This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa File: 3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa (raw, json) Hash identifier: XQ/+v4mTHts8mfyU+NCqrlbA2A6uKq/mSS+yqZP9fQE= Subject key identifier: 2C:69:D3:26:A1:39:AD:3B:63:41:4E:1C:50:E7:C8:45:9A:8D:64:1F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 76419D905E602C48FFF7731D767AF9263FEA50D1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa Signing time: Wed 10 Dec 2025 05:50:06 +0000 ROA not before: Wed 10 Dec 2025 05:50:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:41:9d:90:5e:60:2c:48:ff:f7:73:1d:76:7a:f9:26:3f:ea:50:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:50:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=599f90f710f603d4897b40d0ebcd5703efc8a45f3b8918e6e9eade5cb14cd4be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:6f:df:00:51:30:1a:b7:47:cc:9c:6e:34:77: 66:bf:78:74:db:6e:17:b9:e9:ee:bb:e5:80:40:10: 08:2f:20:8f:7c:ca:72:a4:dc:d1:89:19:5d:4b:0d: 64:a9:ef:bf:e5:0e:1b:62:98:d7:da:ff:e2:d3:6f: c5:b1:59:51:77:b9:53:de:1b:2a:00:09:f0:01:d7: d8:52:bc:09:45:26:23:ab:72:ec:10:8e:d7:5b:ee: cb:82:8e:a6:74:0f:e4:55:ab:8f:47:52:16:90:54: f1:07:4c:33:77:fa:4d:8a:5b:d8:f3:3a:1e:2f:06: 4b:c6:cd:e4:a5:8c:e7:2e:f2:13:54:6b:23:38:bf: 9a:bc:90:af:4b:d0:09:43:a2:c0:10:bc:22:dc:e7: 5a:5a:8a:03:57:3f:68:ca:9a:5b:50:24:ed:b6:cc: 77:c1:1d:2a:6b:ec:8a:b3:92:85:ce:c1:2b:6d:87: a9:c7:c0:a3:ef:07:77:c6:79:bf:13:94:4a:fb:72: 2c:2c:17:4d:5d:98:9d:78:ed:dd:39:a6:af:12:87: d7:69:d2:70:2c:5a:55:a9:bd:5b:10:56:4c:cf:93: e8:1a:52:84:62:0e:39:06:09:76:16:5e:3b:1c:c5: 16:7f:31:4a:01:4e:1c:ca:fd:6a:12:04:99:a3:ab: a9:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:69:D3:26:A1:39:AD:3B:63:41:4E:1C:50:E7:C8:45:9A:8D:64:1F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3a6aba1f-440e-4874-9193-a3a1f6ea3eec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:b000::/40 Signature Algorithm: sha256WithRSAEncryption 3a:a5:9a:f0:e9:5d:13:65:31:dc:25:1f:7f:fa:ce:15:78:c0: 66:7e:b6:c9:68:a5:92:12:e8:aa:78:96:88:00:f5:2e:52:ab: 5d:69:dd:83:5f:bd:8c:f9:38:40:64:49:69:1f:21:ef:ee:63: 93:c5:5a:9f:0c:a6:e9:b4:76:35:24:bd:60:cb:d3:94:2b:69: 01:e5:4a:17:fc:65:45:e2:ee:a8:66:b5:b4:8d:6b:bc:23:14: eb:6f:a7:0a:40:64:82:a3:81:26:30:0a:62:7f:55:fa:f9:d1: b7:a6:df:7c:91:9a:03:00:4b:6e:2b:f0:e8:eb:71:35:41:3c: c6:20:3e:4a:6b:39:ca:3c:a3:aa:aa:61:54:16:11:22:1e:74: e2:34:35:7f:3a:35:15:bc:21:e3:d6:74:a9:3c:6c:b6:8b:60: 40:24:e5:28:6f:ae:ee:cb:aa:44:96:9c:ef:58:a1:28:f8:3c: ba:35:c3:d7:6a:7e:6b:67:94:1e:e6:1e:e2:c4:b6:6c:59:e9: 83:43:ea:c2:14:95:22:f5:48:6d:67:a8:c5:99:3f:34:72:c0: 21:15:5d:59:ca:a0:86:f1:19:55:55:5b:cf:50:d8:d8:02:4f: 34:26:6d:dc:27:87:b2:f0:6b:26:b8:e3:c9:0d:20:1b:96:99: e0:92:98:0f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUdkGdkF5gLEj/93Mddnr5Jj/qUNEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTUwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDU5OWY5MGY3MTBmNjAzZDQ4OTdiNDBkMGViY2Q1NzAzZWZjOGE0NWYzYjg5 MThlNmU5ZWFkZTVjYjE0Y2Q0YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJdv3wBRMBq3R8ycbjR3Zr94dNtuF7np7rvlgEAQCC8gj3zKcqTc0YkZXUsN ZKnvv+UOG2KY19r/4tNvxbFZUXe5U94bKgAJ8AHX2FK8CUUmI6ty7BCO11vuy4KO pnQP5FWrj0dSFpBU8QdMM3f6TYpb2PM6Hi8GS8bN5KWM5y7yE1RrIzi/mryQr0vQ CUOiwBC8ItznWlqKA1c/aMqaW1Ak7bbMd8EdKmvsirOShc7BK22HqcfAo+8Hd8Z5 vxOUSvtyLCwXTV2YnXjt3TmmrxKH12nScCxaVam9WxBWTM+T6BpShGIOOQYJdhZe OxzFFn8xSgFOHMr9ahIEmaOrqdkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQsadMm oTmtO2NBThxQ58hFmo1kHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2E2YWJhMWYtNDQwZS00ODc0LTkxOTMtYTNhMWY2ZWEzZWVjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HKw MA0GCSqGSIb3DQEBCwUAA4IBAQA6pZrw6V0TZTHcJR9/+s4VeMBmfrbJaKWSEuiq eJaIAPUuUqtdad2DX72M+ThAZElpHyHv7mOTxVqfDKbptHY1JL1gy9OUK2kB5UoX /GVF4u6oZrW0jWu8IxTrb6cKQGSCo4EmMApif1X6+dG3pt98kZoDAEtuK/Do63E1 QTzGID5KaznKPKOqqmFUFhEiHnTiNDV/OjUVvCHj1nSpPGy2i2BAJOUob67uy6pE lpzvWKEo+Dy6NcPXan5rZ5Qe5h7ixLZsWemDQ+rCFJUi9UhtZ6jFmT80csAhFV1Z yqCG8RlVVVvPUNjYAk80Jm3cJ4ey8GsmuOPJDSAblpngkpgP -----END CERTIFICATE-----Generated at Mon Dec 15 17:03:34 2025 by rpki-client