This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa File: 4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa (raw, json) Hash identifier: KvtjqODYrgCrQ+JruNdIy3zLby0v0WvuP34KOIWV5Uw= Subject key identifier: F4:FF:E2:17:45:82:EA:24:72:FE:DB:23:6B:35:8A:B6:B8:CA:85:80 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6B2A2FE07AF822B21E1974D1096FACC934618F84 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa Signing time: Tue 02 Dec 2025 01:50:12 +0000 ROA not before: Tue 02 Dec 2025 01:50:12 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d030:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:2a:2f:e0:7a:f8:22:b2:1e:19:74:d1:09:6f:ac:c9:34:61:8f:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:50:12 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=a309b3ae0786daf9c7698b76d34e4ab7879ef861b8d8aa25b78fb1482366b8ab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:a2:8a:8d:ac:a7:4d:f2:9e:ad:59:88:f1:f9: d3:2a:22:d9:f1:1e:cb:ce:67:d8:da:77:f9:89:49: 2d:a1:cf:58:7d:e7:c4:00:4c:3f:42:4b:ed:1e:03: 9d:95:28:fe:f8:93:66:0f:49:21:a5:67:a2:ec:8d: cf:ca:e2:78:d9:46:d9:68:1f:51:69:7f:1e:88:74: e1:14:24:db:cd:cb:20:b8:f1:a9:f6:b4:db:41:e4: 12:5a:e6:88:0c:36:3c:ff:3b:af:35:13:f4:c2:b9: ea:f2:77:ea:04:06:82:ce:46:a1:8f:cc:e3:08:eb: 98:c8:5f:0f:b2:24:85:34:37:67:0b:34:a5:67:b7: 25:9e:37:9d:70:9e:4a:8b:ea:8b:9e:66:85:c4:ef: cd:3d:45:8a:8a:a9:59:f8:de:a4:44:e6:48:45:a5: 0c:37:b7:62:de:70:1d:ad:30:61:ea:1a:70:fe:d0: 5e:d5:12:e8:f9:57:24:65:9d:64:eb:b2:68:ec:3c: 9d:b6:ce:4d:b0:50:cb:c1:34:cd:27:2e:49:35:f1: f8:73:45:1c:14:87:9f:cf:43:49:b7:d9:cf:39:75: 52:63:e0:c2:b0:e2:4e:c3:d8:8b:e0:dc:b0:6e:c4: cd:19:18:0f:07:07:c5:cf:d1:5c:f8:7c:cf:21:8c: e7:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:FF:E2:17:45:82:EA:24:72:FE:DB:23:6B:35:8A:B6:B8:CA:85:80 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ba54e4f-0294-4e83-8037-7d266c37f0c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d030:a000::/40 Signature Algorithm: sha256WithRSAEncryption 3c:21:40:e3:93:62:9c:b9:37:48:09:12:6c:30:2d:3a:74:7e: 88:ce:ae:cc:0a:7b:e5:68:8d:44:d3:86:c4:bb:f5:62:e0:d4: fa:ef:a4:ce:9c:96:38:33:d5:d2:cb:96:5d:81:6a:af:30:d3: 4a:ae:23:a8:1b:22:61:39:7b:62:3d:62:07:90:90:44:93:76: 1e:5e:dc:1c:45:b9:22:30:7f:a0:40:a3:7a:ea:7e:0a:53:c7: ea:9b:e4:be:7e:91:e5:2a:cb:87:1e:cb:f9:6f:88:10:f4:03: fd:e2:00:38:a4:15:fe:8d:46:fc:69:9a:e3:be:03:fb:7a:bc: f4:86:fa:39:05:3a:4c:57:9b:87:7d:71:82:a8:9c:38:4a:30: 05:25:35:1d:c1:a5:91:d4:8e:87:84:2d:73:06:36:7b:4a:4e: f2:c1:49:04:53:f7:50:72:5d:dc:9f:26:9e:77:36:ea:0f:11: d5:8f:ae:c9:29:d0:be:66:20:bb:35:ce:53:f2:49:52:e4:ac: dc:36:0b:c8:40:a2:75:c8:bc:b2:e3:d8:35:be:25:f9:40:9b: 95:10:57:19:2e:99:eb:a2:8e:19:3e:01:94:fb:9c:28:cd:b6: d7:e3:12:4e:81:31:7a:94:91:a1:c7:12:2f:0e:e4:41:d6:7a: 77:09:9c:09 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUayov4Hr4IrIeGXTRCW+syTRhj4QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUwMTJaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGEzMDliM2FlMDc4NmRhZjljNzY5OGI3NmQzNGU0YWI3ODc5ZWY4NjFiOGQ4 YWEyNWI3OGZiMTQ4MjM2NmI4YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJmiio2sp03ynq1ZiPH50yoi2fEey85n2Np3+YlJLaHPWH3nxABMP0JL7R4D nZUo/viTZg9JIaVnouyNz8rieNlG2WgfUWl/Hoh04RQk283LILjxqfa020HkElrm iAw2PP87rzUT9MK56vJ36gQGgs5GoY/M4wjrmMhfD7IkhTQ3Zws0pWe3JZ43nXCe Sovqi55mhcTvzT1FioqpWfjepETmSEWlDDe3Yt5wHa0wYeoacP7QXtUS6PlXJGWd ZOuyaOw8nbbOTbBQy8E0zScuSTXx+HNFHBSHn89DSbfZzzl1UmPgwrDiTsPYi+Dc sG7EzRkYDwcHxc/RXPh8zyGM510CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0/+IX RYLqJHL+2yNrNYq2uMqFgDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGJhNTRlNGYtMDI5NC00ZTgzLTgwMzctN2QyNjZjMzdmMGM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg MA0GCSqGSIb3DQEBCwUAA4IBAQA8IUDjk2KcuTdICRJsMC06dH6Izq7MCnvlaI1E 04bEu/Vi4NT676TOnJY4M9XSy5ZdgWqvMNNKriOoGyJhOXtiPWIHkJBEk3YeXtwc RbkiMH+gQKN66n4KU8fqm+S+fpHlKsuHHsv5b4gQ9AP94gA4pBX+jUb8aZrjvgP7 erz0hvo5BTpMV5uHfXGCqJw4SjAFJTUdwaWR1I6HhC1zBjZ7Sk7ywUkEU/dQcl3c nyaedzbqDxHVj67JKdC+ZiC7Nc5T8klS5KzcNgvIQKJ1yLyy49g1viX5QJuVEFcZ Lpnroo4ZPgGU+5wozbbX4xJOgTF6lJGhxxIvDuRB1np3CZwJ -----END CERTIFICATE-----Generated at Sat Dec 6 22:36:59 2025 by rpki-client