This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa File: 25d38479-752d-418e-a4fb-397c5aa432f8.roa (raw, json) Hash identifier: 8p6lyAm1Tw9vwjJK5kEi9I+F5AVpnZluxw3uSgk0324= Subject key identifier: 87:A8:E8:3F:52:4E:5D:81:E0:0D:AB:73:0B:B2:F9:75:5F:E8:4F:E9 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: B4B5C92F5F1F0F60E3B9351F68E62DBEC9C4CD Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa Signing time: Sun 07 Dec 2025 03:00:06 +0000 ROA not before: Sun 07 Dec 2025 03:00:06 +0000 ROA not after: Sat 07 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: b4:b5:c9:2f:5f:1f:0f:60:e3:b9:35:1f:68:e6:2d:be:c9:c4:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 7 03:00:06 2025 GMT Not After : Mar 7 23:59:59 2026 GMT Subject: serialNumber=c616db1bd30a0f21ebe7cc3a7786dc6463015f3dba5a3459f08040956c29a3bf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:aa:4b:26:3a:0e:65:02:e9:7f:e1:24:c1:b2: 6e:d0:7d:26:6f:df:cf:10:69:64:c4:a9:5c:cb:f0: 6a:47:23:07:90:f3:2a:cf:05:93:41:60:79:3f:eb: bc:9a:cc:2a:59:b1:18:b2:08:2f:03:c7:70:24:3a: 34:94:97:92:3b:0e:08:6a:f4:40:72:05:72:a0:71: e4:32:f6:bf:49:8b:74:b3:98:77:67:25:38:9a:58: b1:4a:ed:01:37:4f:36:f5:40:52:34:61:c5:0e:1f: 60:4c:ef:13:24:44:65:e6:72:9a:e3:cf:b6:53:04: e8:0d:e1:15:e9:56:bc:ff:21:d1:01:3e:a3:a3:ac: a7:0a:05:93:5f:14:96:0d:77:ec:de:64:4b:6f:97: 23:b4:a3:12:51:bc:d8:fb:4c:02:5f:e8:7a:08:c0: fc:00:80:0e:90:19:b6:39:4f:cd:ff:ae:ac:c0:51: 69:ac:03:d5:40:d3:45:99:96:4c:4e:74:7c:18:9c: 0d:b7:29:62:b5:72:7b:46:55:3c:06:b1:db:ce:7a: f4:8a:89:4e:0c:ac:f3:b1:46:97:27:03:14:f3:97: 01:04:b5:ed:cb:95:ce:bb:22:31:55:9e:b4:3c:9b: 7b:ed:92:2b:ff:e1:5d:9f:71:71:f6:0e:f6:e3:60: be:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:A8:E8:3F:52:4E:5D:81:E0:0D:AB:73:0B:B2:F9:75:5F:E8:4F:E9 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:800::/40 Signature Algorithm: sha256WithRSAEncryption 6e:84:41:de:8d:86:78:35:87:6c:fa:3e:d5:d8:5a:e6:c8:d5: 7f:66:d1:ca:ed:82:a2:2f:a2:08:a4:8b:fd:37:20:35:96:2c: 8a:19:c2:f7:0f:28:d0:0f:6d:06:08:82:64:df:e6:56:5d:b8: a2:b0:5f:34:71:b3:29:35:2f:9b:bb:e2:b4:ca:b0:45:0e:24: 61:a7:4f:50:48:19:17:71:12:74:d4:be:4a:e7:2f:37:07:23: d4:ef:83:6f:a5:2e:b5:75:6b:18:30:a5:57:04:12:1f:1e:b4: 1d:3c:d7:4a:28:d3:49:c6:df:6f:7f:4d:37:7d:71:1e:06:cd: 2c:d3:b0:43:26:9d:13:e9:a6:62:d8:29:30:ea:9a:20:d7:fd: 53:50:26:64:3b:3a:34:f4:59:1c:13:bb:56:2a:be:35:19:9e: e5:10:75:33:90:4e:11:3f:80:1a:cc:63:40:d8:fb:d3:e7:82: ab:b6:65:65:12:39:1d:66:fb:c6:b1:55:61:5e:78:63:0f:3f: c8:fe:88:e5:87:21:3c:5b:8a:02:2f:f7:ca:a1:49:22:c6:d8: 8b:c6:68:50:3a:5e:4c:7d:0d:36:bb:2c:92:7c:51:32:6e:8a: ff:cc:8a:88:42:54:42:a0:dc:59:41:f4:d7:0d:6c:1a:52:80: 30:9b:7a:26 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUALS1yS9fHw9g47k1H2jmLb7JxM0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDcwMzAwMDZaFw0yNjAzMDcyMzU5NTlaMHoxSTBHBgNV BAUTQGM2MTZkYjFiZDMwYTBmMjFlYmU3Y2MzYTc3ODZkYzY0NjMwMTVmM2RiYTVh MzQ1OWYwODA0MDk1NmMyOWEzYmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKSqSyY6DmUC6X/hJMGybtB9Jm/fzxBpZMSpXMvwakcjB5DzKs8Fk0FgeT/r vJrMKlmxGLIILwPHcCQ6NJSXkjsOCGr0QHIFcqBx5DL2v0mLdLOYd2clOJpYsUrt ATdPNvVAUjRhxQ4fYEzvEyREZeZymuPPtlME6A3hFelWvP8h0QE+o6OspwoFk18U lg137N5kS2+XI7SjElG82PtMAl/oegjA/ACADpAZtjlPzf+urMBRaawD1UDTRZmW TE50fBicDbcpYrVye0ZVPAax28569IqJTgys87FGlycDFPOXAQS17cuVzrsiMVWe tDybe+2SK//hXZ9xcfYO9uNgvg8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSHqOg/ Uk5dgeANq3MLsvl1X+hP6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MjVkMzg0NzktNzUyZC00MThlLWE0ZmItMzk3YzVhYTQzMmY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DII MA0GCSqGSIb3DQEBCwUAA4IBAQBuhEHejYZ4NYds+j7V2FrmyNV/ZtHK7YKiL6II pIv9NyA1liyKGcL3DyjQD20GCIJk3+ZWXbiisF80cbMpNS+bu+K0yrBFDiRhp09Q SBkXcRJ01L5K5y83ByPU74NvpS61dWsYMKVXBBIfHrQdPNdKKNNJxt9vf003fXEe Bs0s07BDJp0T6aZi2Ckw6pog1/1TUCZkOzo09FkcE7tWKr41GZ7lEHUzkE4RP4Aa zGNA2PvT54KrtmVlEjkdZvvGsVVhXnhjDz/I/ojlhyE8W4oCL/fKoUkixtiLxmhQ Ol5MfQ02uyySfFEybor/zIqIQlRCoNxZQfTXDWwaUoAwm3om -----END CERTIFICATE-----Generated at Mon Dec 15 15:30:30 2025 by rpki-client