This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa File: 50253a85-74b2-4a74-ab18-15a98f3496b2.roa (raw, json) Hash identifier: bAdLG0xs7EfVYtSu2jJpjOXuG72gyQwHazisYcEIkRI= Subject key identifier: 88:4C:DF:7B:68:6E:24:D8:3A:E1:EF:41:A1:6B:52:50:01:96:63:10 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 59FC1A208F9AF850EE766BE279807F50E15DDDE4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa Signing time: Sat 15 Nov 2025 06:00:10 +0000 ROA not before: Sat 15 Nov 2025 06:00:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d075:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:fc:1a:20:8f:9a:f8:50:ee:76:6b:e2:79:80:7f:50:e1:5d:dd:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=e9b8f00474c6359aac913f6f4880672020b93e9994141bf6f5659ed7517f7aae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ce:8f:ae:8f:28:73:30:2a:95:76:02:55:2f: d3:6a:d6:17:10:42:ce:c2:fb:52:e5:eb:a2:1c:54: f4:b4:da:ca:f1:db:af:30:e5:0a:e3:1b:93:54:f6: 65:dd:4c:c7:d7:42:7d:8f:f1:cd:87:3a:cc:57:34: 8c:51:39:e9:06:5a:7f:70:e2:ea:54:7b:87:fb:ed: 40:6c:7c:9c:57:53:3d:a9:e7:76:24:66:30:aa:37: 76:72:14:24:ff:7f:39:7e:b9:af:c4:37:20:a8:a9: 8a:db:7c:45:50:4b:24:1e:2f:13:b2:2c:59:d3:6d: 56:fe:a7:25:b8:db:1d:77:54:bb:09:60:6e:6c:ff: ed:02:00:60:4d:19:d6:f8:f4:5e:42:98:fb:71:1b: cb:96:23:09:ad:3d:79:a2:48:d1:85:4a:f0:38:9c: 05:d7:e4:ad:06:a0:dd:e5:b9:de:cd:aa:a7:2d:0d: 46:a9:24:4c:47:75:95:6d:dd:1f:33:c3:98:99:73: df:e3:af:7d:9d:84:1e:5f:1f:c2:4c:24:b6:1e:78: a0:07:86:fe:f7:1e:b5:3f:be:2e:38:81:0d:b7:f5: 01:7a:d2:e7:6e:8b:5c:e1:4b:b3:5e:a7:5f:1e:1a: fa:d5:10:33:4c:78:6c:7e:26:84:9e:53:19:2f:22: 96:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:4C:DF:7B:68:6E:24:D8:3A:E1:EF:41:A1:6B:52:50:01:96:63:10 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/50253a85-74b2-4a74-ab18-15a98f3496b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d075:8000::/40 Signature Algorithm: sha256WithRSAEncryption 63:4b:a5:8d:66:31:b3:ea:eb:6a:06:07:10:a3:1b:e3:26:04: 96:5c:7e:38:45:4d:e3:e9:27:02:01:af:ea:d9:95:31:35:4b: fc:ac:76:f1:3e:3a:8c:94:7e:cf:51:53:86:76:36:90:83:6d: 8b:3c:19:09:9d:86:08:c7:e8:d9:96:1a:45:ec:0d:b4:40:8b: c2:79:1d:0b:b2:58:50:f8:69:58:88:8a:b4:b4:54:f2:e5:09: a8:c7:a1:d2:52:3e:bf:c4:22:f8:a7:3a:f9:10:3b:fc:09:e1: 9e:2f:b9:0c:52:65:8a:a7:de:58:31:a7:f5:b8:a0:0c:7c:12: 73:b8:6c:e4:8b:4b:a2:b2:29:fb:31:07:c5:42:e3:12:d7:03: 13:a8:ca:aa:3d:93:f7:71:e7:7c:81:83:6f:78:c3:62:fd:38: 3a:2a:f9:47:a1:3e:3b:57:59:03:bf:d7:89:95:85:3f:e0:f5: 48:47:f0:89:a9:e6:85:ce:bc:25:1a:ae:59:38:29:1c:a1:53: bc:46:c5:96:1f:53:a7:2e:66:8e:7e:07:29:1f:ce:99:54:07: 72:b6:42:92:c2:dc:09:5e:88:c9:36:60:71:c1:e8:cc:bb:a9: c9:0b:79:4b:39:9c:a7:91:26:42:23:3d:72:c7:f3:25:8b:49: d4:7e:01:65 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUWfwaII+a+FDudmvieYB/UOFd3eQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGU5YjhmMDA0NzRjNjM1OWFhYzkxM2Y2ZjQ4ODA2NzIwMjBiOTNlOTk5NDE0 MWJmNmY1NjU5ZWQ3NTE3ZjdhYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/Oj66PKHMwKpV2AlUv02rWFxBCzsL7UuXrohxU9LTayvHbrzDlCuMbk1T2 Zd1Mx9dCfY/xzYc6zFc0jFE56QZaf3Di6lR7h/vtQGx8nFdTPanndiRmMKo3dnIU JP9/OX65r8Q3IKipitt8RVBLJB4vE7IsWdNtVv6nJbjbHXdUuwlgbmz/7QIAYE0Z 1vj0XkKY+3Eby5YjCa09eaJI0YVK8DicBdfkrQag3eW53s2qpy0NRqkkTEd1lW3d HzPDmJlz3+OvfZ2EHl8fwkwkth54oAeG/vcetT++LjiBDbf1AXrS526LXOFLs16n Xx4a+tUQM0x4bH4mhJ5TGS8ilmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSITN97 aG4k2Drh70Gha1JQAZZjEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTAyNTNhODUtNzRiMi00YTc0LWFiMTgtMTVhOThmMzQ5NmIyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWA MA0GCSqGSIb3DQEBCwUAA4IBAQBjS6WNZjGz6utqBgcQoxvjJgSWXH44RU3j6ScC Aa/q2ZUxNUv8rHbxPjqMlH7PUVOGdjaQg22LPBkJnYYIx+jZlhpF7A20QIvCeR0L slhQ+GlYiIq0tFTy5Qmox6HSUj6/xCL4pzr5EDv8CeGeL7kMUmWKp95YMaf1uKAM fBJzuGzki0uisin7MQfFQuMS1wMTqMqqPZP3ced8gYNveMNi/Tg6KvlHoT47V1kD v9eJlYU/4PVIR/CJqeaFzrwlGq5ZOCkcoVO8RsWWH1OnLmaOfgcpH86ZVAdytkKS wtwJXojJNmBxwejMu6nJC3lLOZynkSZCIz1yx/Mli0nUfgFl -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:30 2025 by rpki-client