This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa File: 38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa (raw, json) Hash identifier: KLwuG0fksYiR27I4ZnUbuGy0ZvG/UxfHS11ZUkmPhrs= Subject key identifier: 41:35:65:1A:5B:8B:9D:04:57:5F:71:06:12:EC:88:FF:43:82:AC:1C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 49C824B4FA9E0003E4592B284E03CFE93A2271D9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa Signing time: Sat 15 Nov 2025 05:30:51 +0000 ROA not before: Sat 15 Nov 2025 05:30:51 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d075:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:c8:24:b4:fa:9e:00:03:e4:59:2b:28:4e:03:cf:e9:3a:22:71:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:51 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=667185f112173edb0284219dffa55c04cc3bb7115096cd176ae331bc2bd7cf2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:02:30:41:dd:c9:38:d6:bb:12:10:ce:31:f7: 89:d3:f4:f0:6b:cf:b4:47:a7:ad:8f:b4:dd:2c:c7: af:f7:b0:50:42:52:32:5e:b6:c4:00:74:e6:79:90: 46:1c:af:6c:c8:39:96:52:40:ce:1a:ad:8e:ab:1b: 06:4e:f8:95:67:dc:f3:2c:fe:fc:d0:ae:77:fa:1b: e3:71:cb:ba:17:e8:ac:a0:04:aa:d8:40:03:8d:1c: bd:22:e0:e2:31:e6:ac:27:99:c1:c1:22:03:48:b2: 4c:bb:9a:23:c2:23:05:4e:c8:69:8b:04:ab:fd:52: 52:f2:86:94:6a:4b:cb:44:d2:b4:45:1a:23:a7:e7: 92:98:43:e6:4d:6c:37:b7:d3:38:9c:bc:3a:b3:10: d2:d5:4f:ea:18:5d:93:ff:0d:b1:76:90:fd:2b:88: f6:48:9d:6f:5c:e1:3e:e8:0d:f3:3b:64:35:9f:6d: 38:15:b7:24:a2:33:53:8e:9e:6a:9e:ac:c4:85:f1: 25:bb:9f:85:bd:4e:38:da:4e:f9:92:b0:f1:b2:a3: 5d:7a:30:f9:24:0b:02:26:a7:f2:63:b1:a0:3a:c7: c0:16:64:bb:6a:72:d8:5e:d2:33:d7:9b:a2:b3:eb: 2d:c2:91:55:5e:7e:0b:46:03:57:75:bd:6f:96:47: b6:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:35:65:1A:5B:8B:9D:04:57:5F:71:06:12:EC:88:FF:43:82:AC:1C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/38f9c0f0-a109-485c-bd2d-2e1a440b864e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d075:6000::/40 Signature Algorithm: sha256WithRSAEncryption 1a:04:aa:21:ce:cd:f2:12:01:e0:67:aa:d6:71:38:be:60:65: 30:31:13:c6:ad:2b:a2:7b:57:59:4a:dd:67:3a:56:cf:24:a3: 43:4b:dc:1a:32:ed:57:d7:03:f9:b1:f4:25:a8:98:22:f3:99: d0:0a:ea:0f:86:0b:68:1b:ef:94:01:47:8f:9e:12:99:c3:2d: 99:73:31:cc:98:c0:0d:d5:6e:c3:f8:a0:a8:e2:df:3e:cb:40: a0:87:e9:0b:c9:e1:b7:7e:a4:5a:59:a1:81:ed:6f:16:d1:1f: e3:33:ec:9b:32:5e:25:ed:5f:b2:6a:6c:08:fc:11:9f:83:83: 31:ea:2b:e4:e7:d2:23:07:1b:de:d4:c6:55:cf:87:0f:e4:69: c5:18:bb:a1:e0:9e:74:35:cc:62:a2:38:88:09:96:91:4e:6a: 76:29:57:6b:38:2e:e2:90:f9:10:d6:80:c5:2e:8b:47:5b:39: 75:83:b5:33:b4:9b:19:9c:15:3a:b0:39:63:5f:7d:2a:0e:0c: 80:5b:3b:05:6f:54:10:f5:46:3a:31:71:af:ee:73:c7:65:05: da:d1:81:8f:5b:a9:5a:0e:a9:9f:d6:04:c2:b3:00:69:38:53: fa:8b:1d:99:13:fb:b7:0b:94:cd:82:4a:57:ec:22:d8:7a:d5: 7a:9a:57:cd -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUScgktPqeAAPkWSsoTgPP6ToicdkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwNTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDY2NzE4NWYxMTIxNzNlZGIwMjg0MjE5ZGZmYTU1YzA0Y2MzYmI3MTE1MDk2 Y2QxNzZhZTMzMWJjMmJkN2NmMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANUCMEHdyTjWuxIQzjH3idP08GvPtEenrY+03SzHr/ewUEJSMl62xAB05nmQ RhyvbMg5llJAzhqtjqsbBk74lWfc8yz+/NCud/ob43HLuhforKAEqthAA40cvSLg 4jHmrCeZwcEiA0iyTLuaI8IjBU7IaYsEq/1SUvKGlGpLy0TStEUaI6fnkphD5k1s N7fTOJy8OrMQ0tVP6hhdk/8NsXaQ/SuI9kidb1zhPugN8ztkNZ9tOBW3JKIzU46e ap6sxIXxJbufhb1OONpO+ZKw8bKjXXow+SQLAian8mOxoDrHwBZku2py2F7SM9eb orPrLcKRVV5+C0YDV3W9b5ZHtpECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBNWUa W4udBFdfcQYS7Ij/Q4KsHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv MzhmOWMwZjAtYTEwOS00ODVjLWJkMmQtMmUxYTQ0MGI4NjRlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVg MA0GCSqGSIb3DQEBCwUAA4IBAQAaBKohzs3yEgHgZ6rWcTi+YGUwMRPGrSuie1dZ St1nOlbPJKNDS9waMu1X1wP5sfQlqJgi85nQCuoPhgtoG++UAUePnhKZwy2ZczHM mMAN1W7D+KCo4t8+y0Cgh+kLyeG3fqRaWaGB7W8W0R/jM+ybMl4l7V+yamwI/BGf g4Mx6ivk59IjBxve1MZVz4cP5GnFGLuh4J50NcxiojiICZaRTmp2KVdrOC7ikPkQ 1oDFLotHWzl1g7UztJsZnBU6sDljX30qDgyAWzsFb1QQ9UY6MXGv7nPHZQXa0YGP W6laDqmf1gTCswBpOFP6ix2ZE/u3C5TNgkpX7CLYetV6mlfN -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:50 2025 by rpki-client