This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa File: 3f1caa71-8276-42c2-bf3a-470ac560fb89.roa (raw, json) Hash identifier: Yqb9hkbVxHFkN5p+Yx7HXrb9rV/ssx3TTGXGHOiXfS8= Subject key identifier: 5B:01:63:EC:46:42:6D:38:B1:C5:21:92:69:0C:68:A5:01:56:C9:00 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5672DBB6984FA4015DD156E2B52B3866F341E3DB Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa Signing time: Sat 15 Nov 2025 05:30:17 +0000 ROA not before: Sat 15 Nov 2025 05:30:17 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01d::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:72:db:b6:98:4f:a4:01:5d:d1:56:e2:b5:2b:38:66:f3:41:e3:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:17 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=86bd40906e9fe725ee836d1f61704cd63cadc3af16acd8c9e0301794437dc263, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:94:25:39:44:05:4c:89:7e:ca:6e:ae:8c:b1: 11:11:c7:16:ba:e2:a9:96:83:9f:cb:36:ac:a9:76: f7:a1:61:8d:68:26:2e:16:6b:1f:c5:a1:e2:6f:ba: e2:89:55:6b:12:b7:f2:55:cd:87:c1:74:af:fc:04: bf:54:47:ee:2f:c6:5a:cf:cc:c0:ec:82:49:78:0f: 6c:45:d5:09:1d:54:8f:b0:51:1d:49:d6:51:e0:a5: 40:c0:1d:e7:54:69:e8:6b:bf:87:e4:64:ea:89:26: 86:d4:61:61:59:ef:c4:3b:80:04:79:4b:64:75:df: 3e:ad:ae:ca:7d:d8:4c:b1:42:7a:82:89:bf:5a:5b: 37:46:d3:cb:5f:4b:b6:85:84:70:74:9d:49:a7:ba: cb:90:aa:0d:fc:36:b1:74:79:c3:72:e1:d5:55:68: aa:83:39:1b:e7:d7:c7:19:3a:86:fd:d1:a4:84:2b: bb:cd:8e:48:8e:88:49:a8:7a:ea:ab:ed:12:b1:ab: 71:07:29:60:de:3d:df:9f:3a:dd:7f:db:2c:da:97: 1f:d1:05:bd:8c:00:c6:37:4e:9e:0f:79:86:7f:28: fb:96:17:63:ab:43:9e:9d:d2:91:94:77:8a:9e:86: a0:0f:37:fb:ba:b3:8b:6f:c0:43:37:69:55:47:45: 78:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:01:63:EC:46:42:6D:38:B1:C5:21:92:69:0C:68:A5:01:56:C9:00 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f1caa71-8276-42c2-bf3a-470ac560fb89.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01d::/37 Signature Algorithm: sha256WithRSAEncryption ac:6b:dd:b9:f3:08:4f:1e:0c:d0:e2:40:59:c1:1e:48:df:7b: 8c:3a:d9:cf:07:3c:ee:dc:82:12:91:a8:e5:ad:12:1d:6e:40: 9b:3f:d8:9c:89:7f:0a:bd:72:df:18:3b:8c:b2:95:53:25:e7: 06:ff:35:75:cf:ba:57:c9:3f:a6:b7:0f:2d:b5:91:92:5a:68: 1d:5c:1b:b9:c8:3f:77:da:a9:8a:70:ae:13:7f:e7:71:9c:a0: 40:aa:5c:83:8c:9f:cf:84:f3:2a:1a:00:eb:8c:9b:96:04:5d: 66:f2:4b:ae:ad:a4:7e:56:3c:f2:97:57:b1:80:b9:87:b2:aa: 21:84:ac:d2:ed:87:32:d7:cf:9c:f1:b8:8b:bc:4a:c0:fd:f7: 26:d4:b7:fe:2e:2d:99:0b:60:84:eb:29:81:de:6f:98:20:5b: 64:14:10:fa:f5:a5:32:2b:e6:29:28:f9:2c:43:e2:9e:88:b8: 0f:bb:91:a0:0a:4a:0d:e6:ca:19:5b:18:0f:66:38:f5:5c:d3: 8f:5a:58:c0:b6:45:9d:43:a2:ec:2a:0e:eb:91:4e:1e:19:28: 64:7a:7d:c1:ab:10:f6:24:dc:ae:72:c3:b1:f1:91:90:77:e0: 77:72:5a:c5:59:08:ab:17:fb:7f:ee:7f:1a:61:35:68:dc:da: 6c:dd:f7:e3 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUVnLbtphPpAFd0VbitSs4ZvNB49swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwMTdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDg2YmQ0MDkwNmU5ZmU3MjVlZTgzNmQxZjYxNzA0Y2Q2M2NhZGMzYWYxNmFj ZDhjOWUwMzAxNzk0NDM3ZGMyNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPOUJTlEBUyJfspuroyxERHHFrriqZaDn8s2rKl296FhjWgmLhZrH8Wh4m+6 4olVaxK38lXNh8F0r/wEv1RH7i/GWs/MwOyCSXgPbEXVCR1Uj7BRHUnWUeClQMAd 51Rp6Gu/h+Rk6okmhtRhYVnvxDuABHlLZHXfPq2uyn3YTLFCeoKJv1pbN0bTy19L toWEcHSdSae6y5CqDfw2sXR5w3Lh1VVoqoM5G+fXxxk6hv3RpIQru82OSI6ISah6 6qvtErGrcQcpYN4935863X/bLNqXH9EFvYwAxjdOng95hn8o+5YXY6tDnp3SkZR3 ip6GoA83+7qzi2/AQzdpVUdFeBcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbAWPs RkJtOLHFIZJpDGilAVbJADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2YxY2FhNzEtODI3Ni00MmMyLWJmM2EtNDcwYWM1NjBmYjg5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0A MA0GCSqGSIb3DQEBCwUAA4IBAQCsa9258whPHgzQ4kBZwR5I33uMOtnPBzzu3IIS kajlrRIdbkCbP9iciX8KvXLfGDuMspVTJecG/zV1z7pXyT+mtw8ttZGSWmgdXBu5 yD932qmKcK4Tf+dxnKBAqlyDjJ/PhPMqGgDrjJuWBF1m8kuuraR+Vjzyl1exgLmH sqohhKzS7Ycy18+c8biLvErA/fcm1Lf+Li2ZC2CE6ymB3m+YIFtkFBD69aUyK+Yp KPksQ+KeiLgPu5GgCkoN5soZWxgPZjj1XNOPWljAtkWdQ6LsKg7rkU4eGShken3B qxD2JNyucsOx8ZGQd+B3clrFWQirF/t/7n8aYTVo3Nps3ffj -----END CERTIFICATE-----Generated at Sat Dec 6 19:19:39 2025 by rpki-client