This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa File: 2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa (raw, json) Hash identifier: /RW9O6WkKclsspg1hqZfksYmSANU1EZhFVg5ZcQWtE8= Subject key identifier: 73:8D:7A:6F:87:C6:D5:D3:FF:6E:9F:86:10:E9:F3:0D:0A:D8:28:2F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1CF72D5806332121B79CC3C2AE37258A264B9473 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa Signing time: Sun 16 Nov 2025 00:00:05 +0000 ROA not before: Sun 16 Nov 2025 00:00:05 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d014::/35 maxlen: 35 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:f7:2d:58:06:33:21:21:b7:9c:c3:c2:ae:37:25:8a:26:4b:94:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 16 00:00:05 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=2a0954c045cc8bba3af1ddaf345f6c0b9bd94cfaaa631dff729e2e14ff6e163b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:09:ee:46:56:37:0a:f2:1d:7b:47:b0:d1:71: bc:21:84:33:14:fe:f5:03:6d:65:c9:8d:5e:bd:dc: 20:8c:74:12:d2:c0:c5:73:ef:94:43:a3:66:a4:3e: 5f:c2:47:f5:d1:46:10:49:51:3c:61:3b:e3:2a:d5: 57:93:41:0f:ac:bc:b7:d0:68:90:02:e1:02:8f:97: ef:8f:92:08:25:98:58:0c:c2:19:c2:0d:8c:14:d7: 91:f4:81:f3:fd:47:0e:57:97:14:5c:9a:ae:70:61: cd:42:e5:70:75:3c:ae:c0:3b:3d:9b:4f:ec:1b:9e: 80:56:be:5a:65:66:53:68:a8:0d:dc:2d:59:3e:73: e7:9e:3f:55:11:18:c3:68:49:03:fa:6a:d3:93:c6: a2:6c:b1:21:fe:33:5d:cf:5b:d6:c3:c9:ea:07:c1: 23:3c:fb:dd:3e:bc:1f:4f:da:d9:a5:44:95:e0:e4: fd:8b:ac:47:66:9c:56:38:b7:cc:3c:1d:fc:78:ec: be:eb:5a:a9:d1:d1:4b:9d:e6:25:e4:42:b7:5b:dc: 40:5e:e3:8a:60:7b:1d:5e:1f:9c:cf:df:3d:ec:a8: 6f:c3:f5:3d:4a:8f:75:8e:f4:f8:c9:57:ae:80:fa: e1:6c:16:e4:79:ae:24:2a:ef:4e:5e:eb:73:4c:d8: 76:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:8D:7A:6F:87:C6:D5:D3:FF:6E:9F:86:10:E9:F3:0D:0A:D8:28:2F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d014::/35 Signature Algorithm: sha256WithRSAEncryption 56:64:6a:f0:de:ff:9a:ad:af:60:a6:fa:2b:da:75:e6:27:40: 5e:5d:64:24:87:8d:40:41:3b:e2:09:39:da:66:11:fe:8f:f3: 42:b0:24:4f:f5:4f:a9:8e:85:58:a0:c6:dc:f5:4e:aa:2e:8d: fa:23:c0:9f:7b:27:bd:be:84:74:3e:6b:a4:c5:25:4d:ad:3d: 5d:98:3f:e7:9c:54:93:d0:6a:b5:74:fd:8f:77:ac:03:5f:80: 9d:36:9b:4b:6b:e7:e0:5f:c4:7a:19:ee:c5:6a:4b:80:06:94: 5e:04:a9:c5:9b:7b:6e:26:41:bd:7a:8a:3e:e5:87:11:c3:5d: 8b:eb:68:90:d4:1a:1e:f4:d2:d4:e7:26:00:2e:3f:bd:ad:e1: 7e:48:b7:c1:21:2e:50:28:ba:e2:c8:f0:47:de:91:69:a3:00: 06:f9:a1:50:5f:b1:57:a1:c2:c3:97:91:b5:17:c7:cc:d7:92: a0:95:8a:2a:49:da:e1:94:39:af:0b:4d:85:59:2b:83:83:70: 3a:ad:12:54:f8:ad:f4:ec:98:56:4d:38:4b:ce:02:cb:a3:7d: 9a:6d:5e:29:52:b0:b6:02:94:a1:60:9a:3d:dd:ae:80:a9:a6: e5:f8:47:f3:0d:57:db:b9:f8:b7:a9:db:b6:82:17:00:75:2b: 36:d4:ba:a3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHPctWAYzISG3nMPCrjcliiZLlHMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTYwMDAwMDVaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDJhMDk1NGMwNDVjYzhiYmEzYWYxZGRhZjM0NWY2YzBiOWJkOTRjZmFhYTYz MWRmZjcyOWUyZTE0ZmY2ZTE2M2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANsJ7kZWNwryHXtHsNFxvCGEMxT+9QNtZcmNXr3cIIx0EtLAxXPvlEOjZqQ+ X8JH9dFGEElRPGE74yrVV5NBD6y8t9BokALhAo+X74+SCCWYWAzCGcINjBTXkfSB 8/1HDleXFFyarnBhzULlcHU8rsA7PZtP7BuegFa+WmVmU2ioDdwtWT5z554/VREY w2hJA/pq05PGomyxIf4zXc9b1sPJ6gfBIzz73T68H0/a2aVEleDk/YusR2acVji3 zDwd/HjsvutaqdHRS53mJeRCt1vcQF7jimB7HV4fnM/fPeyob8P1PUqPdY70+MlX roD64WwW5HmuJCrvTl7rc0zYdiECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRzjXpv h8bV0/9un4YQ6fMNCtgoLzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmM1YmE2NzMtNmQ5YS00ZWYyLWI4YTAtMTFkMGRkYmYzMDJjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA MA0GCSqGSIb3DQEBCwUAA4IBAQBWZGrw3v+ara9gpvor2nXmJ0BeXWQkh41AQTvi CTnaZhH+j/NCsCRP9U+pjoVYoMbc9U6qLo36I8Cfeye9voR0PmukxSVNrT1dmD/n nFST0Gq1dP2Pd6wDX4CdNptLa+fgX8R6Ge7FakuABpReBKnFm3tuJkG9eoo+5YcR w12L62iQ1Boe9NLU5yYALj+9reF+SLfBIS5QKLriyPBH3pFpowAG+aFQX7FXocLD l5G1F8fM15KglYoqSdrhlDmvC02FWSuDg3A6rRJU+K307JhWTThLzgLLo32abV4p UrC2ApShYJo93a6Aqabl+EfzDVfbufi3qdu2ghcAdSs21Lqj -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:58 2025 by rpki-client