This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa File: 3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa (raw, json) Hash identifier: nGPlBnlc+UuDMLtZJmYF1YgFsulfUKeFygwjNZaClOk= Subject key identifier: 99:AD:AC:56:C6:0B:B6:34:A2:FE:AA:36:ED:83:5C:3D:B7:1B:23:6A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 646C8F7E2FE911AF6507CF5F544D000EC58EF9A1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa Signing time: Tue 18 Nov 2025 00:40:10 +0000 ROA not before: Tue 18 Nov 2025 00:40:10 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d020::/28 maxlen: 28 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:6c:8f:7e:2f:e9:11:af:65:07:cf:5f:54:4d:00:0e:c5:8e:f9:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:40:10 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=01b88c9f4b91116fe3ccfaf5e92672439a7c8c44f6543ffa68b516a7cb129c55, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:46:7e:a4:74:cc:bd:1f:42:2c:30:be:3a:8e: 40:a2:ff:a9:67:56:ba:0c:00:0c:c0:5d:55:dc:7f: fa:02:27:f1:f6:11:1d:12:27:05:69:12:75:d0:35: fb:5f:b0:b2:95:5d:f2:9c:d6:86:d2:f6:24:be:8b: a8:fd:c8:9e:4b:44:dd:60:c4:b9:34:3e:f9:31:05: ab:81:83:c7:e8:95:20:dd:e6:42:dc:c8:92:64:02: d8:d4:bb:40:d4:b0:98:f2:25:9c:d9:0b:44:52:a4: 84:9b:03:96:f3:fe:1f:13:06:a6:0e:b7:3e:19:cb: 43:90:b4:c9:f0:3a:3f:5a:a8:6e:d6:75:47:6a:8a: 5f:23:06:dd:17:92:5d:40:90:45:8c:9a:2b:fc:aa: 67:66:b0:3c:a6:3f:c2:0f:82:f0:8d:8d:d3:20:bc: 55:34:74:96:cb:ce:3b:e9:3d:03:00:3e:0a:99:76: ea:e7:44:13:47:ab:be:72:88:70:a7:24:8c:bf:62: b3:44:eb:4a:df:60:69:3c:d8:d3:f3:19:7e:b5:37: 89:19:74:e7:27:4a:85:ac:14:1e:a1:07:f8:8b:7d: b6:ca:8f:1b:82:9e:91:36:46:d3:72:a9:30:df:cc: 1b:3e:98:25:3f:aa:f5:70:ad:4b:33:58:be:a6:87: a5:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:AD:AC:56:C6:0B:B6:34:A2:FE:AA:36:ED:83:5C:3D:B7:1B:23:6A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3136a322-f9d4-4c77-b48b-3a4a5b2d3d55.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d020::/28 Signature Algorithm: sha256WithRSAEncryption b1:57:70:62:47:b4:96:22:40:ed:ad:58:b0:95:2c:29:db:ad: 96:6b:b0:b3:8a:8e:e5:6d:37:0a:28:3e:40:21:1d:d8:f4:11: 07:fa:dc:1d:cd:ea:42:b9:32:df:8c:7c:ac:43:59:46:36:80: cc:3a:d9:ec:87:20:ce:4a:bf:de:f5:b0:6d:92:7b:5e:e4:92: 28:2c:f1:ce:10:5f:90:0e:42:6a:5c:fe:24:02:22:fb:ae:ab: 1e:3f:45:bd:35:49:ec:9a:16:36:d1:18:02:de:ac:db:3c:3e: 57:9f:74:de:7c:67:15:f6:fe:42:72:29:68:44:06:f2:fc:8c: c0:7c:b1:08:f5:2e:12:93:2d:a0:29:34:1d:56:57:3e:b8:f2: e3:27:73:bf:41:4d:82:b0:84:0a:ee:60:57:a2:9b:8d:2f:88: 76:cc:c8:3b:4c:a7:f4:fe:0f:66:e3:54:62:fd:ab:eb:79:4b: d3:7b:64:30:98:3f:56:e5:e6:18:e7:fc:2b:66:ff:dc:3c:57: c3:ff:a1:b1:c1:5c:a4:38:d6:ee:6e:ef:30:df:b7:a0:11:53: ce:26:f4:54:91:b9:98:f1:8e:e2:be:48:e0:77:5b:99:34:ea: f8:26:ec:27:7a:a3:9c:1c:3c:71:31:1b:e1:12:ad:b8:70:e8: 6d:95:a8:0d -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUZGyPfi/pEa9lB89fVE0ADsWO+aEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDQwMTBaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDAxYjg4YzlmNGI5MTExNmZlM2NjZmFmNWU5MjY3MjQzOWE3YzhjNDRmNjU0 M2ZmYTY4YjUxNmE3Y2IxMjljNTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVGfqR0zL0fQiwwvjqOQKL/qWdWugwADMBdVdx/+gIn8fYRHRInBWkSddA1 +1+wspVd8pzWhtL2JL6LqP3InktE3WDEuTQ++TEFq4GDx+iVIN3mQtzIkmQC2NS7 QNSwmPIlnNkLRFKkhJsDlvP+HxMGpg63PhnLQ5C0yfA6P1qobtZ1R2qKXyMG3ReS XUCQRYyaK/yqZ2awPKY/wg+C8I2N0yC8VTR0lsvOO+k9AwA+Cpl26udEE0ervnKI cKckjL9is0TrSt9gaTzY0/MZfrU3iRl05ydKhawUHqEH+It9tsqPG4KekTZG03Kp MN/MGz6YJT+q9XCtSzNYvqaHpdUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSZraxW xgu2NKL+qjbtg1w9txsjajAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzEzNmEzMjItZjlkNC00Yzc3LWI0OGItM2E0YTViMmQzZDU1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCoF0CAw DQYJKoZIhvcNAQELBQADggEBALFXcGJHtJYiQO2tWLCVLCnbrZZrsLOKjuVtNwoo PkAhHdj0EQf63B3N6kK5Mt+MfKxDWUY2gMw62eyHIM5Kv971sG2Se17kkigs8c4Q X5AOQmpc/iQCIvuuqx4/Rb01SeyaFjbRGALerNs8PlefdN58ZxX2/kJyKWhEBvL8 jMB8sQj1LhKTLaApNB1WVz648uMnc79BTYKwhAruYFeim40viHbMyDtMp/T+D2bj VGL9q+t5S9N7ZDCYP1bl5hjn/Ctm/9w8V8P/obHBXKQ41u5u7zDft6ARU84m9FSR uZjxjuK+SOB3W5k06vgm7Cd6o5wcPHExG+ESrbhw6G2VqA0= -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:27 2025 by rpki-client