This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa File: 4967c03f-f17b-42f4-bfca-8694bb963ab0.roa (raw, json) Hash identifier: P+k5FcYjzzlh4Txr7UmF3by07HXvo8Q0kBmp7r+Dr+M= Subject key identifier: B8:2D:D8:28:3C:29:E1:D5:5C:A6:9E:85:EB:A6:C7:B3:2E:E0:54:DC Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 57A970EECDE79E94BD01819D72FC8C270AC59583 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa Signing time: Wed 10 Dec 2025 05:40:06 +0000 ROA not before: Wed 10 Dec 2025 05:40:06 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:a9:70:ee:cd:e7:9e:94:bd:01:81:9d:72:fc:8c:27:0a:c5:95:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:06 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=93eb1e92259cad8a146851e4baf09dfff1f2cc5e65ac483e9ae12deb16380180, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:7b:93:11:c0:cf:73:96:0b:33:55:ae:d7:39: 53:95:66:6e:96:d9:20:5d:9d:17:47:81:ae:0d:82: ae:f1:bd:06:03:8f:e5:b1:83:f1:6e:12:d8:4f:08: 1a:14:42:4d:bc:50:0d:c8:58:8c:1f:f5:42:1b:89: 5d:6c:c7:1f:dd:8b:d2:ec:a5:78:89:93:df:c7:5f: 2d:2a:4b:1a:5e:14:2a:a2:96:2d:19:63:2e:c9:b5: 95:50:c9:9b:3e:54:6f:f2:28:d9:8b:0b:16:4b:d9: 2b:b4:91:cf:cd:2f:e6:93:a2:bf:2f:ba:bf:f7:97: 82:10:3f:f8:ec:e1:87:66:9b:73:90:f4:3b:fd:bb: 64:39:da:1d:79:76:15:65:c0:10:ab:4e:8d:c8:24: 7c:7c:3d:83:f1:c2:0c:6c:8d:13:0b:4a:20:af:ff: 36:14:b4:5b:fa:3f:e0:fb:e8:04:f5:db:7b:6c:15: f1:60:10:72:d4:11:9d:f5:13:c2:b5:f7:80:03:33: cb:16:40:13:18:db:50:38:30:21:95:17:a0:d3:0c: e7:0c:a8:8c:e0:76:95:c8:36:60:aa:2b:99:e7:f4: b8:30:9d:98:6b:2e:da:36:f7:8e:b0:36:68:24:5c: c7:bc:49:10:41:74:47:77:a6:95:92:d6:52:59:c2: e9:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:2D:D8:28:3C:29:E1:D5:5C:A6:9E:85:EB:A6:C7:B3:2E:E0:54:DC X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4967c03f-f17b-42f4-bfca-8694bb963ab0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:9040::/48 Signature Algorithm: sha256WithRSAEncryption 11:3a:06:7b:51:9b:2f:c1:85:f9:f3:8f:16:ca:c9:fe:0a:1f: 2f:8b:d6:e2:0e:3a:4e:94:5f:76:4a:a6:69:44:e6:d3:cf:1e: ea:d6:44:45:d0:ad:28:ba:f5:44:9b:8b:d9:4a:e7:ba:e8:40: 1c:3f:d0:1a:15:45:7e:c3:4e:59:4d:4c:a7:04:b8:3d:5a:b0: be:b6:d5:fd:15:d4:98:59:a5:34:92:b6:8a:26:b2:dc:5a:a8: a1:22:e2:c8:2d:94:71:99:74:e4:ee:14:76:bd:0f:e8:f2:a1: 31:75:d4:e4:92:b9:ef:f7:6f:8f:16:c1:b3:4d:99:39:cb:17: bf:e3:0f:74:7f:7d:f0:ca:78:4a:0f:bc:47:6b:ed:8f:1a:00: 37:45:f3:62:c8:de:45:5f:1c:f6:e8:c3:ff:28:b4:c6:66:d3: a1:9e:a5:dc:b1:ad:00:88:17:7d:1d:a4:bb:28:eb:ab:8d:91: 92:83:14:df:83:4f:9c:6f:d3:fd:49:1e:ab:5a:c4:d8:70:91: fa:ef:23:75:bc:bf:56:f4:fd:f6:d9:83:55:29:20:13:72:9d: 08:43:0d:bd:c1:8c:31:23:84:f0:42:14:df:ac:86:e1:34:08: a4:25:39:ca:10:0c:6b:12:70:8b:f7:bf:f5:2b:18:43:e9:a3: 45:49:f9:48 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUV6lw7s3nnpS9AYGdcvyMJwrFlYMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwMDZaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDkzZWIxZTkyMjU5Y2FkOGExNDY4NTFlNGJhZjA5ZGZmZjFmMmNjNWU2NWFj NDgzZTlhZTEyZGViMTYzODAxODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALh7kxHAz3OWCzNVrtc5U5VmbpbZIF2dF0eBrg2CrvG9BgOP5bGD8W4S2E8I GhRCTbxQDchYjB/1QhuJXWzHH92L0uyleImT38dfLSpLGl4UKqKWLRljLsm1lVDJ mz5Ub/Io2YsLFkvZK7SRz80v5pOivy+6v/eXghA/+Ozhh2abc5D0O/27ZDnaHXl2 FWXAEKtOjcgkfHw9g/HCDGyNEwtKIK//NhS0W/o/4PvoBPXbe2wV8WAQctQRnfUT wrX3gAMzyxZAExjbUDgwIZUXoNMM5wyojOB2lcg2YKormef0uDCdmGsu2jb3jrA2 aCRcx7xJEEF0R3emlZLWUlnC6ZsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS4Ldgo PCnh1VymnoXrpsezLuBU3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NDk2N2MwM2YtZjE3Yi00MmY0LWJmY2EtODY5NGJiOTYzYWIwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ QDANBgkqhkiG9w0BAQsFAAOCAQEAEToGe1GbL8GF+fOPFsrJ/gofL4vW4g46TpRf dkqmaUTm088e6tZERdCtKLr1RJuL2UrnuuhAHD/QGhVFfsNOWU1MpwS4PVqwvrbV /RXUmFmlNJK2iiay3FqooSLiyC2UcZl05O4Udr0P6PKhMXXU5JK57/dvjxbBs02Z OcsXv+MPdH998Mp4Sg+8R2vtjxoAN0XzYsjeRV8c9ujD/yi0xmbToZ6l3LGtAIgX fR2kuyjrq42RkoMU34NPnG/T/Ukeq1rE2HCR+u8jdby/VvT99tmDVSkgE3KdCEMN vcGMMSOE8EIU36yG4TQIpCU5yhAMaxJwi/e/9SsYQ+mjRUn5SA== -----END CERTIFICATE-----Generated at Mon Dec 15 17:09:01 2025 by rpki-client