This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa File: 28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa (raw, json) Hash identifier: yqjueqG9cF0NEVI0utT9+UPlPIoTEbpSQXIGXr1FRTg= Subject key identifier: 6F:F5:A3:9F:7F:3A:19:C3:71:20:43:10:E3:9F:CB:11:DF:24:0D:8A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 42642933B61B681191FBBEF83381919B1393A540 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa Signing time: Sat 15 Nov 2025 06:31:03 +0000 ROA not before: Sat 15 Nov 2025 06:31:03 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:80e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:64:29:33:b6:1b:68:11:91:fb:be:f8:33:81:91:9b:13:93:a5:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:31:03 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b17ad9e19c70c2b782254a0c318d1988db3ea1a9ad488a3c4c8b68b734ff1a6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d7:fd:24:c5:59:09:d3:5a:2d:5b:99:f2:25: bc:c6:08:35:1e:e2:6e:16:04:b4:6c:78:65:c3:15: 9a:28:c0:75:6b:35:f5:7d:95:2c:f6:a3:64:17:2e: eb:f6:e7:b2:a6:fa:43:b9:45:a5:2e:97:01:c0:1d: 53:e9:51:46:68:9e:5f:51:22:e2:e9:d7:cf:45:95: 77:6d:42:78:a3:02:ca:d7:fc:cc:5a:91:bb:d0:80: bf:3d:6f:89:32:d3:98:7d:c4:70:c1:2d:8a:d9:7c: b8:79:a8:a3:ac:fc:79:4a:a1:0c:4d:23:48:45:6c: 73:0d:69:04:3a:28:ce:d4:05:c6:3f:84:ca:92:18: ab:bb:71:a2:a3:15:09:69:f5:d7:5f:61:d1:c1:b1: ea:2e:c3:a4:e6:f5:d2:46:4c:7b:72:59:42:d2:de: 47:6c:3e:46:4d:85:ed:a0:14:6c:cf:5d:56:68:39: c0:92:30:7e:9b:09:55:db:01:a3:ee:06:1a:3f:2d: 8b:87:c3:69:25:8b:6d:41:f0:2b:94:09:8e:cf:da: 05:f3:48:bb:69:e0:94:64:dc:e0:09:b8:2f:23:44: fb:50:a5:6d:22:6a:07:4e:d6:21:e2:cb:82:a2:cb: b4:e1:b5:76:06:7d:fb:ac:44:be:49:b1:1d:3b:01: d1:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:F5:A3:9F:7F:3A:19:C3:71:20:43:10:E3:9F:CB:11:DF:24:0D:8A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/28fc43ad-0c3b-4d77-aa32-5efc431e69c3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:80e0::/48 Signature Algorithm: sha256WithRSAEncryption 01:dc:79:5c:1e:9e:cb:6d:a4:c2:44:8a:f1:c2:95:5d:65:7a: 46:5a:e4:ef:a3:33:76:ae:d5:24:75:8a:65:e8:03:ef:9e:20: 74:60:c4:73:99:6e:bf:70:59:9c:3a:80:ce:69:e7:42:f0:0b: 7e:cc:aa:a5:7d:7e:72:41:37:af:e8:89:da:0d:ce:15:b1:36: b4:7b:12:07:d2:c0:f8:8c:34:95:23:ab:40:32:b1:fb:f9:03: 82:7d:a1:69:ef:a9:ac:84:41:85:57:e8:70:f5:5c:62:c4:8d: f9:77:5b:54:f6:be:4b:c2:12:f2:7f:4f:1c:6a:8c:ef:48:c8: 40:78:5d:cf:fc:e6:72:87:05:14:fe:39:40:6e:ee:c0:ef:9e: d7:18:f5:78:bf:e4:9a:f8:30:a7:5b:3e:30:9e:c6:b4:60:3a: d8:27:4c:5d:76:8c:0c:77:33:54:31:9f:8e:f2:84:25:65:4e: 03:c6:0f:08:d8:67:fc:77:8b:cb:60:aa:da:27:74:1c:f8:2d: b8:2e:dd:60:f0:3d:23:90:22:9f:b4:30:83:4b:ba:ea:67:70: 58:d2:43:6e:da:16:70:09:78:8b:ce:2a:0b:b2:1e:56:22:92: 09:b0:ec:ab:87:27:ea:97:35:8c:be:b7:34:71:59:2c:49:ab: 02:a9:f2:0a -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUQmQpM7YbaBGR+774M4GRmxOTpUAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMxMDNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGIxN2FkOWUxOWM3MGMyYjc4MjI1NGEwYzMxOGQxOTg4ZGIzZWExYTlhZDQ4 OGEzYzRjOGI2OGI3MzRmZjFhNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM7X/STFWQnTWi1bmfIlvMYINR7ibhYEtGx4ZcMVmijAdWs19X2VLPajZBcu 6/bnsqb6Q7lFpS6XAcAdU+lRRmieX1Ei4unXz0WVd21CeKMCytf8zFqRu9CAvz1v iTLTmH3EcMEtitl8uHmoo6z8eUqhDE0jSEVscw1pBDooztQFxj+EypIYq7txoqMV CWn1119h0cGx6i7DpOb10kZMe3JZQtLeR2w+Rk2F7aAUbM9dVmg5wJIwfpsJVdsB o+4GGj8ti4fDaSWLbUHwK5QJjs/aBfNIu2nglGTc4Am4LyNE+1ClbSJqB07WIeLL gqLLtOG1dgZ9+6xEvkmxHTsB0Z0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRv9aOf fzoZw3EgQxDjn8sR3yQNijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MjhmYzQzYWQtMGMzYi00ZDc3LWFhMzItNWVmYzQzMWU2OWMzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A 4DANBgkqhkiG9w0BAQsFAAOCAQEAAdx5XB6ey22kwkSK8cKVXWV6Rlrk76Mzdq7V JHWKZegD754gdGDEc5luv3BZnDqAzmnnQvALfsyqpX1+ckE3r+iJ2g3OFbE2tHsS B9LA+Iw0lSOrQDKx+/kDgn2hae+prIRBhVfocPVcYsSN+XdbVPa+S8IS8n9PHGqM 70jIQHhdz/zmcocFFP45QG7uwO+e1xj1eL/kmvgwp1s+MJ7GtGA62CdMXXaMDHcz VDGfjvKEJWVOA8YPCNhn/HeLy2Cq2id0HPgtuC7dYPA9I5Ain7Qwg0u66mdwWNJD btoWcAl4i84qC7IeViKSCbDsq4cn6pc1jL63NHFZLEmrAqnyCg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:07 2025 by rpki-client