This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c4d3f7-0d57-499b-aea0-8244810d5897.roa File: 36c4d3f7-0d57-499b-aea0-8244810d5897.roa (raw, json) Hash identifier: Vq8OejJuMNTUMRVFoVRytPTBR5FFVINtGPGUDienNg8= Subject key identifier: ED:3F:5E:C0:89:60:DB:42:18:FD:9C:84:58:4D:DF:1D:0C:33:3C:08 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7A3EE050A44D0A8FFA1521466ECAE6726C5B7329 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c4d3f7-0d57-499b-aea0-8244810d5897.roa Signing time: Tue 25 Nov 2025 20:00:10 +0000 ROA not before: Tue 25 Nov 2025 20:00:10 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:3e:e0:50:a4:4d:0a:8f:fa:15:21:46:6e:ca:e6:72:6c:5b:73:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:00:10 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=3a48d7a6016126b7625728d894ac1f23b5759526d4fc313153795844486568cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:21:52:ae:9f:3c:e2:98:7a:37:70:c5:90:74: 6f:41:39:a9:d5:eb:ea:95:60:8e:49:34:17:97:0e: f3:28:69:9b:a0:76:2a:dd:aa:88:67:1a:52:78:cb: 8b:1a:65:70:65:94:b0:e0:94:ad:04:e7:f5:91:c2: ff:25:1a:de:00:bf:aa:2f:56:fe:f9:b6:31:ba:ad: 84:94:fd:ef:53:e8:20:c9:c4:c9:20:f1:b6:d2:cd: ec:8d:df:ae:22:63:ac:53:2b:55:9c:13:0b:37:7d: 6e:2a:59:2f:82:85:23:0a:bf:ec:39:d8:9c:5f:df: 90:91:5c:5b:94:58:16:ca:ff:56:d4:e1:e9:d6:a4: 6b:57:a9:39:9d:a8:01:eb:07:f0:3a:58:4e:ac:f7: 80:c4:7c:8d:87:ee:93:81:d6:26:06:a6:8f:76:31: bd:5a:e5:41:72:aa:1d:9f:88:a3:e7:10:b6:e2:99: 2c:50:70:20:1d:74:d3:ea:00:0f:c5:76:fb:43:34: e0:63:30:a3:31:4e:4d:09:a0:e5:9c:32:2c:26:3e: 33:fb:9e:52:1e:44:b4:44:6a:b6:16:4c:f0:63:aa: 10:46:be:2b:62:d4:be:50:a3:4e:aa:5b:33:9a:52: 01:01:bc:da:5f:3f:0f:fc:86:b4:85:d1:9d:e7:ca: 4f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:3F:5E:C0:89:60:DB:42:18:FD:9C:84:58:4D:DF:1D:0C:33:3C:08 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c4d3f7-0d57-499b-aea0-8244810d5897.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:800::/40 Signature Algorithm: sha256WithRSAEncryption 18:bb:a2:61:ec:39:72:c8:d8:62:af:8b:59:60:de:f8:d4:75: 8c:24:9e:f4:f3:03:52:f7:3d:ac:c9:76:f3:84:f7:fd:03:98: 9b:9e:fb:32:1c:58:9f:9d:a4:80:e9:7e:d4:86:9f:40:7d:4e: 7d:9e:79:84:8f:42:91:ef:f8:da:50:d1:8f:43:90:67:76:c1: ca:8b:bf:8e:d0:d7:73:91:92:2c:cb:5a:7a:fd:a9:ed:28:a8: 50:ce:0c:a9:fd:63:7c:78:d7:e6:97:d7:27:f6:84:33:36:f3: 82:8b:c6:a0:1c:de:24:85:6f:e4:8d:46:47:66:dd:37:3b:9f: 7a:79:63:f1:59:1d:a5:d6:18:4b:14:16:c5:34:ca:90:9a:bc: 5e:0c:5b:a1:ce:84:1a:63:fd:86:e2:50:4f:54:d7:cc:15:52: d6:6d:7a:38:42:97:f1:b0:e2:33:a3:4a:07:71:f8:e9:8a:c0: e3:9a:2f:a7:dd:12:1c:93:55:04:a2:41:f9:bc:63:77:94:62: 3e:ab:62:cd:ae:4d:d4:b4:5f:e9:ad:38:97:66:d2:b2:99:f0: 0d:f4:9c:57:a7:93:b5:51:6a:54:24:67:6b:a2:5c:fc:d1:9c: 4a:d5:7f:ef:9a:05:28:cd:76:b7:a9:c2:d4:39:e1:06:2f:4d: fe:7d:3e:0d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUej7gUKRNCo/6FSFGbsrmcmxbcykwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAwMTBaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDNhNDhkN2E2MDE2MTI2Yjc2MjU3MjhkODk0YWMxZjIzYjU3NTk1MjZkNGZj MzEzMTUzNzk1ODQ0NDg2NTY4Y2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJghUq6fPOKYejdwxZB0b0E5qdXr6pVgjkk0F5cO8yhpm6B2Kt2qiGcaUnjL ixplcGWUsOCUrQTn9ZHC/yUa3gC/qi9W/vm2MbqthJT971PoIMnEySDxttLN7I3f riJjrFMrVZwTCzd9bipZL4KFIwq/7DnYnF/fkJFcW5RYFsr/VtTh6daka1epOZ2o AesH8DpYTqz3gMR8jYfuk4HWJgamj3YxvVrlQXKqHZ+Io+cQtuKZLFBwIB100+oA D8V2+0M04GMwozFOTQmg5ZwyLCY+M/ueUh5EtERqthZM8GOqEEa+K2LUvlCjTqpb M5pSAQG82l8/D/yGtIXRnefKTxUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtP17A iWDbQhj9nIRYTd8dDDM8CDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzZjNGQzZjctMGQ1Ny00OTliLWFlYTAtODI0NDgxMGQ1ODk3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HMI MA0GCSqGSIb3DQEBCwUAA4IBAQAYu6Jh7DlyyNhir4tZYN741HWMJJ708wNS9z2s yXbzhPf9A5ibnvsyHFifnaSA6X7Uhp9AfU59nnmEj0KR7/jaUNGPQ5BndsHKi7+O 0NdzkZIsy1p6/antKKhQzgyp/WN8eNfml9cn9oQzNvOCi8agHN4khW/kjUZHZt03 O596eWPxWR2l1hhLFBbFNMqQmrxeDFuhzoQaY/2G4lBPVNfMFVLWbXo4QpfxsOIz o0oHcfjpisDjmi+n3RIck1UEokH5vGN3lGI+q2LNrk3UtF/prTiXZtKymfAN9JxX p5O1UWpUJGdrolz80ZxK1X/vmgUozXa3qcLUOeEGL03+fT4N -----END CERTIFICATE-----Generated at Sat Dec 6 17:31:21 2025 by rpki-client