This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa File: 25d38479-752d-418e-a4fb-397c5aa432f8.roa (raw, json) Hash identifier: VJYwxT/hxeHDKl0gmnzZ9w+S43Umv9YshiUKewBytTU= Subject key identifier: F5:93:BD:74:4E:CB:55:A2:C8:74:61:A6:BE:F1:6C:B0:7E:FA:73:52 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 770BAF6FA72370B3B1BD2FEB37905196765B3198 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa Signing time: Wed 12 Nov 2025 03:00:04 +0000 ROA not before: Wed 12 Nov 2025 03:00:04 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:0b:af:6f:a7:23:70:b3:b1:bd:2f:eb:37:90:51:96:76:5b:31:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 12 03:00:04 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=484593729439be673f4745cdd240ea9b3e6ce39d2b8d0c9b278071a0f77b0474, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ba:be:5c:b2:76:fc:2d:3d:bf:90:54:52:e1: 2f:7e:46:fd:15:82:8b:ba:b2:13:15:1a:89:a8:c3: f4:bb:51:f0:0d:d5:fe:e2:e4:96:7c:e5:5a:6c:81: 62:f4:81:f5:49:98:0a:e2:a6:05:69:f9:68:7e:89: 20:1a:8e:8e:f9:0d:f4:99:4b:cc:80:a8:5b:5b:a6: 49:ef:57:28:d2:e2:35:e1:e6:74:32:67:aa:68:8b: 21:cb:55:9d:05:f2:11:64:a1:4d:e5:c0:de:9c:2a: 94:6a:a8:77:3e:01:e7:34:e3:54:99:e5:fc:06:59: e1:7c:f6:9d:4d:1c:c9:09:c7:70:1f:b6:35:af:9d: e5:b8:9c:ab:e7:fe:cc:75:86:90:c9:10:ac:34:6e: cb:a2:20:18:8e:be:d8:46:9d:50:df:c4:da:7a:de: 56:1e:82:3c:0f:be:c4:dc:f3:8f:e3:5c:c2:e3:b8: 6d:d3:59:f5:53:6b:c2:ab:40:da:6c:ec:31:c6:47: 71:02:40:00:75:ef:58:87:f2:56:7d:65:9d:ff:c2: 3c:49:17:61:fd:8f:c4:70:37:d2:81:79:54:97:18: 07:bd:34:7d:e0:76:96:b1:28:f2:05:0a:81:55:8a: 49:47:ec:25:10:44:c2:bd:6c:34:e5:02:83:99:2f: e1:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:93:BD:74:4E:CB:55:A2:C8:74:61:A6:BE:F1:6C:B0:7E:FA:73:52 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:800::/40 Signature Algorithm: sha256WithRSAEncryption 26:f6:2a:8e:eb:ad:0e:2b:70:1a:fd:2f:3f:7b:26:7e:5a:d1: 82:5e:15:37:37:f2:dc:57:3c:05:61:71:34:ef:a9:1a:1a:3c: fa:2a:5e:f7:11:e2:dd:24:fb:d1:8c:9b:11:96:f5:16:8e:7a: f3:fd:8a:6c:94:13:2d:b2:cf:7f:1f:4f:f3:ee:d2:37:a7:03: 44:58:c3:4b:38:0c:60:18:76:34:52:32:51:65:8f:b7:80:e3: 70:7b:37:56:45:d9:00:96:6a:f6:7d:da:4b:d4:60:db:90:60: 29:58:87:33:5f:d1:40:80:ac:21:c9:ec:3e:0a:bc:59:82:e8: fc:2f:8f:35:d0:64:f3:82:32:71:60:38:44:2d:cd:0e:9b:1b: f0:07:9d:85:ab:7d:ee:d9:9c:29:41:f6:6b:37:28:5d:29:db: ed:54:24:8e:0d:28:0a:18:75:3c:b6:72:24:ff:3c:91:b0:b7: 24:77:7d:28:88:c7:49:ab:1c:26:0b:6d:06:96:c5:52:20:38: f1:ea:c7:1a:2f:a4:a0:a0:62:83:ee:0c:ce:73:ee:5b:65:0f: 8b:18:36:82:96:a0:66:37:c0:57:e5:f2:03:21:c5:2d:62:d8: f2:d7:12:00:a8:54:ad:e2:59:cd:6e:01:f4:48:be:db:55:c5: d7:43:de:73 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUdwuvb6cjcLOxvS/rN5BRlnZbMZgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTIwMzAwMDRaFw0yNTEyMTcyMzU5NTlaMHoxSTBHBgNV BAUTQDQ4NDU5MzcyOTQzOWJlNjczZjQ3NDVjZGQyNDBlYTliM2U2Y2UzOWQyYjhk MGM5YjI3ODA3MWEwZjc3YjA0NzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALW6vlyydvwtPb+QVFLhL35G/RWCi7qyExUaiajD9LtR8A3V/uLklnzlWmyB YvSB9UmYCuKmBWn5aH6JIBqOjvkN9JlLzICoW1umSe9XKNLiNeHmdDJnqmiLIctV nQXyEWShTeXA3pwqlGqodz4B5zTjVJnl/AZZ4Xz2nU0cyQnHcB+2Na+d5bicq+f+ zHWGkMkQrDRuy6IgGI6+2EadUN/E2nreVh6CPA++xNzzj+NcwuO4bdNZ9VNrwqtA 2mzsMcZHcQJAAHXvWIfyVn1lnf/CPEkXYf2PxHA30oF5VJcYB700feB2lrEo8gUK gVWKSUfsJRBEwr1sNOUCg5kv4cECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1k710 TstVosh0Yaa+8WywfvpzUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MjVkMzg0NzktNzUyZC00MThlLWE0ZmItMzk3YzVhYTQzMmY4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DII MA0GCSqGSIb3DQEBCwUAA4IBAQAm9iqO660OK3Aa/S8/eyZ+WtGCXhU3N/LcVzwF YXE076kaGjz6Kl73EeLdJPvRjJsRlvUWjnrz/YpslBMtss9/H0/z7tI3pwNEWMNL OAxgGHY0UjJRZY+3gONwezdWRdkAlmr2fdpL1GDbkGApWIczX9FAgKwhyew+CrxZ guj8L4810GTzgjJxYDhELc0OmxvwB52Fq33u2ZwpQfZrNyhdKdvtVCSODSgKGHU8 tnIk/zyRsLckd30oiMdJqxwmC20GlsVSIDjx6scaL6SgoGKD7gzOc+5bZQ+LGDaC lqBmN8BX5fIDIcUtYtjy1xIAqFSt4lnNbgH0SL7bVcXXQ95z -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:29 2025 by rpki-client