This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa File: 44d8b686-7db5-4309-8f09-3af611be3753.roa (raw, json) Hash identifier: cQtCivlcUkd/iRYXAWy6bwv5u+OT6D76dMQBg8KepqQ= Subject key identifier: 92:79:FA:E6:53:9C:09:56:E7:34:79:38:C8:74:49:FA:C2:31:A7:75 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 101076FA9820AB8F4E49981E9EAEB033C116AF62 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa Signing time: Wed 10 Dec 2025 05:20:33 +0000 ROA not before: Wed 10 Dec 2025 05:20:33 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07a:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:10:76:fa:98:20:ab:8f:4e:49:98:1e:9e:ae:b0:33:c1:16:af:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:20:33 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=84b1412db77b31497bb71b7c78688197adbc515a0c6cbfa30b96e156c711d047, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d4:49:40:d2:f7:42:c3:8d:09:f6:b5:d4:2c: 42:88:37:f1:97:e2:94:59:66:87:16:de:73:dd:3f: 40:31:1f:39:d3:e2:3f:6e:d2:72:3b:57:62:45:49: 62:3f:8c:13:31:1d:5e:1e:06:63:4b:08:07:1a:35: b8:ec:b6:c5:ba:bf:65:0f:0a:fd:f0:cd:99:b0:c0: 2f:4f:b5:70:2f:c9:f0:c2:a6:18:00:4e:b4:29:47: 00:f3:76:55:ea:52:26:96:6e:7e:24:81:81:12:c6: 1d:73:fe:73:a8:a0:b8:17:18:69:51:23:d1:3e:ac: 67:56:f6:de:51:0a:2c:b7:70:08:3e:ca:18:f3:4c: 39:f8:45:22:8f:f9:9d:23:18:14:f1:7c:73:fc:7a: 2d:5c:bd:7b:33:1b:3b:9b:80:63:10:b1:08:3d:b8: 87:c9:4e:22:68:d0:1f:38:04:f3:ab:e6:1d:12:b1: 27:a7:04:6d:e3:0d:ae:56:c7:94:75:2c:65:8c:9d: 6b:52:9a:e6:6c:03:2d:c9:42:56:f4:fd:f4:db:07: cc:53:ea:d9:3a:f1:67:22:4e:b0:92:e8:a6:3f:67: e0:25:b5:95:18:da:9a:b8:44:ce:a7:d3:f7:02:53: 79:fe:bc:7d:f0:ee:16:0b:02:b7:31:8e:48:fb:73: 58:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:79:FA:E6:53:9C:09:56:E7:34:79:38:C8:74:49:FA:C2:31:A7:75 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07a:c000::/40 Signature Algorithm: sha256WithRSAEncryption 4f:34:1c:1a:f1:a5:27:ec:58:32:f1:5c:0c:fa:3e:b7:95:d9: 3a:20:cf:0a:59:f2:4b:f1:f3:2d:68:49:13:26:52:86:f2:18: 5c:f6:22:19:28:8f:9d:ab:da:7a:8d:da:dc:68:75:6f:14:fb: 50:d7:2d:76:fe:0f:30:78:99:97:47:60:c5:fd:9d:37:13:c0: f6:5a:09:c3:76:9e:6b:f7:ce:3d:73:08:71:ec:51:ac:71:a1: cb:8e:57:53:d4:6d:10:81:6f:be:58:73:af:e8:1d:c2:c8:cd: fc:1d:89:8d:00:9a:32:bd:ff:9d:1f:8f:db:c5:e3:75:75:a2: f2:65:20:e6:f7:3a:1d:66:fc:f8:de:0f:1b:13:c9:fb:14:06: 43:8a:00:19:c1:e2:f9:0b:f4:b7:06:05:56:af:f1:29:ac:bb: 7a:0e:93:f5:c5:4c:ca:98:7a:d8:be:a9:28:b6:53:b4:b3:eb: ca:05:0c:fd:79:a6:10:99:f8:fe:76:be:8a:ad:19:42:c1:db: 0b:50:65:35:8f:3c:1a:bd:93:55:50:58:d6:10:30:99:75:05: ef:8f:31:c7:00:69:00:2d:62:92:6b:33:e7:9f:63:d9:13:cb: 7e:0f:30:48:f4:ba:2a:16:39:d9:d7:80:c3:e7:be:0c:ae:40: 7b:ae:7a:c8 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEBB2+pggq49OSZgenq6wM8EWr2IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTIwMzNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDg0YjE0MTJkYjc3YjMxNDk3YmI3MWI3Yzc4Njg4MTk3YWRiYzUxNWEwYzZj YmZhMzBiOTZlMTU2YzcxMWQwNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMDUSUDS90LDjQn2tdQsQog38ZfilFlmhxbec90/QDEfOdPiP27ScjtXYkVJ Yj+MEzEdXh4GY0sIBxo1uOy2xbq/ZQ8K/fDNmbDAL0+1cC/J8MKmGABOtClHAPN2 VepSJpZufiSBgRLGHXP+c6iguBcYaVEj0T6sZ1b23lEKLLdwCD7KGPNMOfhFIo/5 nSMYFPF8c/x6LVy9ezMbO5uAYxCxCD24h8lOImjQHzgE86vmHRKxJ6cEbeMNrlbH lHUsZYyda1Ka5mwDLclCVvT99NsHzFPq2TrxZyJOsJLopj9n4CW1lRjamrhEzqfT 9wJTef68ffDuFgsCtzGOSPtzWDsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSSefrm U5wJVuc0eTjIdEn6wjGndTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDRkOGI2ODYtN2RiNS00MzA5LThmMDktM2FmNjExYmUzNzUzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HrA MA0GCSqGSIb3DQEBCwUAA4IBAQBPNBwa8aUn7Fgy8VwM+j63ldk6IM8KWfJL8fMt aEkTJlKG8hhc9iIZKI+dq9p6jdrcaHVvFPtQ1y12/g8weJmXR2DF/Z03E8D2WgnD dp5r9849cwhx7FGscaHLjldT1G0QgW++WHOv6B3CyM38HYmNAJoyvf+dH4/bxeN1 daLyZSDm9zodZvz43g8bE8n7FAZDigAZweL5C/S3BgVWr/EprLt6DpP1xUzKmHrY vqkotlO0s+vKBQz9eaYQmfj+dr6KrRlCwdsLUGU1jzwavZNVUFjWEDCZdQXvjzHH AGkALWKSazPnn2PZE8t+DzBI9LoqFjnZ14DD574MrkB7rnrI -----END CERTIFICATE-----Generated at Mon Dec 15 15:35:35 2025 by rpki-client