: 1ef3372e-f216-40b8-b019-7230e30b3283.roa (raw, json) Hash identifier: I63lR/QPdtQ96U3mwEWERJzVD7gTY/aNv2MR/kXUNkc= Subject key identifier: 4B:44:9E:8B:D7:07:21:09:72:A9:D7:63:CB:89:1D:12:7D:C4:F6:65 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1525D4D981A83460CA33A88E97BC5196DE4792BE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef3372e-f216-40b8-b019-7230e30b3283.roa Signing time: Sun 23 Nov 2025 01:30:47 +0000 ROA not before: Sun 23 Nov 2025 01:30:47 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:25:d4:d9:81:a8:34:60:ca:33:a8:8e:97:bc:51:96:de:47:92:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:47 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=e5a98805f24160b5fbe130182e343e311159fc07e4dd46aea9aa9215d6430344, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:36:aa:79:32:17:68:39:74:00:7f:d1:41:ae: c6:19:83:d9:5a:71:48:99:75:65:23:af:b9:36:9c: b9:ed:9a:89:78:d2:59:29:37:00:60:cf:53:d0:b7: f6:0a:54:ce:d9:64:f9:f6:65:85:2f:2b:29:31:08: 60:e9:ea:74:f7:39:59:92:d7:71:fb:ea:98:76:95: 62:7c:07:1f:74:16:4f:40:c4:1a:c0:cb:dd:35:48: f2:f3:7b:2e:7b:5f:30:bb:27:17:90:30:0d:9a:5e: 18:21:a3:7e:d3:12:5e:f8:bc:f3:71:5b:0f:66:82: ee:1b:b2:4c:48:02:e3:2e:8a:db:eb:8b:6f:73:46: eb:9e:2d:52:d0:f1:96:e4:9c:7b:af:b9:50:9e:cc: ab:de:b1:0b:2d:a8:58:1f:f2:82:3c:4a:83:08:2b: 59:40:79:c6:c0:92:ff:db:15:ff:da:85:9b:7b:36: 50:a1:5c:4c:51:79:ad:7a:b3:87:c5:fd:8d:03:11: e5:ba:d0:d9:e6:60:89:33:ca:eb:af:75:76:b5:21: 32:69:e7:58:ee:78:18:24:51:e0:20:3f:de:f6:27: a9:8b:e7:7d:37:23:02:50:b6:f4:f4:5f:15:6f:fa: 16:48:36:83:27:0a:db:3b:aa:40:5c:cf:07:72:1e: e0:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:44:9E:8B:D7:07:21:09:72:A9:D7:63:CB:89:1D:12:7D:C4:F6:65 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef3372e-f216-40b8-b019-7230e30b3283.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 7b:53:5f:78:3b:93:69:46:17:14:98:f8:e9:a1:88:56:c0:1d: 04:df:2a:7d:f6:ff:0e:5c:72:a1:1f:cb:50:1c:35:a3:3e:0a: 90:87:63:30:fe:68:77:c8:10:1d:b8:0f:79:cb:07:80:0d:95: 0b:33:23:85:7e:92:bc:06:fc:2e:61:f5:98:76:69:a3:18:c8: bf:01:c2:62:e2:90:60:a2:d2:11:9b:a3:27:11:0c:bc:9c:1c: 87:bd:20:57:33:81:7c:5a:d8:22:94:74:49:0f:3a:54:f8:d2: aa:72:b4:67:2b:66:7b:35:5c:b6:ef:f7:49:af:49:38:d6:21: 5a:32:f8:86:63:bc:56:6f:ea:7f:d1:9d:f9:f7:dd:ed:4a:a1: fe:cb:2a:14:bd:49:3b:a9:83:a6:49:0a:8f:f9:dc:38:61:f6: d6:30:1e:18:73:6c:99:71:7a:77:b7:98:7c:2c:08:68:56:70: 82:d3:df:d5:26:00:4e:7d:5f:1a:ed:e4:c4:6c:5e:66:08:02: 9e:fb:8b:0f:6f:7f:0a:1a:8a:7d:16:0e:a1:17:a1:dc:b4:26: 40:80:8e:16:bb:db:fa:9f:1d:fc:3c:7f:49:c6:76:c8:46:27: 65:10:e7:19:0b:25:64:73:7f:c4:7d:be:17:9a:63:85:a6:39: d0:f9:6e:de -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUFSXU2YGoNGDKM6iOl7xRlt5Hkr4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwNDdaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGU1YTk4ODA1ZjI0MTYwYjVmYmUxMzAxODJlMzQzZTMxMTE1OWZjMDdlNGRk NDZhZWE5YWE5MjE1ZDY0MzAzNDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJw2qnkyF2g5dAB/0UGuxhmD2VpxSJl1ZSOvuTacue2aiXjSWSk3AGDPU9C3 9gpUztlk+fZlhS8rKTEIYOnqdPc5WZLXcfvqmHaVYnwHH3QWT0DEGsDL3TVI8vN7 LntfMLsnF5AwDZpeGCGjftMSXvi883FbD2aC7huyTEgC4y6K2+uLb3NG654tUtDx luSce6+5UJ7Mq96xCy2oWB/ygjxKgwgrWUB5xsCS/9sV/9qFm3s2UKFcTFF5rXqz h8X9jQMR5brQ2eZgiTPK6691drUhMmnnWO54GCRR4CA/3vYnqYvnfTcjAlC29PRf FW/6Fkg2gycK2zuqQFzPB3Ie4G0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRLRJ6L 1wchCXKp12PLiR0SfcT2ZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MWVmMzM3MmUtZjIxNi00MGI4LWIwMTktNzIzMGUzMGIzMjgzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gog wDANBgkqhkiG9w0BAQsFAAOCAQEAe1NfeDuTaUYXFJj46aGIVsAdBN8qffb/Dlxy oR/LUBw1oz4KkIdjMP5od8gQHbgPecsHgA2VCzMjhX6SvAb8LmH1mHZpoxjIvwHC YuKQYKLSEZujJxEMvJwch70gVzOBfFrYIpR0SQ86VPjSqnK0ZytmezVctu/3Sa9J ONYhWjL4hmO8Vm/qf9Gd+ffd7Uqh/ssqFL1JO6mDpkkKj/ncOGH21jAeGHNsmXF6 d7eYfCwIaFZwgtPf1SYATn1fGu3kxGxeZggCnvuLD29/ChqKfRYOoReh3LQmQICO Frvb+p8d/Dx/ScZ2yEYnZRDnGQslZHN/xH2+F5pjhaY50Plu3g== -----END CERTIFICATE-----Generated at Sat Dec 6 21:48:01 2025 by rpki-client