This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/528c97d8-1890-4c86-9eee-907363f046e1.roa File: 528c97d8-1890-4c86-9eee-907363f046e1.roa (raw, json) Hash identifier: r1g6lOz7C/Dvhv1PQXIDNjLBR+p8wOvAk92Tpu0DJTc= Subject key identifier: 46:DA:89:AC:57:3E:BC:5F:8D:8F:89:CD:CE:99:19:EC:FB:DE:23:21 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 787D9E966ACFCFF47359F0C481849E0145D7E796 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/528c97d8-1890-4c86-9eee-907363f046e1.roa Signing time: Tue 25 Nov 2025 20:10:35 +0000 ROA not before: Tue 25 Nov 2025 20:10:35 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:7d:9e:96:6a:cf:cf:f4:73:59:f0:c4:81:84:9e:01:45:d7:e7:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:10:35 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=64347936013559f538d353a5c97e17b26cddd30ad8a1dfe677884232bdda5b15, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:86:fb:22:dd:7d:35:2f:db:78:72:e8:c1:ba: 44:2b:d5:c0:d1:46:d0:bd:d2:da:68:c0:34:8f:14: c3:28:08:f3:19:37:40:6d:68:4d:d0:9e:c1:c4:f3: cf:cd:23:62:5d:82:d3:e9:9e:3d:3c:64:9e:a0:77: 53:77:c9:36:0a:4d:2d:e2:45:ae:da:07:41:83:be: 58:a0:06:d2:43:f6:91:56:30:db:b3:93:d1:8f:97: 0b:30:3f:72:8a:7c:c3:b8:8e:8b:71:0d:c2:ec:f5: a9:d6:63:e2:32:12:fd:e4:0b:d2:62:61:cf:c1:a8: e8:dc:7c:7d:82:ce:56:71:d0:d8:2b:79:2a:62:04: 09:d8:c8:12:ec:92:88:92:0e:8c:08:7c:22:f3:c4: 68:b2:ed:88:05:f2:74:1e:be:33:35:2f:44:e1:e6: b2:14:a9:f8:a6:10:22:6f:98:52:7e:f1:e6:63:74: 2c:d9:59:e4:66:3c:69:4e:ca:66:d7:93:db:ef:ba: 0a:7a:ae:15:e1:29:8f:fe:66:a9:5b:34:7f:12:29: 5d:3b:eb:42:14:8b:b3:07:17:3d:5d:8f:8f:e6:02: 8e:18:26:a3:1d:1b:f6:ba:74:e3:63:b4:9b:a7:d8: d9:49:d4:10:92:63:51:86:66:0c:f0:83:ee:b3:4d: eb:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:DA:89:AC:57:3E:BC:5F:8D:8F:89:CD:CE:99:19:EC:FB:DE:23:21 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/528c97d8-1890-4c86-9eee-907363f046e1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:6000::/40 Signature Algorithm: sha256WithRSAEncryption 23:01:4c:a2:62:87:49:e2:10:97:6f:e9:f3:9b:aa:ae:8f:38: 55:86:32:ac:5a:fa:2e:32:65:3d:08:a8:35:0d:aa:d0:5c:e4: 6a:71:32:5b:5a:48:ca:d8:2b:a8:62:95:0c:24:50:76:da:13: e5:a5:26:10:f7:20:dc:cc:c0:ac:60:7e:ca:72:70:6a:04:ba: e6:e6:68:8b:f3:a7:4d:f4:6c:f3:c5:63:55:3d:64:88:0f:aa: 2d:62:e1:7e:37:03:9c:76:b4:4a:35:90:1d:ea:d3:d0:03:33: a7:32:c9:fe:6d:ab:e7:6a:46:ed:41:a4:8b:7a:af:e2:f9:be: 23:2d:d2:39:68:1e:90:a4:a2:93:34:fb:17:f5:f7:6d:01:70: 9a:ee:bc:c6:13:9f:35:ba:b3:b4:34:ba:ca:45:85:1a:d7:24: c8:af:b0:7d:31:74:c9:53:05:d0:c2:04:0f:75:92:cc:9f:a7: 21:2c:50:db:1b:39:d0:ba:02:4a:5f:18:24:46:1c:f3:9c:21: 35:15:e8:16:44:f7:02:98:a8:8d:96:b0:d1:9f:c9:46:21:0a: 9d:7e:bb:32:8b:bb:51:0a:53:ff:5c:7b:b8:71:bc:3a:3d:bc: 1d:db:03:6f:6d:ea:19:d9:a5:6a:fd:37:03:64:eb:42:34:4a: 8d:03:a3:00 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUeH2elmrPz/RzWfDEgYSeAUXX55YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDEwMzVaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQDY0MzQ3OTM2MDEzNTU5ZjUzOGQzNTNhNWM5N2UxN2IyNmNkZGQzMGFkOGEx ZGZlNjc3ODg0MjMyYmRkYTViMTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+G+yLdfTUv23hy6MG6RCvVwNFG0L3S2mjANI8UwygI8xk3QG1oTdCewcTz z80jYl2C0+mePTxknqB3U3fJNgpNLeJFrtoHQYO+WKAG0kP2kVYw27OT0Y+XCzA/ cop8w7iOi3ENwuz1qdZj4jIS/eQL0mJhz8Go6Nx8fYLOVnHQ2Ct5KmIECdjIEuyS iJIOjAh8IvPEaLLtiAXydB6+MzUvROHmshSp+KYQIm+YUn7x5mN0LNlZ5GY8aU7K ZteT2++6CnquFeEpj/5mqVs0fxIpXTvrQhSLswcXPV2Pj+YCjhgmox0b9rp042O0 m6fY2UnUEJJjUYZmDPCD7rNN64MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRG2oms Vz68X42Pic3OmRns+94jITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTI4Yzk3ZDgtMTg5MC00Yzg2LTllZWUtOTA3MzYzZjA0NmUxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HNg MA0GCSqGSIb3DQEBCwUAA4IBAQAjAUyiYodJ4hCXb+nzm6qujzhVhjKsWvouMmU9 CKg1DarQXORqcTJbWkjK2CuoYpUMJFB22hPlpSYQ9yDczMCsYH7KcnBqBLrm5miL 86dN9GzzxWNVPWSID6otYuF+NwOcdrRKNZAd6tPQAzOnMsn+bavnakbtQaSLeq/i +b4jLdI5aB6QpKKTNPsX9fdtAXCa7rzGE581urO0NLrKRYUa1yTIr7B9MXTJUwXQ wgQPdZLMn6chLFDbGznQugJKXxgkRhzznCE1FegWRPcCmKiNlrDRn8lGIQqdfrsy i7tRClP/XHu4cbw6Pbwd2wNvbeoZ2aVq/TcDZOtCNEqNA6MA -----END CERTIFICATE-----Generated at Sat Dec 6 10:53:37 2025 by rpki-client