This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa File: 404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa (raw, json) Hash identifier: ZK0+GJEpq9vfBl/WilaTynaJ3b9CtV4KFN4ivVDlu4U= Subject key identifier: EB:79:25:69:0D:3C:43:3D:68:BB:6E:3F:64:B8:E7:D1:6F:51:D7:D1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 73B056C7C5ED1AA96E7DCF3C7E5654781D09BCC5 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa Signing time: Wed 10 Dec 2025 06:10:45 +0000 ROA not before: Wed 10 Dec 2025 06:10:45 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d017::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:b0:56:c7:c5:ed:1a:a9:6e:7d:cf:3c:7e:56:54:78:1d:09:bc:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:10:45 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=91aaa09edee9c774c66b71819535f204ce84284eceedc9c213a575bdd68bf298, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:48:aa:78:9e:53:da:28:e2:f1:8b:4c:fc:8f: ac:ec:18:f9:d2:13:05:64:89:6c:77:74:7a:ac:c6: c1:22:f4:97:01:38:c4:8a:ca:b5:b4:40:d5:57:e3: 92:df:54:43:73:d6:79:c0:84:f8:93:72:49:00:74: 9b:5f:78:79:ec:ba:9a:74:ed:63:67:0a:7d:bd:99: 55:62:9d:e9:b2:61:76:f7:11:09:d7:9f:ec:10:f8: fc:6f:3a:5a:57:82:33:87:d0:a2:d9:29:e3:79:db: 52:65:32:fc:9f:eb:8d:13:2f:51:d8:6d:fe:49:a1: e1:d5:d3:80:3d:ec:0c:6a:ff:f9:cf:45:91:b3:55: d3:3f:7c:6d:6f:a8:26:90:a7:cc:74:85:a6:e0:ec: 48:e2:10:cf:07:39:57:5f:37:e7:86:92:b6:cd:38: d5:44:f4:e1:fc:34:b3:79:e6:85:a3:0b:f4:9d:40: 24:e2:fd:5d:79:d4:1f:ef:36:2d:a8:6c:47:ad:93: ac:53:19:10:8e:24:11:e7:fb:24:93:2c:09:e4:83: 24:2a:3a:92:77:32:e6:c5:c9:fa:0a:76:fd:2d:05: 09:3a:e2:38:45:b8:19:73:92:c5:b2:3d:66:16:21: 2f:01:67:fa:33:43:fa:cd:d7:2f:68:7a:d9:7f:92: 1e:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:79:25:69:0D:3C:43:3D:68:BB:6E:3F:64:B8:E7:D1:6F:51:D7:D1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d017::/36 Signature Algorithm: sha256WithRSAEncryption 41:2c:67:72:71:01:ef:3e:12:04:63:97:d8:55:64:f0:13:f0: 3b:53:96:d4:66:bc:f8:23:d3:e6:40:6e:fe:81:54:8f:93:ae: 5c:d7:66:73:a1:8e:3e:65:85:ee:d2:a7:3d:65:26:36:a8:66: 03:af:b9:d2:41:c2:8f:46:b8:42:7f:84:ca:7a:fc:a7:0b:cc: 52:c1:40:a4:8a:30:46:00:c0:72:1e:ae:2a:a3:fa:9f:85:c8: 4f:cf:27:45:9c:06:68:b0:72:36:cb:09:8a:f2:72:30:87:ef: c9:66:32:e3:b8:62:9c:25:80:79:51:0a:49:ce:a0:db:58:93: 82:13:2a:8f:5f:6c:90:7b:a3:bd:34:6a:ef:01:30:90:5b:64: 94:ba:61:88:32:01:ac:9a:a6:a2:28:a9:60:cb:a6:e0:1d:b9: 12:f6:fe:2d:04:03:be:37:4a:66:bb:c8:46:24:ec:6e:f6:5b: 78:95:0d:66:4d:69:66:58:ee:b8:0d:4e:65:8a:7f:88:76:f0: 19:ca:e8:02:ba:3e:68:89:09:93:c8:e8:a6:22:99:61:88:a5: 99:1e:00:d7:d7:57:90:6a:58:7f:08:8d:f4:df:8c:14:8a:94: e5:ba:fd:21:5e:a7:da:fc:67:be:fc:dd:4b:fd:6e:a7:0b:80: 4d:9f:46:cc -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUc7BWx8XtGqlufc88flZUeB0JvMUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjEwNDVaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDkxYWFhMDllZGVlOWM3NzRjNjZiNzE4MTk1MzVmMjA0Y2U4NDI4NGVjZWVk YzljMjEzYTU3NWJkZDY4YmYyOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALlIqnieU9oo4vGLTPyPrOwY+dITBWSJbHd0eqzGwSL0lwE4xIrKtbRA1Vfj kt9UQ3PWecCE+JNySQB0m194eey6mnTtY2cKfb2ZVWKd6bJhdvcRCdef7BD4/G86 WleCM4fQotkp43nbUmUy/J/rjRMvUdht/kmh4dXTgD3sDGr/+c9FkbNV0z98bW+o JpCnzHSFpuDsSOIQzwc5V18354aSts041UT04fw0s3nmhaML9J1AJOL9XXnUH+82 LahsR62TrFMZEI4kEef7JJMsCeSDJCo6kncy5sXJ+gp2/S0FCTriOEW4GXOSxbI9 ZhYhLwFn+jND+s3XL2h62X+SHn8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTreSVp DTxDPWi7bj9kuOfRb1HX0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDA0ZWYxYWYtZTA1Mi00MWI4LWEwYmYtNzBlM2ZhMGFhMDUyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BcA MA0GCSqGSIb3DQEBCwUAA4IBAQBBLGdycQHvPhIEY5fYVWTwE/A7U5bUZrz4I9Pm QG7+gVSPk65c12ZzoY4+ZYXu0qc9ZSY2qGYDr7nSQcKPRrhCf4TKevynC8xSwUCk ijBGAMByHq4qo/qfhchPzydFnAZosHI2ywmK8nIwh+/JZjLjuGKcJYB5UQpJzqDb WJOCEyqPX2yQe6O9NGrvATCQW2SUumGIMgGsmqaiKKlgy6bgHbkS9v4tBAO+N0pm u8hGJOxu9lt4lQ1mTWlmWO64DU5lin+IdvAZyugCuj5oiQmTyOimIplhiKWZHgDX 11eQalh/CI3034wUipTluv0hXqfa/Ge+/N1L/W6nC4BNn0bM -----END CERTIFICATE-----Generated at Mon Dec 15 15:34:39 2025 by rpki-client