This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa File: 35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa (raw, json) Hash identifier: nJxgH83jFlt9sHQVX1VOz+sVGEB3PNn+VpXM8DTA2Ls= Subject key identifier: 12:1E:61:9A:28:95:A9:DA:FA:5A:C3:98:10:F6:6C:E7:03:B4:E4:3E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7C21837231DA3FC0C6467AA9387BED75B04CB4B1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa Signing time: Wed 10 Dec 2025 05:20:32 +0000 ROA not before: Wed 10 Dec 2025 05:20:32 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d059:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:21:83:72:31:da:3f:c0:c6:46:7a:a9:38:7b:ed:75:b0:4c:b4:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:32 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ef1d944b0cc4f4523175b4adb30951a89d52404e79cbf8573ded8131473996ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:3e:dc:e3:f3:50:5e:eb:ad:ec:31:00:29:11: 02:40:ff:cd:dd:1e:fb:cc:f5:6f:1b:39:49:cc:04: fb:35:85:a2:b0:27:67:a8:6d:3d:66:3c:20:57:77: 8a:55:50:4e:a5:f2:71:18:fa:ce:5a:cd:75:b5:24: c3:75:82:3a:62:b8:25:94:5f:f9:7f:c0:e6:66:74: 8c:11:0b:68:cd:d2:71:dc:cb:e9:a2:b2:9c:58:e2: 73:34:1f:78:bd:a7:58:4b:e0:a4:a9:79:be:d3:f8: 0e:08:5c:ed:da:a5:ae:ec:c7:03:8c:68:79:05:52: 82:fc:a5:26:b9:40:28:4a:6a:a1:10:b9:66:e2:78: 87:a5:b4:be:6e:5d:36:b8:c2:31:8f:ad:07:cb:9d: b8:38:ae:0f:62:c4:fa:0e:f6:e7:71:a3:12:b1:1c: 9b:62:ec:40:28:e3:37:ad:cc:43:3f:37:c8:22:3b: 50:9d:22:35:ed:86:0d:72:df:ab:4f:bf:bd:3a:10: 5e:47:8a:96:6b:76:b0:44:b2:56:ce:86:07:8a:5d: 00:7f:37:9e:1b:da:f4:70:61:e9:a3:a1:eb:8d:61: 40:eb:c5:b8:89:d5:62:05:bb:29:05:a1:db:76:89: 38:01:3e:f9:c5:ba:b9:d2:76:51:27:85:92:8f:60: 17:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:1E:61:9A:28:95:A9:DA:FA:5A:C3:98:10:F6:6C:E7:03:B4:E4:3E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35a8717c-ecf6-4cf7-a73c-f566f7884a16.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:2000::/40 Signature Algorithm: sha256WithRSAEncryption 87:7d:bd:0d:88:fe:fb:e4:1b:bd:a9:21:29:97:78:41:ad:03: 23:b2:78:0b:7b:5e:d2:db:37:15:ed:98:ec:76:76:8e:fd:6b: 52:a5:be:f6:2a:6a:7d:31:aa:fe:01:a8:95:e3:f6:d4:2e:38: 14:cd:d2:e7:e3:07:39:79:33:ba:75:bb:1c:d0:c1:4d:7e:5a: f9:cb:1b:ec:3e:f4:e9:c8:ef:3f:c7:ae:44:49:53:a9:29:1c: f8:24:cd:61:af:35:61:ea:da:7e:45:d1:f2:48:8c:d3:fc:78: c4:26:a2:ae:05:c4:6e:7a:2e:22:87:3f:99:2b:93:d2:5a:1a: 2e:d7:d8:6a:89:3a:3f:8c:a3:29:d7:73:37:bf:0c:d9:a5:f5: 64:99:1c:21:72:2b:d5:fe:21:1b:82:27:7f:7c:f3:b2:d3:79: de:40:4a:c7:57:b0:0a:71:16:62:cb:3d:4b:b5:8b:fc:72:b5: 2e:c7:ff:ea:78:3b:ce:f1:32:da:9b:30:35:ea:98:4f:e3:4f: 11:58:a7:7e:30:a2:3f:fa:2b:4b:f7:fa:63:c8:e1:95:ca:5b: 69:f0:fc:06:01:d3:2c:ba:4d:c5:6a:74:9f:69:15:77:d3:e3: d2:e3:9d:be:0c:57:c0:18:23:28:8e:ba:a4:d3:0e:b1:7b:56: 95:42:49:e4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUfCGDcjHaP8DGRnqpOHvtdbBMtLEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMzJaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGVmMWQ5NDRiMGNjNGY0NTIzMTc1YjRhZGIzMDk1MWE4OWQ1MjQwNGU3OWNi Zjg1NzNkZWQ4MTMxNDczOTk2Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMc+3OPzUF7rrewxACkRAkD/zd0e+8z1bxs5ScwE+zWForAnZ6htPWY8IFd3 ilVQTqXycRj6zlrNdbUkw3WCOmK4JZRf+X/A5mZ0jBELaM3ScdzL6aKynFjiczQf eL2nWEvgpKl5vtP4Dghc7dqlruzHA4xoeQVSgvylJrlAKEpqoRC5ZuJ4h6W0vm5d NrjCMY+tB8uduDiuD2LE+g7253GjErEcm2LsQCjjN63MQz83yCI7UJ0iNe2GDXLf q0+/vToQXkeKlmt2sESyVs6GB4pdAH83nhva9HBh6aOh641hQOvFuInVYgW7KQWh 23aJOAE++cW6udJ2USeFko9gF48CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQSHmGa KJWp2vpaw5gQ9mznA7TkPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzVhODcxN2MtZWNmNi00Y2Y3LWE3M2MtZjU2NmY3ODg0YTE2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg MA0GCSqGSIb3DQEBCwUAA4IBAQCHfb0NiP775Bu9qSEpl3hBrQMjsngLe17S2zcV 7ZjsdnaO/WtSpb72Kmp9Mar+AaiV4/bULjgUzdLn4wc5eTO6dbsc0MFNflr5yxvs PvTpyO8/x65ESVOpKRz4JM1hrzVh6tp+RdHySIzT/HjEJqKuBcRuei4ihz+ZK5PS Whou19hqiTo/jKMp13M3vwzZpfVkmRwhcivV/iEbgid/fPOy03neQErHV7AKcRZi yz1LtYv8crUux//qeDvO8TLamzA16phP408RWKd+MKI/+itL9/pjyOGVyltp8PwG AdMsuk3FanSfaRV30+PS452+DFfAGCMojrqk0w6xe1aVQknk -----END CERTIFICATE-----Generated at Mon Dec 15 15:28:34 2025 by rpki-client