This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa File: 2ab74891-6199-47fc-bcde-b8022379067c.roa (raw, json) Hash identifier: Diwd9FNyCrEw5PynfOVV3rhKHloMGvc1XuptejWBcM4= Subject key identifier: 61:87:87:3C:9A:46:25:6B:B3:03:47:AE:3F:82:DA:49:03:ED:87:60 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3250813B3DDE99AE9DD73A354100822C1474476E Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa Signing time: Sat 15 Nov 2025 06:10:45 +0000 ROA not before: Sat 15 Nov 2025 06:10:45 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:50:81:3b:3d:de:99:ae:9d:d7:3a:35:41:00:82:2c:14:74:47:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:45 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=17a83eacdc045b2d34ad31ceba5baa2c3581290ad4a30eca858d727f20e83c5d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:47:69:98:18:d5:d6:52:30:7e:b7:cc:f8:55: 7d:34:ce:b7:e4:84:66:8f:97:70:b9:c0:08:c0:25: 9e:43:da:f4:ee:1a:a4:d2:31:e2:d8:58:75:e9:f5: e8:87:83:65:4c:dc:18:f9:4a:73:32:2e:99:1d:3f: 16:df:e5:6e:37:8a:9c:21:a3:2e:eb:f2:33:a3:5c: 08:03:71:ca:5c:87:01:80:74:0f:58:b3:25:9b:b1: 13:48:82:de:c1:fa:b3:4e:16:57:46:29:29:9e:06: 11:d0:f5:c9:cc:a9:3d:d8:6e:1a:35:12:c2:a1:d9: 05:e4:0e:fb:33:2a:a1:d9:3b:f2:5d:d1:60:30:22: 21:21:8c:48:22:68:80:52:5a:2d:a5:33:07:a7:08: cc:3f:61:47:8f:30:95:20:95:c9:07:c1:da:eb:3a: 92:c4:ee:6d:98:a0:b1:6a:e2:14:f7:10:98:3a:b0: bd:64:14:43:e0:b8:d4:15:04:59:68:5e:59:9c:b5: e9:e6:f4:47:87:92:ae:6c:45:44:b0:cc:ac:ae:fc: 1f:05:e3:f4:78:ae:be:fd:1a:b7:bc:0a:ee:f4:f3: 4a:99:b3:ba:9e:06:0d:9d:71:ee:08:87:45:1a:c5: 42:e1:6c:af:02:0e:3a:4d:a8:a8:35:f5:a7:8f:7b: 56:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:87:87:3C:9A:46:25:6B:B3:03:47:AE:3F:82:DA:49:03:ED:87:60 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ab74891-6199-47fc-bcde-b8022379067c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:4000::/40 Signature Algorithm: sha256WithRSAEncryption 57:c4:91:20:f6:33:27:9a:65:be:86:8d:3b:45:81:72:b3:c3: 93:d3:1e:d5:f8:d3:29:76:85:09:be:01:58:e1:5e:ad:11:90: a7:4a:79:8e:62:c2:c0:ac:2d:08:4e:94:fe:28:b0:d3:35:97: a6:d6:23:3d:cb:e6:82:e3:f5:1c:a5:34:5e:c9:e3:a1:82:d5: 40:38:d1:4c:04:0c:d8:3e:31:e7:51:e1:20:97:1a:31:6f:fb: 3d:ec:aa:87:0e:f5:e0:a8:9f:73:a5:9b:a9:66:cb:8d:9b:2d: e5:3d:14:1a:f8:24:ae:d4:5f:50:f5:15:78:c0:b7:f3:c1:e6: f5:83:00:74:a3:ff:3e:ab:04:98:ba:dd:b1:5d:8e:1f:e7:57: 7b:ae:96:65:47:09:ef:e6:51:a5:2f:33:f7:86:37:df:a1:51: e7:69:d5:7a:87:d2:a4:4f:08:a8:ee:bc:6e:60:f7:14:b6:64: 38:b7:3b:00:00:f8:ed:ab:15:56:58:8a:8b:21:b6:fc:33:9a: 78:00:73:8e:4c:cd:4d:4a:c5:b3:08:34:d5:ad:6b:22:7d:d7: 30:0a:2f:e0:55:c0:9e:26:37:e6:7a:92:c2:04:42:b8:65:27: 25:d0:e9:83:f3:30:c3:1b:10:03:f2:16:32:19:fa:44:4c:7e: 1b:39:35:6b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMlCBOz3ema6d1zo1QQCCLBR0R24wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwNDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDE3YTgzZWFjZGMwNDViMmQzNGFkMzFjZWJhNWJhYTJjMzU4MTI5MGFkNGEz MGVjYTg1OGQ3MjdmMjBlODNjNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANlHaZgY1dZSMH63zPhVfTTOt+SEZo+XcLnACMAlnkPa9O4apNIx4thYden1 6IeDZUzcGPlKczIumR0/Ft/lbjeKnCGjLuvyM6NcCANxylyHAYB0D1izJZuxE0iC 3sH6s04WV0YpKZ4GEdD1ycypPdhuGjUSwqHZBeQO+zMqodk78l3RYDAiISGMSCJo gFJaLaUzB6cIzD9hR48wlSCVyQfB2us6ksTubZigsWriFPcQmDqwvWQUQ+C41BUE WWheWZy16eb0R4eSrmxFRLDMrK78HwXj9Hiuvv0at7wK7vTzSpmzup4GDZ1x7giH RRrFQuFsrwIOOk2oqDX1p497VgkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhh4c8 mkYla7MDR64/gtpJA+2HYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmFiNzQ4OTEtNjE5OS00N2ZjLWJjZGUtYjgwMjIzNzkwNjdjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhA MA0GCSqGSIb3DQEBCwUAA4IBAQBXxJEg9jMnmmW+ho07RYFys8OT0x7V+NMpdoUJ vgFY4V6tEZCnSnmOYsLArC0ITpT+KLDTNZem1iM9y+aC4/UcpTReyeOhgtVAONFM BAzYPjHnUeEglxoxb/s97KqHDvXgqJ9zpZupZsuNmy3lPRQa+CSu1F9Q9RV4wLfz web1gwB0o/8+qwSYut2xXY4f51d7rpZlRwnv5lGlLzP3hjffoVHnadV6h9KkTwio 7rxuYPcUtmQ4tzsAAPjtqxVWWIqLIbb8M5p4AHOOTM1NSsWzCDTVrWsifdcwCi/g VcCeJjfmepLCBEK4ZScl0OmD8zDDGxAD8hYyGfpETH4bOTVr -----END CERTIFICATE-----Generated at Sat Dec 6 19:20:14 2025 by rpki-client