This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa File: 404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa (raw, json) Hash identifier: mUHxQL8ETigAZg56USNRF7LlqSzE4MrHpFryuaAsDyc= Subject key identifier: B6:77:12:67:47:A2:7E:4E:C1:12:57:C2:FF:00:6E:97:84:9B:F4:DD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3CE85141EBDB90D7A605ED05C3D195CC27797160 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa Signing time: Sat 15 Nov 2025 06:10:10 +0000 ROA not before: Sat 15 Nov 2025 06:10:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d017::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:e8:51:41:eb:db:90:d7:a6:05:ed:05:c3:d1:95:cc:27:79:71:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=13284b75a177a8c1f5e052af4c10fe02c649debd9be1c8cab42202dffb612ee3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:60:23:fa:21:ac:83:b6:48:18:25:98:27:ef: 7e:97:3e:7e:86:17:e6:f1:0c:df:31:5c:c8:39:1b: bd:eb:96:80:de:9a:4f:de:02:80:bd:72:18:7c:c7: af:1f:1a:93:d2:88:1d:2c:9b:3c:0a:6b:37:7c:9e: 6b:d6:44:b2:4b:8d:cb:13:51:9c:f8:a6:a9:b9:ff: 0f:e7:81:8c:74:0d:fe:eb:5a:c2:34:f8:18:10:02: 56:eb:0e:f0:34:7d:a8:52:a7:a4:4b:17:84:76:c2: 47:44:9f:85:8d:e0:92:bb:57:da:ad:4a:33:79:7e: df:c7:18:7d:ba:dc:eb:e3:2f:b1:68:f6:3d:85:57: 91:78:1d:c1:05:2c:17:2e:02:fd:74:37:50:d4:b9: 91:0c:6e:ed:be:63:d4:4c:f9:81:b8:d2:74:28:f3: ed:ca:cd:e7:3b:99:e3:a8:41:0c:54:01:46:d8:10: f3:3f:61:73:2f:88:69:26:1b:64:91:51:d6:b8:cd: df:73:7a:5a:6e:71:90:d1:cd:d9:f4:0d:c3:af:b9: e6:75:54:8e:f7:ee:28:fe:a8:df:b0:de:49:fe:35: 81:31:97:58:dd:8d:5b:97:b9:98:5c:7d:e6:f1:bf: 9d:5e:51:ea:0c:8c:b6:67:8a:8e:91:52:da:9f:75: ee:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:77:12:67:47:A2:7E:4E:C1:12:57:C2:FF:00:6E:97:84:9B:F4:DD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d017::/36 Signature Algorithm: sha256WithRSAEncryption 5f:61:1b:53:a6:14:94:48:c6:54:bb:97:cf:08:ab:4b:36:d8: a2:94:be:bb:b5:14:11:f7:97:e2:eb:42:1a:2d:ef:b1:78:36: 02:cf:85:90:ff:b2:84:ba:f6:d2:46:70:ef:1c:46:db:27:81: 1f:aa:a4:e0:d9:70:de:9b:1c:81:48:3d:21:aa:63:3e:b1:cf: 41:c1:1a:d6:26:ef:09:58:1a:0d:5b:8c:2d:59:85:7c:8b:6f: c5:e2:59:78:ab:83:62:9b:ea:ae:09:42:73:f6:8a:ac:c8:8b: 67:a1:87:d3:d2:8a:c8:d2:42:61:24:70:7b:ab:48:8e:4f:3d: 37:2c:0c:b4:98:00:b0:74:11:f0:b5:75:f9:16:1b:73:90:78: 8b:0b:e9:e9:ca:39:a2:ba:d0:e6:df:75:97:50:85:b8:c9:ed: 8b:0d:5d:c2:4a:97:db:ca:e5:50:b2:d2:af:69:6e:7e:64:24: 11:41:b2:ae:7e:1a:ae:c4:52:10:72:db:9d:ce:55:9f:98:99: 71:6d:7f:de:01:53:40:de:02:b8:b3:2c:86:eb:0c:41:12:a2: e7:22:34:9d:55:ad:a1:db:71:22:75:b4:ac:8d:02:a3:d8:9b: 20:13:73:a6:ad:d6:29:4f:fb:4c:96:4e:6f:a1:bc:24:f6:7a: f0:f1:68:8e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPOhRQevbkNemBe0Fw9GVzCd5cWAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDEzMjg0Yjc1YTE3N2E4YzFmNWUwNTJhZjRjMTBmZTAyYzY0OWRlYmQ5YmUx YzhjYWI0MjIwMmRmZmI2MTJlZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPZgI/ohrIO2SBglmCfvfpc+foYX5vEM3zFcyDkbveuWgN6aT94CgL1yGHzH rx8ak9KIHSybPAprN3yea9ZEskuNyxNRnPimqbn/D+eBjHQN/utawjT4GBACVusO 8DR9qFKnpEsXhHbCR0SfhY3gkrtX2q1KM3l+38cYfbrc6+MvsWj2PYVXkXgdwQUs Fy4C/XQ3UNS5kQxu7b5j1Ez5gbjSdCjz7crN5zuZ46hBDFQBRtgQ8z9hcy+IaSYb ZJFR1rjN33N6Wm5xkNHN2fQNw6+55nVUjvfuKP6o37DeSf41gTGXWN2NW5e5mFx9 5vG/nV5R6gyMtmeKjpFS2p917uMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2dxJn R6J+TsESV8L/AG6XhJv03TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDA0ZWYxYWYtZTA1Mi00MWI4LWEwYmYtNzBlM2ZhMGFhMDUyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BcA MA0GCSqGSIb3DQEBCwUAA4IBAQBfYRtTphSUSMZUu5fPCKtLNtiilL67tRQR95fi 60IaLe+xeDYCz4WQ/7KEuvbSRnDvHEbbJ4EfqqTg2XDemxyBSD0hqmM+sc9BwRrW Ju8JWBoNW4wtWYV8i2/F4ll4q4Nim+quCUJz9oqsyItnoYfT0orI0kJhJHB7q0iO Tz03LAy0mACwdBHwtXX5FhtzkHiLC+npyjmiutDm33WXUIW4ye2LDV3CSpfbyuVQ stKvaW5+ZCQRQbKufhquxFIQctudzlWfmJlxbX/eAVNA3gK4syyG6wxBEqLnIjSd Va2h23EidbSsjQKj2JsgE3OmrdYpT/tMlk5vobwk9nrw8WiO -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:48 2025 by rpki-client