This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa File: 3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa (raw, json) Hash identifier: UTcZuZtlTasGsJ63TrYZ0q+g/8pn/jGEW8trEaZcjUM= Subject key identifier: 98:D6:48:F0:52:39:04:E4:F4:03:8B:95:74:4A:2C:94:D9:D7:04:D2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 33C0FBC8C0EF7A5BA81C3A73DBD94BC15FEAB52B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa Signing time: Sat 15 Nov 2025 06:00:33 +0000 ROA not before: Sat 15 Nov 2025 06:00:33 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:40a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:c0:fb:c8:c0:ef:7a:5b:a8:1c:3a:73:db:d9:4b:c1:5f:ea:b5:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:33 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b35239b10319996f8625ffd1f4ff1433443d9b71dd3ee31858a207b8ef47984c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:79:7f:08:a9:3b:4c:49:c0:cf:0e:db:1b:ed: c7:d7:35:1a:9b:ea:7c:65:62:6b:80:41:94:c0:96: e5:69:8f:08:0f:c1:f3:9c:57:fc:7d:38:d2:ec:4c: dd:62:03:27:a2:e1:a9:10:9e:00:59:46:76:6f:77: e9:74:6d:c5:ce:c5:91:9a:d1:13:f0:98:df:e4:6e: 95:35:b5:19:ee:67:81:62:5c:d1:55:cc:f9:10:b4: a6:fe:59:c4:55:82:13:6a:a4:8f:4d:e6:fe:85:03: 34:88:bc:a5:0e:b1:01:6d:d2:24:38:0e:4c:e1:dd: ce:d0:49:06:68:6e:a8:ee:1c:08:5e:71:58:79:6e: 27:35:1f:59:02:c7:ee:bb:32:46:56:4a:e4:ae:d0: 73:ab:f4:36:f9:1c:6d:79:79:72:c4:41:89:32:d6: bf:b8:5e:9f:b7:e0:e8:10:27:6b:29:85:2a:54:13: 22:50:2e:0e:d2:2f:df:7b:27:7b:09:85:f9:69:30: 1a:24:ed:68:0c:32:f4:48:86:3d:cd:36:ba:dd:d4: 92:a3:72:34:09:d6:39:f1:51:8d:96:ad:8b:62:29: 2c:27:d2:f9:11:a4:ab:fd:92:41:ab:e5:fd:f2:35: 22:67:ac:27:22:07:aa:ed:d7:dd:3a:a3:f1:93:ae: 2a:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:D6:48:F0:52:39:04:E4:F4:03:8B:95:74:4A:2C:94:D9:D7:04:D2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3db66c88-0bb0-44d6-b6a0-ad7dd0873c56.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:40a0::/48 Signature Algorithm: sha256WithRSAEncryption 28:1e:48:91:d1:e3:b3:c0:ff:49:4c:9c:da:6b:a9:03:b6:b5: 87:b3:3a:1a:56:b6:22:cc:1d:b4:b9:45:b0:97:8f:52:39:64: ea:f6:fb:85:10:68:85:e6:db:db:ed:aa:7c:85:9c:7f:96:50: 0c:2f:f6:79:47:a4:e0:38:aa:73:f4:06:29:40:2a:71:b9:c1: 0b:06:58:9f:3f:69:f7:ba:f0:0a:ab:a5:89:46:89:4c:eb:11: 9c:2a:5f:f2:f6:38:30:2e:cd:1a:51:63:d9:92:68:bd:1d:9b: 18:de:c9:58:17:28:19:60:39:57:fe:aa:ff:e9:7b:2c:fc:01: 15:9a:32:66:d3:3b:7c:a9:a0:89:8d:5d:d1:1f:11:d8:32:d4: fd:45:c2:bf:ab:df:2c:d4:1d:28:e8:8d:f7:89:61:80:32:aa: a6:e0:2c:82:a8:40:c1:c9:b5:62:72:bc:f4:2a:5f:a8:96:d9: 1e:b7:98:df:0a:15:72:6d:fa:ae:00:d1:cf:7f:50:5f:e2:34: a3:eb:79:9a:4f:73:19:a3:97:ff:be:2d:1b:b7:a0:ff:46:e1: 80:40:98:9c:28:7a:2a:59:2d:a8:da:64:8d:4d:21:b7:c1:db: 85:2d:0c:17:36:7b:80:2f:35:9a:d6:ad:ed:37:f6:f9:b6:a5: 12:80:dc:8e -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUM8D7yMDveluoHDpz29lLwV/qtSswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMzNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGIzNTIzOWIxMDMxOTk5NmY4NjI1ZmZkMWY0ZmYxNDMzNDQzZDliNzFkZDNl ZTMxODU4YTIwN2I4ZWY0Nzk4NGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL55fwipO0xJwM8O2xvtx9c1GpvqfGVia4BBlMCW5WmPCA/B85xX/H040uxM 3WIDJ6LhqRCeAFlGdm936XRtxc7FkZrRE/CY3+RulTW1Ge5ngWJc0VXM+RC0pv5Z xFWCE2qkj03m/oUDNIi8pQ6xAW3SJDgOTOHdztBJBmhuqO4cCF5xWHluJzUfWQLH 7rsyRlZK5K7Qc6v0NvkcbXl5csRBiTLWv7hen7fg6BAnaymFKlQTIlAuDtIv33sn ewmF+WkwGiTtaAwy9EiGPc02ut3UkqNyNAnWOfFRjZati2IpLCfS+RGkq/2SQavl /fI1ImesJyIHqu3X3Tqj8ZOuKk8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSY1kjw UjkE5PQDi5V0SiyU2dcE0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2RiNjZjODgtMGJiMC00NGQ2LWI2YTAtYWQ3ZGQwODczYzU2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA oDANBgkqhkiG9w0BAQsFAAOCAQEAKB5IkdHjs8D/SUyc2mupA7a1h7M6Gla2Iswd tLlFsJePUjlk6vb7hRBohebb2+2qfIWcf5ZQDC/2eUek4Diqc/QGKUAqcbnBCwZY nz9p97rwCquliUaJTOsRnCpf8vY4MC7NGlFj2ZJovR2bGN7JWBcoGWA5V/6q/+l7 LPwBFZoyZtM7fKmgiY1d0R8R2DLU/UXCv6vfLNQdKOiN94lhgDKqpuAsgqhAwcm1 YnK89CpfqJbZHreY3woVcm36rgDRz39QX+I0o+t5mk9zGaOX/74tG7eg/0bhgECY nCh6KlktqNpkjU0ht8HbhS0MFzZ7gC81mtat7Tf2+balEoDcjg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:00 2025 by rpki-client