This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa File: 2f449809-abd8-4202-adc3-ce8dd1767b62.roa (raw, json) Hash identifier: G3VYs5CvzBlbLKvsYq+lfsP72UG723gDtGaMOkB8Lf8= Subject key identifier: C2:99:4E:9C:55:F7:D0:1E:16:64:7C:A3:20:84:21:C1:57:15:26:D9 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 43D1EC91149896F970D666E009E6B41777D79DA4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa Signing time: Sat 15 Nov 2025 05:20:14 +0000 ROA not before: Sat 15 Nov 2025 05:20:14 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:d1:ec:91:14:98:96:f9:70:d6:66:e0:09:e6:b4:17:77:d7:9d:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:14 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f6fda0dfaab8b4e83cc334c81f1146f6466918eb1061e48e6da097b33aaf6b8b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e8:1c:ca:5d:22:51:98:d8:5f:61:54:cd:f1: a3:1c:a9:43:fe:4d:64:61:56:fe:b4:9c:b6:05:0f: 71:13:a4:28:ce:0f:32:09:7d:3b:e1:5c:e4:9e:83: cf:d0:81:a2:1f:1b:cf:11:ba:3b:a1:08:8c:45:81: ea:09:e7:93:30:c5:79:c8:79:e3:61:7e:a6:21:28: a5:8a:5f:0c:12:d4:a5:21:4d:b2:86:a2:74:66:57: 30:e0:89:b2:0b:69:93:9f:2a:16:6d:1f:4c:a7:ad: 31:be:46:8d:6e:5d:fd:ae:af:20:0c:be:98:13:ab: 02:aa:82:55:a9:13:17:30:69:55:57:f1:4f:28:6e: 7c:62:5d:05:96:2f:8f:37:93:30:67:dd:4b:c4:13: fd:76:3c:f3:e5:50:79:ef:92:02:43:66:02:87:e8: 74:27:f8:d7:e2:dd:60:cb:99:72:2c:4e:3e:6f:82: 64:29:12:7a:65:77:01:e5:89:0e:bd:92:eb:af:07: bb:85:b8:3d:3b:07:82:6e:f9:fb:8a:d2:93:39:0e: 27:02:57:46:fb:ea:e1:95:f9:a2:2f:03:e6:b1:e5: a3:35:43:80:94:cd:32:b1:24:4e:38:29:09:26:d4: 1a:c5:c1:cd:fa:24:c7:e7:3f:d4:5d:52:ef:69:c2: bc:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:99:4E:9C:55:F7:D0:1E:16:64:7C:A3:20:84:21:C1:57:15:26:D9 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2f449809-abd8-4202-adc3-ce8dd1767b62.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:5000::/40 Signature Algorithm: sha256WithRSAEncryption 6e:a6:b7:43:4c:77:3b:d9:e9:3b:e8:9a:a8:08:53:e7:cb:ce: d5:c7:a2:98:19:35:be:7e:13:3a:44:5f:0e:80:44:bf:dc:af: 90:34:8d:8a:64:2d:6f:f2:31:d1:4d:ea:e5:18:f6:96:4f:22: b7:8c:fa:e5:49:5e:71:bc:69:a2:bb:b0:6e:41:a9:90:97:1f: 32:c1:44:4f:63:99:bf:d3:4f:25:95:64:2c:4e:89:db:1a:61: 1e:68:74:4f:5f:b6:0a:cb:7e:bc:ba:a1:71:d9:ad:3b:b4:a5: 40:58:c3:5c:4a:41:27:80:5d:4a:81:73:db:de:6c:ad:99:23: 19:ac:7b:58:71:63:0a:85:37:2d:42:cb:be:5f:c8:fc:aa:3e: b4:4c:27:22:5d:6b:86:7b:e2:cf:e0:31:b2:52:b4:4e:f5:55: 53:a8:a8:48:6d:08:ec:5f:2d:ad:89:ac:04:44:95:e4:53:b4: 5b:5f:84:cd:bd:af:84:24:ae:3c:67:33:bb:39:00:87:01:c2: ea:29:6b:d4:0f:0b:d3:f4:13:1a:1a:02:8f:60:dd:09:a7:dc: 06:13:5e:07:f0:5c:33:1f:24:d9:3f:5a:74:33:4e:75:ac:1a: 26:ac:5d:93:c1:77:d4:0c:e2:b3:05:3f:01:8f:fa:aa:5f:70: aa:4f:4b:c2 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUQ9HskRSYlvlw1mbgCea0F3fXnaQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwMTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGY2ZmRhMGRmYWFiOGI0ZTgzY2MzMzRjODFmMTE0NmY2NDY2OTE4ZWIxMDYx ZTQ4ZTZkYTA5N2IzM2FhZjZiOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOLoHMpdIlGY2F9hVM3xoxypQ/5NZGFW/rSctgUPcROkKM4PMgl9O+Fc5J6D z9CBoh8bzxG6O6EIjEWB6gnnkzDFech542F+piEopYpfDBLUpSFNsoaidGZXMOCJ sgtpk58qFm0fTKetMb5GjW5d/a6vIAy+mBOrAqqCVakTFzBpVVfxTyhufGJdBZYv jzeTMGfdS8QT/XY88+VQee+SAkNmAofodCf41+LdYMuZcixOPm+CZCkSemV3AeWJ Dr2S668Hu4W4PTsHgm75+4rSkzkOJwJXRvvq4ZX5oi8D5rHlozVDgJTNMrEkTjgp CSbUGsXBzfokx+c/1F1S72nCvHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTCmU6c VffQHhZkfKMghCHBVxUm2TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MmY0NDk4MDktYWJkOC00MjAyLWFkYzMtY2U4ZGQxNzY3YjYyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DhQ MA0GCSqGSIb3DQEBCwUAA4IBAQBuprdDTHc72ek76JqoCFPny87Vx6KYGTW+fhM6 RF8OgES/3K+QNI2KZC1v8jHRTerlGPaWTyK3jPrlSV5xvGmiu7BuQamQlx8ywURP Y5m/008llWQsTonbGmEeaHRPX7YKy368uqFx2a07tKVAWMNcSkEngF1KgXPb3myt mSMZrHtYcWMKhTctQsu+X8j8qj60TCciXWuGe+LP4DGyUrRO9VVTqKhIbQjsXy2t iawERJXkU7RbX4TNva+EJK48ZzO7OQCHAcLqKWvUDwvT9BMaGgKPYN0Jp9wGE14H 8FwzHyTZP1p0M051rBomrF2TwXfUDOKzBT8Bj/qqX3CqT0vC -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:49 2025 by rpki-client