This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa File: 4a7b2b27-8130-47da-97da-78c91087b05e.roa (raw, json) Hash identifier: jJNKYifBofVUr9U5pHg6N4mmwkmvZo0XwnxBSpZn/pg= Subject key identifier: 63:0A:16:CB:6E:2D:6F:C3:C6:F7:8C:BE:F6:20:99:57:FD:B9:BD:7A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 34B90EB11C569CC13B93F324F40E04569F772B25 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa Signing time: Sat 15 Nov 2025 05:41:24 +0000 ROA not before: Sat 15 Nov 2025 05:41:24 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:b9:0e:b1:1c:56:9c:c1:3b:93:f3:24:f4:0e:04:56:9f:77:2b:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:41:24 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=fb2a643a9c53162d839fd3876918b700ead6e79f00fe9fe6b8ae071fd5de8045, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:ef:4f:d3:41:a7:12:e3:d5:a8:c4:27:0c:cd: c9:80:e5:08:1f:34:af:a0:98:b9:1f:ab:1f:f2:4c: 3e:18:59:52:a3:71:87:4a:aa:84:d8:07:f0:6c:92: f7:fd:e4:32:1d:80:28:ce:d4:c4:7d:39:4b:6f:f6: f1:0f:51:9b:37:68:4f:6b:1e:af:77:69:70:eb:4d: c7:cc:96:3c:ff:06:de:6a:22:fe:79:d8:cf:48:86: 6e:e4:39:84:ba:be:02:f8:be:77:4f:bc:e1:33:e1: 21:89:44:cc:fa:8a:96:00:1b:dd:8b:79:1f:5d:c5: 55:fc:88:ef:35:40:60:dd:b5:81:ff:d5:2f:3b:9d: 3c:4a:9d:87:02:a9:27:a0:2a:a5:73:83:28:29:4c: 48:fa:39:dc:e9:97:f1:4a:03:87:46:98:8c:d2:69: 9a:e4:a6:55:86:7f:18:ec:a4:72:c9:f7:b2:d8:5f: 1d:88:88:52:98:0c:62:3c:31:20:6f:77:c8:dd:16: c8:0c:09:5c:77:8f:fa:81:b4:e8:d6:37:24:b2:3a: 24:35:4d:14:4e:61:c9:af:06:32:6a:fa:53:10:41: 73:7e:fb:d1:ad:23:c1:8d:97:e7:cf:16:47:7e:10: 30:5d:82:dd:9d:46:c6:af:97:20:07:a2:f6:e5:31: 69:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:0A:16:CB:6E:2D:6F:C3:C6:F7:8C:BE:F6:20:99:57:FD:B9:BD:7A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4a7b2b27-8130-47da-97da-78c91087b05e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:c040::/48 Signature Algorithm: sha256WithRSAEncryption 3b:05:5e:f8:ab:58:3f:e9:2b:af:a1:c5:27:90:38:06:d8:36: b8:e6:1d:06:58:bf:1e:17:58:71:85:95:cc:51:4a:5b:ef:e1: b3:1e:ca:a0:e7:12:4b:34:78:2f:a2:b1:fb:53:37:b2:70:1c: e1:1f:60:f9:38:28:05:2f:87:71:16:01:6e:75:eb:6e:bf:a4: a6:36:cc:e9:5f:17:0d:8c:3b:00:fc:ba:53:3a:43:ee:4f:5a: f8:c2:57:46:d3:20:86:6e:e8:64:ec:e0:c1:e9:3a:c2:9c:6a: 84:13:15:16:1c:a8:4d:57:17:68:28:34:0e:a3:fb:d0:c8:04: 10:18:28:92:24:ec:48:e5:7e:49:a6:47:cf:ad:82:92:d1:35: 2e:fc:13:11:3f:41:00:75:6c:04:db:0a:5e:80:88:c1:4b:e8: ee:5b:aa:2b:e3:a1:25:0f:40:cd:f8:07:1e:92:48:67:9b:3a: 33:b3:c8:12:ad:ba:5a:68:34:8c:d2:fb:19:d8:b5:66:69:54: f2:1b:ec:15:b0:c8:7b:5b:c5:4b:44:34:42:46:44:c7:96:be: 8f:c6:b0:07:c3:1e:4e:f2:b9:ce:6b:72:f4:51:8e:7a:48:39: 46:5c:32:db:97:60:99:a7:2f:22:86:93:88:93:8b:84:c5:1e: 7d:4d:91:80 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUNLkOsRxWnME7k/Mk9A4EVp93KyUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQxMjRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGZiMmE2NDNhOWM1MzE2MmQ4MzlmZDM4NzY5MThiNzAwZWFkNmU3OWYwMGZl OWZlNmI4YWUwNzFmZDVkZTgwNDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN3vT9NBpxLj1ajEJwzNyYDlCB80r6CYuR+rH/JMPhhZUqNxh0qqhNgH8GyS 9/3kMh2AKM7UxH05S2/28Q9RmzdoT2ser3dpcOtNx8yWPP8G3moi/nnYz0iGbuQ5 hLq+Avi+d0+84TPhIYlEzPqKlgAb3Yt5H13FVfyI7zVAYN21gf/VLzudPEqdhwKp J6AqpXODKClMSPo53OmX8UoDh0aYjNJpmuSmVYZ/GOykcsn3sthfHYiIUpgMYjwx IG93yN0WyAwJXHeP+oG06NY3JLI6JDVNFE5hya8GMmr6UxBBc3770a0jwY2X588W R34QMF2C3Z1Gxq+XIAei9uUxacsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRjChbL bi1vw8b3jL72IJlX/bm9ejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGE3YjJiMjctODEzMC00N2RhLTk3ZGEtNzhjOTEwODdiMDVlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA QDANBgkqhkiG9w0BAQsFAAOCAQEAOwVe+KtYP+krr6HFJ5A4Btg2uOYdBli/HhdY cYWVzFFKW+/hsx7KoOcSSzR4L6Kx+1M3snAc4R9g+TgoBS+HcRYBbnXrbr+kpjbM 6V8XDYw7APy6UzpD7k9a+MJXRtMghm7oZOzgwek6wpxqhBMVFhyoTVcXaCg0DqP7 0MgEEBgokiTsSOV+SaZHz62CktE1LvwTET9BAHVsBNsKXoCIwUvo7luqK+OhJQ9A zfgHHpJIZ5s6M7PIEq26Wmg0jNL7Gdi1ZmlU8hvsFbDIe1vFS0Q0QkZEx5a+j8aw B8MeTvK5zmty9FGOekg5Rlwy25dgmacvIoaTiJOLhMUefU2RgA== -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:47 2025 by rpki-client