This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa File: 4498c2d2-5806-4a94-bd91-8de10249561d.roa (raw, json) Hash identifier: 61bJtlMHM2D0VwOF+W2hSXtzLpuJtnT6BDilAd238Zo= Subject key identifier: 17:BB:E5:78:44:87:9B:4F:96:23:FC:80:37:6A:9A:89:A6:F0:BC:8C Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6618EFD45FB0FDF061450FD97FD882FB106D666F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa Signing time: Sat 15 Nov 2025 05:20:10 +0000 ROA not before: Sat 15 Nov 2025 05:20:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d078:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:18:ef:d4:5f:b0:fd:f0:61:45:0f:d9:7f:d8:82:fb:10:6d:66:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=289a98e120f62e6f29eda97d0ad77acd55eb0cc5792b0ec0f124b6c470e29ed9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ab:03:7f:7b:ce:51:f5:f6:df:4f:bc:0c:3b: 9a:09:db:39:45:35:92:23:90:51:e3:26:17:3e:21: 69:4e:32:48:ce:3b:c7:c7:61:32:2e:e7:d4:05:0f: 07:89:6f:3f:0e:22:85:84:f1:21:1c:53:ad:d1:ed: 83:51:bb:d6:e6:e8:72:11:57:b8:51:c4:61:e2:3c: 28:bf:97:94:a4:e0:39:62:db:ed:5a:25:89:b7:25: b1:26:21:ff:a6:09:08:1f:db:ca:2c:e0:64:a8:a2: 0a:e4:30:b6:9a:6b:dd:1c:3e:5d:0e:98:fb:d7:5a: ea:1b:f6:f5:4d:7b:3d:00:80:1a:75:83:6d:aa:27: bb:cb:cd:06:5e:0b:21:a7:b6:bb:82:4a:05:c7:21: 0d:16:0f:c1:f1:01:a0:ec:ac:31:78:f7:32:d3:7f: b4:df:0a:d4:d1:a2:9c:1e:9f:10:35:ed:18:ce:7b: 02:b6:d1:91:47:fb:ca:61:71:2c:f2:33:39:d8:57: 5f:82:b9:de:91:c4:cd:6a:17:f3:d4:85:c3:ff:47: 97:20:46:e9:64:ee:6b:f1:b9:a4:4c:80:67:62:c8: 22:b9:84:9d:98:1a:56:65:b1:6a:4c:36:e2:78:89: 9f:39:1b:2d:44:28:40:04:88:ea:99:c0:b3:c5:a0: 92:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:BB:E5:78:44:87:9B:4F:96:23:FC:80:37:6A:9A:89:A6:F0:BC:8C X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4498c2d2-5806-4a94-bd91-8de10249561d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d078:e000::/40 Signature Algorithm: sha256WithRSAEncryption 83:de:8a:cb:e3:75:a8:85:55:45:37:08:e6:72:7d:3c:c7:f0: be:71:2f:4f:7f:0d:ef:be:1b:f6:7c:1f:7f:1a:a9:db:3f:b8: f0:8f:af:28:f4:c2:20:14:37:d3:0c:75:a5:2f:fa:53:38:0e: 27:e4:48:81:1a:3c:9f:60:b0:5c:59:92:12:37:4a:87:2d:05: e8:79:14:86:ef:e2:7f:8a:50:15:5a:0c:20:63:2e:70:ee:2a: 59:27:ad:71:98:43:6c:25:5a:8c:68:54:74:8f:64:c3:8d:06: ad:eb:1a:f6:00:98:19:fd:f3:1a:95:1b:52:7c:de:f0:b0:68: 25:bb:18:dc:dd:61:d9:9f:e1:3d:f9:35:be:f8:4d:4f:3e:bd: c9:27:9b:28:91:92:ae:0a:3d:4e:68:89:54:a1:42:c9:6a:68: 02:35:37:90:ed:d1:f7:0b:2d:72:fb:02:16:5b:cd:f8:f9:d6: e5:59:e8:17:ad:7b:8d:6a:ce:81:f3:7e:09:1f:37:66:29:c6: 7c:45:26:d1:24:d6:1c:a0:dd:d4:d7:3f:a7:cf:66:d8:11:d5: 10:63:78:b9:56:ed:5f:46:a5:00:f2:ee:e2:a7:a6:c0:00:c5: 4c:ca:fe:44:6e:4e:e0:53:e6:7f:c6:95:b1:cd:ce:09:03:e6: 04:6b:b4:79 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZhjv1F+w/fBhRQ/Zf9iC+xBtZm8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDI4OWE5OGUxMjBmNjJlNmYyOWVkYTk3ZDBhZDc3YWNkNTVlYjBjYzU3OTJi MGVjMGYxMjRiNmM0NzBlMjllZDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANGrA397zlH19t9PvAw7mgnbOUU1kiOQUeMmFz4haU4ySM47x8dhMi7n1AUP B4lvPw4ihYTxIRxTrdHtg1G71ubochFXuFHEYeI8KL+XlKTgOWLb7VolibclsSYh /6YJCB/byizgZKiiCuQwtppr3Rw+XQ6Y+9da6hv29U17PQCAGnWDbaonu8vNBl4L Iae2u4JKBcchDRYPwfEBoOysMXj3MtN/tN8K1NGinB6fEDXtGM57ArbRkUf7ymFx LPIzOdhXX4K53pHEzWoX89SFw/9HlyBG6WTua/G5pEyAZ2LIIrmEnZgaVmWxakw2 4niJnzkbLUQoQASI6pnAs8Wgkk0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXu+V4 RIebT5Yj/IA3apqJpvC8jDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDQ5OGMyZDItNTgwNi00YTk0LWJkOTEtOGRlMTAyNDk1NjFkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hjg MA0GCSqGSIb3DQEBCwUAA4IBAQCD3orL43WohVVFNwjmcn08x/C+cS9Pfw3vvhv2 fB9/GqnbP7jwj68o9MIgFDfTDHWlL/pTOA4n5EiBGjyfYLBcWZISN0qHLQXoeRSG 7+J/ilAVWgwgYy5w7ipZJ61xmENsJVqMaFR0j2TDjQat6xr2AJgZ/fMalRtSfN7w sGgluxjc3WHZn+E9+TW++E1PPr3JJ5sokZKuCj1OaIlUoULJamgCNTeQ7dH3Cy1y +wIWW834+dblWegXrXuNas6B834JHzdmKcZ8RSbRJNYcoN3U1z+nz2bYEdUQY3i5 Vu1fRqUA8u7ip6bAAMVMyv5Ebk7gU+Z/xpWxzc4JA+YEa7R5 -----END CERTIFICATE-----Generated at Sat Dec 6 10:53:24 2025 by rpki-client