This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa File: 5246cdd9-6493-4560-b4c3-8d974de78b57.roa (raw, json) Hash identifier: kgi0suRmligQRK6eKyubwYnzPE5YAPGU9PTv6zb4a00= Subject key identifier: CE:35:C1:71:54:B4:8E:11:4E:1D:9C:AB:9A:2E:71:F1:D2:B9:D0:B2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2BF391D1613C1FCF86263C6D285272F07299A78A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa Signing time: Sat 15 Nov 2025 06:40:06 +0000 ROA not before: Sat 15 Nov 2025 06:40:06 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:f3:91:d1:61:3c:1f:cf:86:26:3c:6d:28:52:72:f0:72:99:a7:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:40:06 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=190f0103a3184435d964f40a05a44a01e2cac4b98a3f3806992bde82615b2749, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ad:04:84:77:a7:b0:87:e7:87:0d:1b:01:16: 81:6c:2b:0a:bd:25:e6:3a:ed:e8:9a:4c:f8:7b:4d: 0d:16:8c:e3:fd:8b:8b:e7:fb:12:1f:f4:fe:53:6a: de:f6:b1:c0:78:e1:33:d2:01:db:92:ce:19:2a:c3: 9a:24:9f:a7:10:49:56:05:96:10:ab:75:b1:2a:93: c8:4a:d6:2b:35:6f:24:ef:81:cc:a6:29:d4:8e:25: cf:97:34:8c:a8:5c:42:c1:d5:27:d8:0d:ba:44:24: 2d:95:68:00:76:18:71:82:6a:56:12:64:c9:c9:46: 13:02:7d:45:a7:c2:eb:f6:17:23:d4:33:7b:77:a6: b4:1c:74:75:07:74:98:9c:22:5b:5e:0c:23:c5:6a: 01:86:e3:02:bb:bf:a5:70:42:6d:09:d8:ba:79:ef: a3:2e:51:35:fc:03:f6:4e:8c:ec:d6:23:00:82:33: b1:ec:d9:43:45:4f:ee:68:ee:b6:8e:e6:bb:cb:83: ba:c7:eb:6b:28:fe:7b:be:30:86:5a:29:e7:c0:eb: b5:70:b9:69:1b:ec:d7:d9:fc:ff:27:02:d1:96:41: 3f:ae:c0:16:23:69:30:cf:05:f1:66:1a:0b:0e:e0: 89:c8:15:be:17:af:ec:a6:8e:75:56:c3:f0:5f:31: ef:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:35:C1:71:54:B4:8E:11:4E:1D:9C:AB:9A:2E:71:F1:D2:B9:D0:B2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5246cdd9-6493-4560-b4c3-8d974de78b57.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:c000::/40 Signature Algorithm: sha256WithRSAEncryption 8f:41:1b:b1:b4:1d:78:83:31:d3:f0:03:28:05:9f:fb:5e:8b: d2:64:ce:b7:38:44:84:b0:9e:2b:15:04:1a:ba:d5:48:d3:04: 20:ad:30:52:cd:2e:84:19:53:55:de:01:08:dc:c9:ee:a4:70: d0:c4:d5:8b:06:34:89:c4:51:3e:ff:71:ed:d9:d7:ed:ae:41: 32:21:fc:7c:38:88:4a:c9:c5:73:85:5a:88:46:4c:fd:5d:f5: 67:ba:df:7f:aa:3b:b0:24:12:5e:de:c8:91:ec:35:fb:0b:66: 66:12:79:00:0a:d8:49:5a:4c:9a:24:cf:f5:83:17:87:8d:e3: 8d:d2:da:cb:19:8a:67:b0:3a:dd:13:65:94:5b:98:00:cb:53: 8e:ca:da:be:4d:46:84:03:8f:10:11:03:59:69:f8:73:53:95: f5:09:af:41:60:96:cf:20:24:4f:48:89:7c:5e:75:aa:94:5a: 0d:c1:cb:13:75:5c:6f:1f:13:e3:b7:02:1e:38:77:67:30:40: 3e:d8:8d:00:74:fc:ec:47:c1:0b:25:51:b3:04:02:ca:07:63: 12:bf:88:f4:d0:c9:5c:6e:cf:33:41:ee:19:fc:81:02:72:a4: 60:89:2c:2a:fe:ba:03:a4:11:2a:14:36:42:90:3f:a6:e9:ed: 85:64:23:2f -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUK/OR0WE8H8+GJjxtKFJy8HKZp4owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjQwMDZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDE5MGYwMTAzYTMxODQ0MzVkOTY0ZjQwYTA1YTQ0YTAxZTJjYWM0Yjk4YTNm MzgwNjk5MmJkZTgyNjE1YjI3NDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANCtBIR3p7CH54cNGwEWgWwrCr0l5jrt6JpM+HtNDRaM4/2Li+f7Eh/0/lNq 3vaxwHjhM9IB25LOGSrDmiSfpxBJVgWWEKt1sSqTyErWKzVvJO+BzKYp1I4lz5c0 jKhcQsHVJ9gNukQkLZVoAHYYcYJqVhJkyclGEwJ9RafC6/YXI9Qze3emtBx0dQd0 mJwiW14MI8VqAYbjAru/pXBCbQnYunnvoy5RNfwD9k6M7NYjAIIzsezZQ0VP7mju to7mu8uDusfrayj+e74whlop58DrtXC5aRvs19n8/ycC0ZZBP67AFiNpMM8F8WYa Cw7gicgVvhev7KaOdVbD8F8x70UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTONcFx VLSOEU4dnKuaLnHx0rnQsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTI0NmNkZDktNjQ5My00NTYwLWI0YzMtOGQ5NzRkZTc4YjU3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DjA MA0GCSqGSIb3DQEBCwUAA4IBAQCPQRuxtB14gzHT8AMoBZ/7XovSZM63OESEsJ4r FQQautVI0wQgrTBSzS6EGVNV3gEI3MnupHDQxNWLBjSJxFE+/3Ht2dftrkEyIfx8 OIhKycVzhVqIRkz9XfVnut9/qjuwJBJe3siR7DX7C2ZmEnkACthJWkyaJM/1gxeH jeON0trLGYpnsDrdE2WUW5gAy1OOytq+TUaEA48QEQNZafhzU5X1Ca9BYJbPICRP SIl8XnWqlFoNwcsTdVxvHxPjtwIeOHdnMEA+2I0AdPzsR8ELJVGzBALKB2MSv4j0 0Mlcbs8zQe4Z/IECcqRgiSwq/roDpBEqFDZCkD+m6e2FZCMv -----END CERTIFICATE-----Generated at Sat Dec 6 11:48:34 2025 by rpki-client