This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa File: 45c6591c-1ba0-4769-9e6a-11566f006613.roa (raw, json) Hash identifier: SVSUkjWHMH3YKRD1WQEoK7vblKXKsLpNFRJjZMYNPCg= Subject key identifier: 86:42:BE:B2:2D:E8:9B:01:86:FD:7B:6B:F8:56:03:96:79:26:77:43 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2BCBD711A83E48B14A8BEB5CA17A482BAB549068 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa Signing time: Sat 15 Nov 2025 05:50:50 +0000 ROA not before: Sat 15 Nov 2025 05:50:50 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:90c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:cb:d7:11:a8:3e:48:b1:4a:8b:eb:5c:a1:7a:48:2b:ab:54:90:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:50 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=08ca54cdf20659a5db6a0a2eb19f1eba67c1f3e9be459fd8789c8f5f292a8cd5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:68:b4:87:e2:c0:a8:4b:18:24:d1:f9:4d:f5: ba:46:53:87:74:e0:af:3b:de:b5:3e:2b:10:24:de: 45:d6:1c:c6:1e:f1:55:71:bb:5a:46:83:55:dc:56: 51:0e:b7:e6:98:5e:cd:e3:e6:e6:5b:ec:d6:82:fd: 6f:78:56:fb:44:6a:83:f5:51:9a:fe:a1:71:c5:18: cf:7f:d5:2c:7e:44:5d:c4:5c:51:ed:29:3d:48:06: b4:02:a2:fc:58:14:08:9e:f6:10:6f:8b:56:27:90: 53:54:0c:10:89:0a:35:46:b3:64:7f:97:69:7e:b9: ca:a0:6b:43:ae:2f:63:60:bc:22:1a:49:77:2c:55: f9:49:69:f2:c1:19:3e:4d:f8:e5:2c:4f:84:8f:33: 4b:b9:64:76:16:5c:15:8b:1c:6f:f0:38:ad:bb:ff: 74:a5:97:15:f3:c8:bf:24:c5:ba:3b:1e:f2:2b:8f: 32:07:e6:39:c3:7d:2a:e1:f3:0b:72:d5:dd:3b:3b: b3:1c:bc:34:6d:19:2f:1b:5a:06:d6:97:3d:29:41: 6e:f9:e4:2c:6c:90:2b:46:a3:d2:e5:d9:17:7f:58: 26:4c:91:7b:99:e9:1a:98:94:32:47:7f:66:e8:26: ae:bd:a4:2e:d1:02:d0:c5:5a:f2:fa:47:30:9c:17: f9:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:42:BE:B2:2D:E8:9B:01:86:FD:7B:6B:F8:56:03:96:79:26:77:43 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/45c6591c-1ba0-4769-9e6a-11566f006613.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:90c0::/48 Signature Algorithm: sha256WithRSAEncryption 50:45:40:52:4e:3d:f7:08:f8:fe:1d:df:0d:9f:ed:02:68:09: 41:bc:75:f2:e0:e1:db:f5:66:5b:76:9b:76:30:a0:df:d6:47: 17:55:9e:de:54:99:92:43:6e:36:53:83:fb:2f:f4:59:0a:d0: 65:08:00:7b:75:83:89:fd:eb:e9:92:55:e5:ed:dc:1d:55:2f: b2:af:0c:b4:d4:88:3a:89:18:66:a9:ad:4b:23:03:34:e9:a2: d2:43:12:c6:eb:69:3b:af:83:22:41:9a:36:fb:7c:c8:94:c2: f1:78:2e:26:92:b0:91:6d:58:d2:b2:a6:cc:f6:34:c3:53:f8: 8d:52:a3:fb:b8:87:d1:cd:2a:b8:1e:50:c4:6a:e0:da:c6:2b: aa:10:a6:ef:7a:8a:37:c5:26:9c:f4:38:27:17:a5:37:47:4e: e1:ba:37:b7:2a:cc:f6:0d:bc:a5:81:6d:80:31:85:36:f8:13: 7d:30:61:28:ef:ab:b7:fe:e2:8d:92:0a:06:97:af:7e:4b:62: c4:4e:d9:82:16:45:c3:07:5b:92:5b:78:92:12:69:9e:a9:50: f5:88:2f:65:8e:ff:aa:d0:fc:38:e4:27:62:1b:18:43:34:62: d7:79:1d:8f:2a:12:e9:35:09:b7:27:6d:80:1d:47:31:06:cb: 89:5d:ea:a0 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUK8vXEag+SLFKi+tcoXpIK6tUkGgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwNTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDA4Y2E1NGNkZjIwNjU5YTVkYjZhMGEyZWIxOWYxZWJhNjdjMWYzZTliZTQ1 OWZkODc4OWM4ZjVmMjkyYThjZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMVotIfiwKhLGCTR+U31ukZTh3TgrzvetT4rECTeRdYcxh7xVXG7WkaDVdxW UQ635phezePm5lvs1oL9b3hW+0Rqg/VRmv6hccUYz3/VLH5EXcRcUe0pPUgGtAKi /FgUCJ72EG+LVieQU1QMEIkKNUazZH+XaX65yqBrQ64vY2C8IhpJdyxV+Ulp8sEZ Pk345SxPhI8zS7lkdhZcFYscb/A4rbv/dKWXFfPIvyTFujse8iuPMgfmOcN9KuHz C3LV3Ts7sxy8NG0ZLxtaBtaXPSlBbvnkLGyQK0aj0uXZF39YJkyRe5npGpiUMkd/ Zugmrr2kLtEC0MVa8vpHMJwX+fsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSGQr6y LeibAYb9e2v4VgOWeSZ3QzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDVjNjU5MWMtMWJhMC00NzY5LTllNmEtMTE1NjZmMDA2NjEzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q wDANBgkqhkiG9w0BAQsFAAOCAQEAUEVAUk499wj4/h3fDZ/tAmgJQbx18uDh2/Vm W3abdjCg39ZHF1We3lSZkkNuNlOD+y/0WQrQZQgAe3WDif3r6ZJV5e3cHVUvsq8M tNSIOokYZqmtSyMDNOmi0kMSxutpO6+DIkGaNvt8yJTC8XguJpKwkW1Y0rKmzPY0 w1P4jVKj+7iH0c0quB5QxGrg2sYrqhCm73qKN8UmnPQ4JxelN0dO4bo3tyrM9g28 pYFtgDGFNvgTfTBhKO+rt/7ijZIKBpevfktixE7ZghZFwwdbklt4khJpnqlQ9Ygv ZY7/qtD8OOQnYhsYQzRi13kdjyoS6TUJtydtgB1HMQbLiV3qoA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:15 2025 by rpki-client