This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa File: 4cf83881-74f7-4033-977b-362e08e8d6d2.roa (raw, json) Hash identifier: 9tSfLjdlqhXo6MZiIqxysar6Y9jTn9Nv1f/QRHgd9wE= Subject key identifier: EB:BE:A9:3E:EE:E0:40:D3:57:FC:66:4A:E9:C4:E2:2A:3D:93:78:02 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2BD07A461185148C9888B7BB40F87931B998E8B5 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa Signing time: Thu 13 Nov 2025 02:00:14 +0000 ROA not before: Thu 13 Nov 2025 02:00:14 +0000 ROA not after: Thu 18 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:d0:7a:46:11:85:14:8c:98:88:b7:bb:40:f8:79:31:b9:98:e8:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 13 02:00:14 2025 GMT Not After : Dec 18 23:59:59 2025 GMT Subject: serialNumber=9969460190364263bedb794da19174cee60336ea09c670304e10f5d278fd63ff, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:7b:27:60:c5:13:a9:ff:ed:a5:3a:b2:3a:18: ae:07:e1:a4:a1:94:c4:4a:43:7d:64:25:fa:4d:47: 21:ce:b6:92:66:7b:d4:3c:b8:a6:d8:20:f4:18:d2: bb:a4:ff:8f:fd:44:49:c1:18:70:a3:8b:93:38:ad: d7:8b:f7:ad:f8:9a:f3:84:cf:9f:63:36:26:cf:c8: 0f:66:4e:9a:93:b8:6a:85:92:11:78:ee:1d:3a:35: 23:95:f8:35:4a:35:b4:15:b5:e6:49:dc:d0:5b:03: 46:d1:95:bd:28:bb:c7:51:99:46:64:eb:b7:78:3a: d7:b8:37:b0:35:29:27:e5:ac:e8:d3:70:0b:f8:55: 13:a9:82:99:30:de:ab:63:8f:5b:47:67:23:ab:19: 58:a1:af:4a:4f:25:70:9f:21:1f:84:dc:ab:64:13: 7f:69:07:e2:98:7f:17:cf:c6:fd:90:e0:ae:c5:0e: 09:91:e5:51:99:a1:bf:8f:da:ae:85:b7:ba:38:1e: 6c:f5:9d:4f:b5:9f:b5:3d:b5:9b:e8:b7:dc:51:8e: b0:13:96:72:bf:7e:a0:47:89:e6:a8:9f:7f:9a:93: ab:f5:ce:15:d4:90:f8:23:1d:9e:f8:10:e9:80:77: 6e:94:dc:65:3b:b7:86:a8:1d:50:69:5c:32:29:d5: 60:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:BE:A9:3E:EE:E0:40:D3:57:FC:66:4A:E9:C4:E2:2A:3D:93:78:02 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:840::/48 Signature Algorithm: sha256WithRSAEncryption 51:77:d4:0b:de:14:12:96:0e:99:4a:2f:4e:ca:e7:1a:4c:60: 0c:5b:7f:37:fb:1d:ae:f6:20:43:51:2b:25:57:00:db:1d:8c: bb:08:86:32:4f:71:95:bc:71:08:14:19:2c:a8:06:42:f2:46: 62:df:d6:31:e4:3f:6a:09:e7:4d:1b:e7:b7:19:71:f8:50:4f: 28:66:45:ee:81:1a:05:ad:a0:82:68:6c:b5:99:98:0a:8f:58: f7:3d:3b:c0:1f:08:db:cc:11:07:91:31:dd:b9:d6:db:d6:d0: 04:00:b5:a4:43:a1:75:d8:5e:9d:32:aa:88:8b:80:ca:bb:dd: 50:3b:60:b4:32:91:9c:eb:92:09:f7:7e:b1:58:1f:a1:21:bb: 7f:0d:fc:e6:f4:e8:81:34:e3:46:eb:ec:1f:c0:89:57:c8:fd: 04:4b:af:78:42:5f:cd:b3:8b:31:29:df:f5:67:f1:d7:f1:ea: b0:4e:15:74:fe:1c:66:df:f5:3f:06:00:be:a5:a6:34:ee:99: fa:48:d3:51:24:ee:ef:bd:a0:e4:21:d9:6e:e2:6b:37:3f:3a: fd:17:0f:da:43:2b:d3:34:a7:4e:31:4f:ca:02:c7:61:61:da: 2d:62:89:d8:3c:88:fb:61:24:86:d3:8a:db:d7:d4:8a:b6:34: 6e:ca:97:27 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUK9B6RhGFFIyYiLe7QPh5MbmY6LUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTMwMjAwMTRaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV BAUTQDk5Njk0NjAxOTAzNjQyNjNiZWRiNzk0ZGExOTE3NGNlZTYwMzM2ZWEwOWM2 NzAzMDRlMTBmNWQyNzhmZDYzZmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMp7J2DFE6n/7aU6sjoYrgfhpKGUxEpDfWQl+k1HIc62kmZ71Dy4ptgg9BjS u6T/j/1EScEYcKOLkzit14v3rfia84TPn2M2Js/ID2ZOmpO4aoWSEXjuHTo1I5X4 NUo1tBW15knc0FsDRtGVvSi7x1GZRmTrt3g617g3sDUpJ+Ws6NNwC/hVE6mCmTDe q2OPW0dnI6sZWKGvSk8lcJ8hH4Tcq2QTf2kH4ph/F8/G/ZDgrsUOCZHlUZmhv4/a roW3ujgebPWdT7WftT21m+i33FGOsBOWcr9+oEeJ5qiff5qTq/XOFdSQ+CMdnvgQ 6YB3bpTcZTu3hqgdUGlcMinVYEcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTrvqk+ 7uBA01f8ZkrpxOIqPZN4AjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NGNmODM4ODEtNzRmNy00MDMzLTk3N2ItMzYyZTA4ZThkNmQyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII QDANBgkqhkiG9w0BAQsFAAOCAQEAUXfUC94UEpYOmUovTsrnGkxgDFt/N/sdrvYg Q1ErJVcA2x2MuwiGMk9xlbxxCBQZLKgGQvJGYt/WMeQ/agnnTRvntxlx+FBPKGZF 7oEaBa2ggmhstZmYCo9Y9z07wB8I28wRB5Ex3bnW29bQBAC1pEOhddhenTKqiIuA yrvdUDtgtDKRnOuSCfd+sVgfoSG7fw385vTogTTjRuvsH8CJV8j9BEuveEJfzbOL MSnf9Wfx1/HqsE4VdP4cZt/1PwYAvqWmNO6Z+kjTUSTu772g5CHZbuJrNz86/RcP 2kMr0zSnTjFPygLHYWHaLWKJ2DyI+2EkhtOK29fUirY0bsqXJw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:05 2025 by rpki-client