This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa File: 533769c8-002c-491c-9b99-324fe9f5743c.roa (raw, json) Hash identifier: bKu7jEFyNbeTDH7F8QHNRm+3j6mc+zsGX6JYqWqf9C4= Subject key identifier: 35:77:15:2A:3A:E4:1E:9D:D2:A9:FF:41:0D:7A:47:73:4C:09:47:85 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 07A03857274480A864ECAE7E66B3F429B8E286E9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa Signing time: Wed 10 Dec 2025 05:30:13 +0000 ROA not before: Wed 10 Dec 2025 05:30:13 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d022::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:a0:38:57:27:44:80:a8:64:ec:ae:7e:66:b3:f4:29:b8:e2:86:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:13 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=cd775c509e16171ea5a553484aa0a72dfc0a87169ca4d559b0b22566662817ce, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:83:b0:4a:1d:e3:ef:b5:75:b8:e5:3c:80:87: 1c:dd:48:af:fb:e2:40:01:37:b5:20:26:9a:1a:42: 09:bf:ff:08:ba:93:c3:ac:4a:38:45:a2:71:92:35: 1e:5e:a2:78:92:bd:b1:7f:4a:77:68:c6:4a:a3:a3: 99:b3:0e:b7:67:09:ab:02:1b:90:b8:09:72:6c:24: 89:b2:23:f4:ef:be:c9:01:96:b5:e4:0e:89:ed:45: 0f:aa:52:81:fc:a0:0d:e1:bc:17:2b:25:cb:85:fe: 69:90:eb:56:9f:62:25:64:41:4a:c5:69:b0:1c:2a: d1:8d:64:76:4b:18:a4:65:ac:31:ac:f7:fb:18:4d: f0:1c:6e:d6:93:f5:01:58:23:55:63:c6:f0:53:5e: 45:6a:6f:95:18:b9:dd:6f:43:37:1e:fc:ad:d1:ee: 11:1f:47:9d:8b:97:2e:ca:ea:99:10:d7:24:53:26: 4c:9f:a8:c8:15:64:58:d2:90:76:dd:6e:c0:9a:2b: 61:d9:71:06:b2:3a:92:d7:4f:81:c8:6e:21:d0:52: af:95:d3:40:b1:9b:80:66:f4:87:ec:46:76:a6:89: 71:73:36:2e:c7:f3:54:33:f5:c4:4c:de:bd:15:35: 74:e9:04:5f:15:02:53:ab:67:70:87:d2:98:b8:16: 06:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:77:15:2A:3A:E4:1E:9D:D2:A9:FF:41:0D:7A:47:73:4C:09:47:85 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/533769c8-002c-491c-9b99-324fe9f5743c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d022::/36 Signature Algorithm: sha256WithRSAEncryption 50:5b:7d:a9:f5:dc:c2:fe:5c:18:b5:c2:6f:a6:ce:d6:4f:5f: d9:13:72:36:4a:8b:d7:33:62:6f:03:7e:04:c6:a3:76:e2:0d: a3:52:a1:c9:aa:fb:14:6b:47:ef:0b:f5:53:4f:29:65:af:05: 8e:7f:f2:32:25:66:95:97:bf:2e:10:bf:60:45:79:7a:bf:c2: 45:22:03:e6:b9:48:6d:0a:61:85:70:90:73:96:15:81:e4:c3: a4:b8:2f:40:77:f2:a1:b5:98:3d:65:f7:53:a2:a9:47:a7:27: 77:26:2a:5a:a8:a7:f2:f5:53:05:b0:8a:5b:fb:66:8e:b2:30: 39:fa:50:4f:e4:21:7d:a9:be:ac:b1:06:fd:35:15:4d:67:3d: 1a:89:bb:92:9a:8a:dc:ac:6e:ba:ff:22:2d:29:d1:0e:15:3f: 20:60:3c:2b:b6:4d:54:53:83:ce:f5:9e:22:65:33:db:79:77: 91:1a:66:88:bb:d9:d9:08:b6:5e:0b:4c:73:46:5b:af:82:b1: d4:d5:a2:1e:60:09:aa:96:f7:84:6a:44:56:ee:c1:18:e4:52: 46:14:9e:19:2e:cd:d2:eb:b1:83:46:0d:70:cf:db:0d:ee:5a: f7:5c:9c:c1:41:a3:ab:0b:14:ac:af:f5:ca:45:ec:ce:c0:dc: c9:fd:f6:8a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUB6A4VydEgKhk7K5+ZrP0KbjihukwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwMTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGNkNzc1YzUwOWUxNjE3MWVhNWE1NTM0ODRhYTBhNzJkZmMwYTg3MTY5Y2E0 ZDU1OWIwYjIyNTY2NjYyODE3Y2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKqDsEod4++1dbjlPICHHN1Ir/viQAE3tSAmmhpCCb//CLqTw6xKOEWicZI1 Hl6ieJK9sX9Kd2jGSqOjmbMOt2cJqwIbkLgJcmwkibIj9O++yQGWteQOie1FD6pS gfygDeG8Fysly4X+aZDrVp9iJWRBSsVpsBwq0Y1kdksYpGWsMaz3+xhN8Bxu1pP1 AVgjVWPG8FNeRWpvlRi53W9DNx78rdHuER9HnYuXLsrqmRDXJFMmTJ+oyBVkWNKQ dt1uwJorYdlxBrI6ktdPgchuIdBSr5XTQLGbgGb0h+xGdqaJcXM2LsfzVDP1xEze vRU1dOkEXxUCU6tncIfSmLgWBhsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1dxUq OuQendKp/0ENekdzTAlHhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTMzNzY5YzgtMDAyYy00OTFjLTliOTktMzI0ZmU5ZjU3NDNjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CIA MA0GCSqGSIb3DQEBCwUAA4IBAQBQW32p9dzC/lwYtcJvps7WT1/ZE3I2SovXM2Jv A34ExqN24g2jUqHJqvsUa0fvC/VTTyllrwWOf/IyJWaVl78uEL9gRXl6v8JFIgPm uUhtCmGFcJBzlhWB5MOkuC9Ad/KhtZg9ZfdToqlHpyd3JipaqKfy9VMFsIpb+2aO sjA5+lBP5CF9qb6ssQb9NRVNZz0aibuSmorcrG66/yItKdEOFT8gYDwrtk1UU4PO 9Z4iZTPbeXeRGmaIu9nZCLZeC0xzRluvgrHU1aIeYAmqlveEakRW7sEY5FJGFJ4Z Ls3S67GDRg1wz9sN7lr3XJzBQaOrCxSsr/XKRezOwNzJ/faK -----END CERTIFICATE-----Generated at Mon Dec 15 15:31:08 2025 by rpki-client