This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa File: 455182aa-6d74-4447-81a6-6be09732e55d.roa (raw, json) Hash identifier: 8tsDxrfpvVVw0b76TUMih8TAV4H9UExOgovBX/NYSds= Subject key identifier: 2F:CE:B5:5B:D7:30:3F:0E:09:13:15:6E:3A:F2:7D:B4:2D:F2:B2:F0 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0B57D76F276269A157D01B15DBA3D2AAE12F50C0 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa Signing time: Wed 10 Dec 2025 05:41:03 +0000 ROA not before: Wed 10 Dec 2025 05:41:03 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01e:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:57:d7:6f:27:62:69:a1:57:d0:1b:15:db:a3:d2:aa:e1:2f:50:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:41:03 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=828d03eab006a94d912f791731de8c2f97c3b5d838fca41e3baf190fab0aadc5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:63:59:b8:df:a8:b9:c2:47:a6:2d:d7:c0:50: 3e:17:f6:6b:3a:a9:1f:5d:69:13:e6:32:e1:4f:07: 66:50:88:60:9a:05:a1:3c:13:d1:00:6c:25:af:7e: 54:b6:74:39:81:3a:a3:aa:3b:17:df:29:09:c2:18: de:a5:e8:73:26:f9:9e:a4:a3:57:08:e6:61:90:47: f7:80:80:35:27:dd:30:7a:a3:02:de:65:9d:0a:66: 11:0b:36:11:b9:6a:ce:6b:92:08:1c:d0:a0:ab:e2: 14:c4:a3:0c:c8:d1:4c:4d:a8:5e:ed:0b:30:2d:57: 2f:be:db:28:0f:8a:86:ee:16:e2:21:9a:6c:79:e8: 2c:9d:0e:1e:d5:3b:d6:7f:77:72:45:00:ad:f9:98: 5c:d5:7a:16:66:d7:1a:80:4d:9f:63:be:5b:db:7b: d9:0c:a9:db:cf:dc:a0:52:63:9d:6f:26:ed:52:97: 11:f9:8a:ab:81:77:1c:e4:85:ae:d7:4f:23:9f:95: 4e:e3:43:45:4d:42:8a:57:ff:f5:07:3e:09:93:1f: e1:a6:d0:da:e7:88:ba:bb:2d:e6:6f:9b:10:00:55: 05:96:fc:bc:a9:32:25:4d:53:0f:19:ac:96:e3:60: c1:f2:cb:d9:f1:ab:79:3d:f1:8a:8b:20:dc:6b:3e: 91:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:CE:B5:5B:D7:30:3F:0E:09:13:15:6E:3A:F2:7D:B4:2D:F2:B2:F0 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/455182aa-6d74-4447-81a6-6be09732e55d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01e:c00::/38 Signature Algorithm: sha256WithRSAEncryption 46:4b:bf:05:46:92:e9:9a:86:a4:b7:e5:68:8d:1e:97:00:e9: d7:d1:d5:b4:43:58:85:3a:f3:e6:79:50:e0:46:00:62:6a:a3: 27:99:1e:73:7d:bb:24:54:25:11:0a:f8:d5:4d:58:f5:cd:ef: 65:95:7e:aa:c4:ee:17:a1:c7:c5:11:f8:65:3c:08:14:61:0c: 81:be:14:82:0c:b6:50:e8:18:53:0e:ce:46:ab:f3:67:a3:42: 29:e4:b6:01:e5:6a:42:71:05:85:76:cd:c9:cc:80:37:29:51: 59:5c:d1:f4:00:42:ca:b1:88:3f:09:35:e9:fb:69:84:a1:d0: 59:78:d0:c8:90:d8:0e:cb:9f:b0:29:44:c8:e4:83:53:0f:d9: 09:87:cd:08:5e:0a:77:ef:fb:d6:7f:78:08:58:b7:50:1c:bd: e6:ea:45:fd:c8:30:37:da:24:04:d5:83:1d:86:5f:0a:3b:8f: 7f:fe:bf:1b:fd:07:7f:a7:50:42:dc:df:bc:22:27:7c:44:ac: ba:d2:6f:d6:7c:2b:da:8c:ec:c2:ac:c6:ed:91:b9:f4:b0:43: 67:e0:20:38:e5:da:b6:73:fb:e7:8d:39:fc:6b:3e:37:c5:a3: 58:f0:6d:b3:9f:87:b8:b9:c3:da:68:d2:ed:6d:ed:1e:92:be: a8:71:12:8b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUC1fXbydiaaFX0BsV26PSquEvUMAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQxMDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDgyOGQwM2VhYjAwNmE5NGQ5MTJmNzkxNzMxZGU4YzJmOTdjM2I1ZDgzOGZj YTQxZTNiYWYxOTBmYWIwYWFkYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKNjWbjfqLnCR6Yt18BQPhf2azqpH11pE+Yy4U8HZlCIYJoFoTwT0QBsJa9+ VLZ0OYE6o6o7F98pCcIY3qXocyb5nqSjVwjmYZBH94CANSfdMHqjAt5lnQpmEQs2 EblqzmuSCBzQoKviFMSjDMjRTE2oXu0LMC1XL77bKA+Khu4W4iGabHnoLJ0OHtU7 1n93ckUArfmYXNV6FmbXGoBNn2O+W9t72Qyp28/coFJjnW8m7VKXEfmKq4F3HOSF rtdPI5+VTuNDRU1Cilf/9Qc+CZMf4abQ2ueIurst5m+bEABVBZb8vKkyJU1TDxms luNgwfLL2fGreT3xiosg3Gs+kZ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvzrVb 1zA/DgkTFW468n20LfKy8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDU1MTgyYWEtNmQ3NC00NDQ3LTgxYTYtNmJlMDk3MzJlNTVkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4M MA0GCSqGSIb3DQEBCwUAA4IBAQBGS78FRpLpmoakt+VojR6XAOnX0dW0Q1iFOvPm eVDgRgBiaqMnmR5zfbskVCURCvjVTVj1ze9llX6qxO4XocfFEfhlPAgUYQyBvhSC DLZQ6BhTDs5Gq/Nno0Ip5LYB5WpCcQWFds3JzIA3KVFZXNH0AELKsYg/CTXp+2mE odBZeNDIkNgOy5+wKUTI5INTD9kJh80IXgp37/vWf3gIWLdQHL3m6kX9yDA32iQE 1YMdhl8KO49//r8b/Qd/p1BC3N+8Iid8RKy60m/WfCvajOzCrMbtkbn0sENn4CA4 5dq2c/vnjTn8az43xaNY8G2zn4e4ucPaaNLtbe0ekr6ocRKL -----END CERTIFICATE-----Generated at Mon Dec 15 17:06:10 2025 by rpki-client