This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json) Hash identifier: 6Apfy1k6fROOLOKUW/0VSx0b4drlm2+YCoDXqjNxyqo= Subject key identifier: 3F:40:36:69:4B:60:38:5F:A7:61:2C:E5:6E:CB:37:9D:6F:B2:3D:C5 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7FA94D89BD6659C703202AFF931BF7494BBECA19 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa Signing time: Sat 15 Nov 2025 06:40:09 +0000 ROA not before: Sat 15 Nov 2025 06:40:09 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d050:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:a9:4d:89:bd:66:59:c7:03:20:2a:ff:93:1b:f7:49:4b:be:ca:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:40:09 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=be955de7b782ecaf0da23b1061217e9fe6f76018058aa1c230b0438ab2ce07af, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:6f:e7:27:c6:94:67:66:3e:8f:99:68:a9:e8: 5a:e6:ab:2d:55:40:8f:34:3e:fa:ec:de:d5:db:d8: ec:3e:f8:b3:77:94:ec:62:36:9c:a4:97:52:bf:b2: e3:c1:b0:67:ca:52:21:98:1e:24:6d:20:62:b2:35: ad:f8:fd:c1:17:a1:2c:88:85:9a:9e:eb:59:72:48: d9:58:45:ef:36:de:58:f3:c3:45:a9:9c:7c:ab:43: 3d:3c:6b:67:fe:e0:53:48:00:7b:de:1f:2f:47:b7: 82:49:5c:02:11:60:13:df:99:24:cc:40:4a:38:39: 0a:fc:22:a8:29:94:88:e8:27:30:00:47:b5:af:87: cc:76:ee:19:ec:61:74:ab:78:ba:41:10:78:26:bf: 68:0e:ce:6b:0b:8e:e8:b0:00:dc:41:79:bc:a7:3e: 19:e3:95:04:9c:7e:80:56:6c:96:52:e6:4a:8a:2b: 28:cd:84:b9:5a:5b:8a:c0:72:84:4a:e0:01:de:58: 70:5b:b9:5c:a9:e9:97:ee:78:c8:89:7b:b1:f8:a0: a4:07:cb:5e:ce:98:e0:fb:ba:d2:51:b0:ec:82:3a: 15:02:09:6e:4d:eb:b0:6d:e9:a0:28:b2:fb:25:6a: 0d:c8:c9:1b:3a:d7:48:7f:fc:01:c4:dd:1b:b7:84: f0:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:40:36:69:4B:60:38:5F:A7:61:2C:E5:6E:CB:37:9D:6F:B2:3D:C5 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d050:9000::/40 Signature Algorithm: sha256WithRSAEncryption bf:c1:d0:f6:8d:64:8d:87:16:e2:dc:f3:62:2e:37:84:6d:9d: 08:d0:29:59:a2:87:56:7c:21:2a:0d:88:46:5b:41:13:39:ab: f8:01:9c:b4:0c:80:63:22:39:c8:76:85:44:c0:a8:e2:48:8a: 42:22:8a:eb:ab:b2:56:85:3f:20:85:88:86:55:fb:c7:1e:49: db:51:d1:11:0b:e0:bd:18:3d:40:85:5e:67:14:b9:77:57:cf: 4f:f8:30:92:42:ad:d2:c6:29:8f:4a:72:0a:75:8c:33:93:c6: 3e:69:93:08:7f:d7:95:36:f1:dd:94:2c:dd:24:6e:f9:c0:99: 2d:cc:85:82:5d:bd:37:fe:da:e5:db:94:00:ff:8e:b2:a5:7e: e9:8b:76:66:90:98:7a:56:7a:14:21:8e:d1:95:fd:aa:48:78: ff:78:7f:4e:43:4a:dd:3b:e3:87:ea:56:34:30:84:71:27:b9: 3a:46:7e:05:2c:e7:c3:da:77:5b:31:3f:d0:05:6e:0c:5f:7e: 83:f6:8f:4d:d6:3d:a8:ef:e0:28:fc:85:2d:40:b9:33:5c:0b: 75:22:f4:35:93:df:d5:8a:38:bf:bf:ec:ca:ff:3a:a7:85:95: c2:41:42:c4:d8:03:7f:d9:e9:32:ec:d3:be:80:ee:92:86:ce: c9:07:12:8d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUf6lNib1mWccDICr/kxv3SUu+yhkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjQwMDlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGJlOTU1ZGU3Yjc4MmVjYWYwZGEyM2IxMDYxMjE3ZTlmZTZmNzYwMTgwNThh YTFjMjMwYjA0MzhhYjJjZTA3YWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhv5yfGlGdmPo+ZaKnoWuarLVVAjzQ++uze1dvY7D74s3eU7GI2nKSXUr+y 48GwZ8pSIZgeJG0gYrI1rfj9wRehLIiFmp7rWXJI2VhF7zbeWPPDRamcfKtDPTxr Z/7gU0gAe94fL0e3gklcAhFgE9+ZJMxASjg5CvwiqCmUiOgnMABHta+HzHbuGexh dKt4ukEQeCa/aA7OawuO6LAA3EF5vKc+GeOVBJx+gFZsllLmSoorKM2EuVpbisBy hErgAd5YcFu5XKnpl+54yIl7sfigpAfLXs6Y4Pu60lGw7II6FQIJbk3rsG3poCiy +yVqDcjJGzrXSH/8AcTdG7eE8J0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/QDZp S2A4X6dhLOVuyzedb7I9xTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ MA0GCSqGSIb3DQEBCwUAA4IBAQC/wdD2jWSNhxbi3PNiLjeEbZ0I0ClZoodWfCEq DYhGW0ETOav4AZy0DIBjIjnIdoVEwKjiSIpCIorrq7JWhT8ghYiGVfvHHknbUdER C+C9GD1AhV5nFLl3V89P+DCSQq3SximPSnIKdYwzk8Y+aZMIf9eVNvHdlCzdJG75 wJktzIWCXb03/trl25QA/46ypX7pi3ZmkJh6VnoUIY7Rlf2qSHj/eH9OQ0rdO+OH 6lY0MIRxJ7k6Rn4FLOfD2ndbMT/QBW4MX36D9o9N1j2o7+Ao/IUtQLkzXAt1IvQ1 k9/Viji/v+zK/zqnhZXCQULE2AN/2eky7NO+gO6Shs7JBxKN -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:06 2025 by rpki-client