This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json) Hash identifier: Yebghx4jxcvm/QEmk5I03SRtCqSq353dTBwmw1fFBIs= Subject key identifier: 46:72:40:4E:70:3D:B4:2A:67:B7:4A:5B:32:DF:44:E2:93:A1:56:C0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 635343CBDDCE09985CE5D94A6C3C769B8920CD4F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa Signing time: Wed 10 Dec 2025 06:20:11 +0000 ROA not before: Wed 10 Dec 2025 06:20:11 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:8040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:53:43:cb:dd:ce:09:98:5c:e5:d9:4a:6c:3c:76:9b:89:20:cd:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:20:11 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=c28e1fa520faffe7be1b30756d7d3e41972db0e4784983911691c488a37cdabd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:7c:57:13:48:02:c2:b1:95:44:05:12:96:94: 96:74:64:f7:6a:c6:97:ea:15:e2:be:6e:6c:c0:5f: b5:d6:4a:c3:0d:a9:d5:7e:ad:b2:1d:ba:04:80:13: 26:02:d1:2e:a0:25:ae:4c:03:e4:da:bb:1b:09:e3: 71:81:6f:34:a2:06:6e:49:70:25:de:6a:a1:85:f5: 52:6b:1a:9a:fa:b2:1e:a1:91:57:46:38:96:04:e2: 90:8a:af:bd:eb:c1:09:48:e9:a0:76:2d:58:36:75: 29:8c:30:f8:ea:94:46:fd:82:c3:4e:6d:9c:0e:2d: 99:5d:83:fb:17:78:77:01:ba:96:71:ec:46:b2:2b: b2:7d:a7:d6:f8:de:34:84:6f:e5:e7:1b:5b:53:56: 0f:f5:5f:7b:5f:50:cb:4f:85:3d:ee:15:6a:e6:85: 1b:a0:35:dd:46:1e:57:23:d1:9c:9c:c3:5b:6d:b4: d0:2f:74:f8:35:9b:ed:e2:ca:aa:e3:47:d5:8f:3d: 53:6d:d2:06:95:cf:c5:17:aa:68:ec:52:e3:27:f2: 0e:22:8c:18:1f:5b:69:25:a2:d8:7d:be:9c:a0:02: 4b:68:c3:28:fd:8c:11:62:d5:03:44:71:a5:47:9f: 44:27:72:53:a0:99:7b:27:b4:5d:46:42:2e:27:8d: ca:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:72:40:4E:70:3D:B4:2A:67:B7:4A:5B:32:DF:44:E2:93:A1:56:C0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:8040::/48 Signature Algorithm: sha256WithRSAEncryption 92:57:9f:47:27:c4:f6:fc:8e:12:4c:94:65:eb:74:af:3c:18: 9a:37:a1:cd:0a:4d:b7:16:e6:0e:88:54:f6:80:b1:cc:2d:49: 8a:24:50:30:de:35:fd:b6:37:fa:8f:a1:7d:e2:1b:c4:0c:b4: 09:18:b6:b0:10:81:5f:65:de:4f:37:06:a6:b4:a7:18:23:ee: fe:a3:3e:a0:09:e4:40:ef:89:88:9f:e0:65:19:46:94:2e:9e: 72:02:a7:a7:7a:02:ab:6a:2b:3d:0d:b7:47:dc:6f:94:f8:cb: 9f:d4:25:50:86:dd:de:02:01:d2:84:c6:60:77:47:a6:c4:a7: bd:db:b5:77:68:cd:b7:13:bf:10:90:a3:71:23:95:07:ab:4c: cc:e6:cd:02:15:64:79:bd:2d:b4:f2:11:dd:a2:42:d2:07:b2: a8:2e:3e:87:a9:fd:d3:56:66:1e:60:18:15:5e:45:e8:7d:cb: 66:05:54:2f:98:40:83:be:92:17:2f:84:7b:6e:6f:6e:07:d9: 33:b4:0b:fb:c0:a8:e5:88:bd:03:c3:da:3c:e1:05:7a:d1:e1: 80:07:3b:8b:16:af:f6:7d:2a:4c:ee:9e:6c:d3:e7:f6:05:88: 52:5a:41:d0:f4:21:14:a0:48:a0:20:2a:4e:de:75:73:86:33: 32:e5:15:c2 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUY1NDy93OCZhc5dlKbDx2m4kgzU8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjIwMTFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGMyOGUxZmE1MjBmYWZmZTdiZTFiMzA3NTZkN2QzZTQxOTcyZGIwZTQ3ODQ5 ODM5MTE2OTFjNDg4YTM3Y2RhYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALJ8VxNIAsKxlUQFEpaUlnRk92rGl+oV4r5ubMBftdZKww2p1X6tsh26BIAT JgLRLqAlrkwD5Nq7GwnjcYFvNKIGbklwJd5qoYX1UmsamvqyHqGRV0Y4lgTikIqv vevBCUjpoHYtWDZ1KYww+OqURv2Cw05tnA4tmV2D+xd4dwG6lnHsRrIrsn2n1vje NIRv5ecbW1NWD/Vfe19Qy0+FPe4VauaFG6A13UYeVyPRnJzDW2200C90+DWb7eLK quNH1Y89U23SBpXPxReqaOxS4yfyDiKMGB9baSWi2H2+nKACS2jDKP2MEWLVA0Rx pUefRCdyU6CZeye0XUZCLieNyvUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRGckBO cD20Kme3Slsy30Tik6FWwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA QDANBgkqhkiG9w0BAQsFAAOCAQEAklefRyfE9vyOEkyUZet0rzwYmjehzQpNtxbm DohU9oCxzC1JiiRQMN41/bY3+o+hfeIbxAy0CRi2sBCBX2XeTzcGprSnGCPu/qM+ oAnkQO+JiJ/gZRlGlC6ecgKnp3oCq2orPQ23R9xvlPjLn9QlUIbd3gIB0oTGYHdH psSnvdu1d2jNtxO/EJCjcSOVB6tMzObNAhVkeb0ttPIR3aJC0geyqC4+h6n901Zm HmAYFV5F6H3LZgVUL5hAg76SFy+Ee25vbgfZM7QL+8Co5Yi9A8PaPOEFetHhgAc7 ixav9n0qTO6ebNPn9gWIUlpB0PQhFKBIoCAqTt51c4YzMuUVwg== -----END CERTIFICATE-----Generated at Mon Dec 15 15:29:11 2025 by rpki-client