This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa File: 4aa6172c-f263-4645-8d7a-40a15aee233f.roa (raw, json) Hash identifier: Rq0qSSZyVHYSFK+iUz8BF5OqrPsNJXQOxHpMA+OvcBc= Subject key identifier: 5D:E1:9E:B9:ED:85:6F:C6:4E:DF:20:2B:87:A4:03:53:10:5C:78:D1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 603CEC9424591C63F1AB7E86C3980A7279633763 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa Signing time: Sat 15 Nov 2025 05:50:14 +0000 ROA not before: Sat 15 Nov 2025 05:50:14 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:3c:ec:94:24:59:1c:63:f1:ab:7e:86:c3:98:0a:72:79:63:37:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:14 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=08ba85501b22c5f19a862d674b32397b629c88e462e94dca2dcbb4896a695d7b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:df:c5:24:c8:1a:a3:69:4a:76:2a:15:fc:97: 03:0d:fd:2d:dc:26:63:8e:8f:df:35:27:23:da:24: 82:a8:e8:52:e5:02:34:6e:af:30:30:55:a9:12:f6: 40:b8:e6:eb:32:f5:09:11:02:23:34:9b:2e:3b:ec: 74:78:66:9d:36:dc:3e:10:43:44:52:92:c0:fc:b9: 5f:7e:45:d3:3f:f7:34:71:69:47:92:3f:e0:26:6b: ab:39:ce:61:66:b2:ef:6a:f1:06:02:ab:f9:4a:34: 79:2a:a1:58:ee:4a:01:38:6e:a7:8b:5a:e2:bf:ec: cf:ca:3c:72:91:92:3d:3e:0d:71:f8:06:0e:ec:78: 46:d2:8b:7f:88:11:b1:75:97:09:d6:10:fa:5f:ae: 05:d5:68:3b:09:a9:d7:48:7b:ba:b0:a5:44:a1:a1: 19:82:d2:ee:ea:e1:e1:72:24:90:bd:67:13:9c:77: a6:69:69:c0:f0:c9:a4:20:d5:2a:7a:6d:d7:3c:ce: 87:65:ed:8d:76:ce:22:20:d8:9b:54:46:dc:2e:f0: 9a:f2:e3:12:19:4b:f7:0d:cb:cc:e8:8e:f0:f8:dd: db:28:cf:e0:30:75:62:76:45:31:ef:24:61:ce:cc: d8:fa:c4:38:1d:92:9c:bf:de:b9:01:53:96:03:97: 9f:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:E1:9E:B9:ED:85:6F:C6:4E:DF:20:2B:87:A4:03:53:10:5C:78:D1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4aa6172c-f263-4645-8d7a-40a15aee233f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:8000::/40 Signature Algorithm: sha256WithRSAEncryption 9c:b7:48:2e:ce:97:08:54:d7:3a:83:58:45:c0:84:dc:56:b9: eb:f7:42:83:d8:c0:9d:10:50:58:e9:77:62:19:3b:9f:74:27: 7a:86:0c:ee:81:11:27:1b:d6:cb:e9:d4:75:c8:20:12:45:62: 5a:fa:98:f2:e5:95:e5:f9:bd:4c:32:ce:bc:1f:2f:66:8a:f4: eb:81:14:c2:d1:22:59:e5:78:48:be:e3:90:d9:a9:0c:41:a9: d9:28:5a:46:1e:93:e3:9f:ee:17:cd:60:a8:c2:62:99:58:17: e0:ac:fe:fe:a9:6f:44:b6:1b:6c:56:73:ca:95:e8:74:f7:55: a9:ae:87:0e:3d:cb:8d:75:59:31:f1:3f:84:c2:f4:27:91:8d: 11:df:ce:66:71:0f:f9:34:2b:4b:fa:34:5e:1d:dc:08:03:1d: ef:f1:03:49:14:20:b4:98:47:51:e3:72:2a:b0:e7:36:a2:9f: 1d:cb:95:f7:bb:ac:45:35:35:40:f5:7a:8c:b2:71:e6:db:83: 37:f5:09:a0:11:c4:15:fa:fb:c1:2d:29:ca:73:03:c0:dc:0f: 6b:8d:25:27:0c:4a:f2:34:be:cb:41:da:8c:ac:a3:51:85:de: 72:b1:a9:e0:3b:1d:bc:8b:d4:2e:ff:f0:37:cc:c2:ad:e8:2c: 13:9d:80:d4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUYDzslCRZHGPxq36Gw5gKcnljN2MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMTRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDA4YmE4NTUwMWIyMmM1ZjE5YTg2MmQ2NzRiMzIzOTdiNjI5Yzg4ZTQ2MmU5 NGRjYTJkY2JiNDg5NmE2OTVkN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOHfxSTIGqNpSnYqFfyXAw39LdwmY46P3zUnI9okgqjoUuUCNG6vMDBVqRL2 QLjm6zL1CRECIzSbLjvsdHhmnTbcPhBDRFKSwPy5X35F0z/3NHFpR5I/4CZrqznO YWay72rxBgKr+Uo0eSqhWO5KAThup4ta4r/sz8o8cpGSPT4NcfgGDux4RtKLf4gR sXWXCdYQ+l+uBdVoOwmp10h7urClRKGhGYLS7urh4XIkkL1nE5x3pmlpwPDJpCDV Knpt1zzOh2XtjXbOIiDYm1RG3C7wmvLjEhlL9w3LzOiO8Pjd2yjP4DB1YnZFMe8k Yc7M2PrEOB2SnL/euQFTlgOXn/UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRd4Z65 7YVvxk7fICuHpANTEFx40TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGFhNjE3MmMtZjI2My00NjQ1LThkN2EtNDBhMTVhZWUyMzNmLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGA MA0GCSqGSIb3DQEBCwUAA4IBAQCct0guzpcIVNc6g1hFwITcVrnr90KD2MCdEFBY 6XdiGTufdCd6hgzugREnG9bL6dR1yCASRWJa+pjy5ZXl+b1MMs68Hy9mivTrgRTC 0SJZ5XhIvuOQ2akMQanZKFpGHpPjn+4XzWCowmKZWBfgrP7+qW9EthtsVnPKleh0 91WprocOPcuNdVkx8T+EwvQnkY0R385mcQ/5NCtL+jReHdwIAx3v8QNJFCC0mEdR 43IqsOc2op8dy5X3u6xFNTVA9XqMsnHm24M39QmgEcQV+vvBLSnKcwPA3A9rjSUn DEryNL7LQdqMrKNRhd5ysangOx28i9Qu//A3zMKt6CwTnYDU -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:12 2025 by rpki-client