This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa File: 2cee858e-c572-427b-8123-23b2e05abc40.roa (raw, json) Hash identifier: QGSUEga5SVpbrw+6lM82gXsmrYkvzRNtzslQei2iPEw= Subject key identifier: 60:C2:74:7F:F9:C9:69:23:E1:B3:AF:85:B7:1E:09:2F:94:4B:C3:FF Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 4F346C050BCA14234585CC44F52B5D374C9E7E97 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa Signing time: Sat 15 Nov 2025 05:20:14 +0000 ROA not before: Sat 15 Nov 2025 05:20:14 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:34:6c:05:0b:ca:14:23:45:85:cc:44:f5:2b:5d:37:4c:9e:7e:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:14 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=90a177021da6828270ddb9fcc5cf5d6c0911f859dbae8177c0b2c04e50132cc4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5b:ea:0f:00:52:c4:04:a0:7d:2b:af:88:4c: d7:79:f8:32:a7:9a:ff:d7:70:ff:da:0f:d4:44:ab: f7:62:4b:19:12:1c:e9:a8:f7:31:d2:1e:22:bf:e6: c2:5e:b9:a4:50:cf:13:95:17:c8:9a:6a:bb:2d:85: 6f:09:84:c3:3a:ff:f3:85:0e:82:ce:2b:b0:59:42: 98:eb:b5:1d:41:6a:e1:1e:f4:e1:f5:5f:11:3e:f0: 9d:b4:d0:85:c7:46:70:e0:13:e8:1b:55:08:66:96: 8a:13:92:bf:62:e9:74:43:3e:b9:bf:80:0c:39:8d: 4c:cf:13:62:e9:24:97:f7:e2:42:e9:35:77:db:26: 04:43:8d:c3:ba:06:60:aa:7c:af:b0:b1:bf:1a:67: 63:11:99:0f:87:f7:8e:27:79:a2:f2:b5:1b:8c:06: be:db:ed:85:2e:e9:67:48:c5:9f:e9:ef:f5:0b:0b: 9d:3f:c5:99:4c:c7:98:7e:12:68:0b:fd:dd:f0:f9: b8:34:67:da:3a:13:30:90:e4:d5:59:b4:a1:ab:37: 8c:8e:3e:70:a1:60:9b:df:f8:bb:d9:12:ff:9e:40: df:8a:0c:62:f3:4a:c8:34:09:2e:6d:44:67:87:96: cb:86:95:2f:d5:e0:3a:ab:a0:3e:50:42:cd:fc:07: 0c:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:C2:74:7F:F9:C9:69:23:E1:B3:AF:85:B7:1E:09:2F:94:4B:C3:FF X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:c080::/48 Signature Algorithm: sha256WithRSAEncryption 28:39:31:e1:98:f9:30:33:3a:60:79:d4:04:3d:b2:78:c8:a2: 04:17:61:f7:8b:88:11:f7:72:22:fd:75:29:62:e0:b1:16:2b: 2f:3d:92:c0:6c:92:54:50:6b:1b:31:f2:41:d3:23:6d:c8:ba: 56:77:53:13:3a:88:54:66:ce:81:e8:dd:0f:bf:f0:90:e5:69: e5:e7:91:52:aa:70:73:28:19:0a:8a:cc:36:72:50:ec:79:06: 51:0f:cf:92:46:60:23:2b:12:99:5b:99:68:88:35:ee:c4:a5: 66:6c:61:7f:32:23:49:a0:81:4f:fa:9b:e4:7a:58:b2:a7:2d: b8:ab:ec:ef:7c:7a:a2:c5:3c:81:86:74:78:28:b6:63:b9:4d: 48:f0:c1:6e:f7:94:69:55:aa:9e:a4:d5:58:fc:c4:ca:bd:14: 9a:94:44:1f:d2:27:23:ad:8f:5d:a3:a6:0c:c1:46:a2:23:db: f2:ef:35:95:80:c0:0e:38:8b:24:5e:ab:46:ed:ce:aa:c6:a5: f1:b3:00:c2:cb:42:61:bc:b9:c9:ae:11:d7:a8:45:9f:65:9d: 59:46:76:0d:bf:23:e2:a5:26:b8:01:18:54:e4:59:af:d6:d2: 51:2b:b2:aa:c9:69:9a:e1:75:29:bd:90:da:5a:22:ca:8a:b0: f3:59:34:cf -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUTzRsBQvKFCNFhcxE9StdN0yefpcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwMTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDkwYTE3NzAyMWRhNjgyODI3MGRkYjlmY2M1Y2Y1ZDZjMDkxMWY4NTlkYmFl ODE3N2MwYjJjMDRlNTAxMzJjYzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALVb6g8AUsQEoH0rr4hM13n4Mqea/9dw/9oP1ESr92JLGRIc6aj3MdIeIr/m wl65pFDPE5UXyJpquy2FbwmEwzr/84UOgs4rsFlCmOu1HUFq4R704fVfET7wnbTQ hcdGcOAT6BtVCGaWihOSv2LpdEM+ub+ADDmNTM8TYukkl/fiQuk1d9smBEONw7oG YKp8r7CxvxpnYxGZD4f3jid5ovK1G4wGvtvthS7pZ0jFn+nv9QsLnT/FmUzHmH4S aAv93fD5uDRn2joTMJDk1Vm0oas3jI4+cKFgm9/4u9kS/55A34oMYvNKyDQJLm1E Z4eWy4aVL9XgOqugPlBCzfwHDI8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRgwnR/ +clpI+Gzr4W3HgkvlEvD/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmNlZTg1OGUtYzU3Mi00MjdiLTgxMjMtMjNiMmUwNWFiYzQwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA gDANBgkqhkiG9w0BAQsFAAOCAQEAKDkx4Zj5MDM6YHnUBD2yeMiiBBdh94uIEfdy Iv11KWLgsRYrLz2SwGySVFBrGzHyQdMjbci6VndTEzqIVGbOgejdD7/wkOVp5eeR UqpwcygZCorMNnJQ7HkGUQ/PkkZgIysSmVuZaIg17sSlZmxhfzIjSaCBT/qb5HpY sqctuKvs73x6osU8gYZ0eCi2Y7lNSPDBbveUaVWqnqTVWPzEyr0UmpREH9InI62P XaOmDMFGoiPb8u81lYDADjiLJF6rRu3Oqsal8bMAwstCYby5ya4R16hFn2WdWUZ2 Db8j4qUmuAEYVORZr9bSUSuyqslpmuF1Kb2Q2loiyoqw81k0zw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:51 2025 by rpki-client