This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa File: 42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa (raw, json) Hash identifier: lXljQQ5IzTZlcEG4CvArqvT80Zp974mfA0eiiZM72IY= Subject key identifier: F5:93:61:B5:8A:3D:CB:C9:A4:54:67:C9:3B:8F:BB:E0:88:51:C3:2D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6D0FA2E86A1259E25E9A12A5774BB85DF9851F39 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa Signing time: Sat 06 Dec 2025 00:40:07 +0000 ROA not before: Sat 06 Dec 2025 00:40:07 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:9000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:0f:a2:e8:6a:12:59:e2:5e:9a:12:a5:77:4b:b8:5d:f9:85:1f:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 6 00:40:07 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=ee743c1bb4e84e042a1f42fc7f8e9408c20d1ed374d01a41daf1063656258795, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:f8:b4:e6:d8:19:89:a9:38:60:0d:23:f3:1e: 05:95:92:c0:e4:3e:71:42:7c:fd:d5:ac:b0:6a:d2: 82:2c:31:d6:45:90:63:a3:c6:e0:2d:1b:b4:81:ec: 5f:2e:88:89:95:61:b5:1f:a2:11:ab:7e:12:18:7e: e8:34:65:4f:98:f6:15:6c:54:47:8b:e8:99:d2:ee: 67:98:16:e1:d2:a7:c5:b3:5d:27:4a:1a:ab:4a:f8: 44:e8:22:aa:cb:d7:c5:b7:14:48:5c:c8:84:26:df: ba:99:20:3f:a8:e6:c9:a6:03:20:ac:15:ac:9c:85: 98:97:d6:35:32:bb:9b:0c:0d:c5:83:1f:66:da:80: ab:ca:c2:5d:e8:5c:aa:80:55:a8:e2:71:7c:db:0f: 24:c1:32:19:d1:8a:6b:27:d5:26:33:42:10:59:b0: c4:9c:62:b8:0b:6a:9f:0f:6b:f8:af:af:6a:11:c3: c3:a5:9a:a5:5e:61:14:25:64:c1:c6:1b:88:b5:8d: 89:cd:27:b5:31:68:d9:92:ee:31:f4:5c:8a:12:57: da:e8:00:ec:ad:0e:b7:9b:dc:73:6b:e8:ec:2e:a8: 77:ba:73:ce:52:3b:da:38:e2:02:69:b6:40:9d:49: 9b:fc:d7:c6:ea:84:91:dc:30:0f:6e:7f:e9:5f:89: bd:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:93:61:B5:8A:3D:CB:C9:A4:54:67:C9:3B:8F:BB:E0:88:51:C3:2D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/42a2bbbc-4bfd-4172-8004-b90bf9d2de72.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:9000::/48 Signature Algorithm: sha256WithRSAEncryption c9:da:52:22:3c:74:cc:85:53:e8:de:34:13:f4:3f:0f:fb:85: 98:a4:6e:9c:00:4e:ba:bf:5c:7e:cd:82:60:bf:a4:e0:11:da: a9:55:bd:e1:62:f7:35:fc:b8:06:63:b9:60:27:48:e3:77:99: 23:21:fc:e4:ca:ad:b1:1e:bd:6a:30:22:8d:92:cf:dc:86:26: 6b:b7:81:c5:b7:59:78:ed:e1:32:e1:93:f2:15:83:b4:0c:12: 27:25:79:3a:b0:1e:57:3b:c6:a3:04:69:5d:00:9e:a9:b2:56: 32:c1:dd:6f:97:ac:b5:7a:9a:77:08:8e:fe:12:4d:cb:64:15: 2d:4e:5f:0c:4a:cd:b8:e1:b9:2b:2a:13:bf:e9:52:48:86:0c: 3a:45:72:63:48:8f:2f:4e:3d:1a:95:50:c3:13:72:c5:dc:5a: d1:97:67:55:f8:4e:b6:1f:8a:e0:31:45:90:ad:96:33:8e:84: 23:78:d0:63:e1:23:77:66:ad:76:d6:49:f7:6c:57:53:55:61: 33:1a:6c:88:af:1c:21:0b:1d:55:4e:d7:c3:82:08:f3:36:6d: ba:9d:34:6e:1d:05:db:65:79:3b:35:c0:fc:40:be:21:db:89: 8f:64:bf:e0:82:2e:eb:d6:1a:89:63:a1:ca:fe:6a:93:9a:3e: 4f:b1:8b:2c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUbQ+i6GoSWeJemhKld0u4XfmFHzkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDYwMDQwMDdaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQGVlNzQzYzFiYjRlODRlMDQyYTFmNDJmYzdmOGU5NDA4YzIwZDFlZDM3NGQw MWE0MWRhZjEwNjM2NTYyNTg3OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANT4tObYGYmpOGANI/MeBZWSwOQ+cUJ8/dWssGrSgiwx1kWQY6PG4C0btIHs Xy6IiZVhtR+iEat+Ehh+6DRlT5j2FWxUR4vomdLuZ5gW4dKnxbNdJ0oaq0r4ROgi qsvXxbcUSFzIhCbfupkgP6jmyaYDIKwVrJyFmJfWNTK7mwwNxYMfZtqAq8rCXehc qoBVqOJxfNsPJMEyGdGKayfVJjNCEFmwxJxiuAtqnw9r+K+vahHDw6WapV5hFCVk wcYbiLWNic0ntTFo2ZLuMfRcihJX2ugA7K0Ot5vcc2vo7C6od7pzzlI72jjiAmm2 QJ1Jm/zXxuqEkdwwD25/6V+JvRECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT1k2G1 ij3LyaRUZ8k7j7vgiFHDLTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDJhMmJiYmMtNGJmZC00MTcyLTgwMDQtYjkwYmY5ZDJkZTcyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HaQ ADANBgkqhkiG9w0BAQsFAAOCAQEAydpSIjx0zIVT6N40E/Q/D/uFmKRunABOur9c fs2CYL+k4BHaqVW94WL3Nfy4BmO5YCdI43eZIyH85MqtsR69ajAijZLP3IYma7eB xbdZeO3hMuGT8hWDtAwSJyV5OrAeVzvGowRpXQCeqbJWMsHdb5estXqadwiO/hJN y2QVLU5fDErNuOG5KyoTv+lSSIYMOkVyY0iPL049GpVQwxNyxdxa0ZdnVfhOth+K 4DFFkK2WM46EI3jQY+Ejd2atdtZJ92xXU1VhMxpsiK8cIQsdVU7Xw4II8zZtup00 bh0F22V5OzXA/EC+IduJj2S/4IIu69YaiWOhyv5qk5o+T7GLLA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:37 2025 by rpki-client