This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa File: 538037c5-70a6-4b45-b84c-b4af8015af39.roa (raw, json) Hash identifier: ZaGgCHk61ui1KphGJRBKFGUr+gLU86aHIXKnr0ZcIg8= Subject key identifier: 6B:AB:33:B9:22:9A:F8:D0:C2:51:22:A7:85:B9:35:44:80:4A:FD:4F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 22AD9C79240A1A54C0CAED507B9B7FF2664E74DD Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa Signing time: Sat 15 Nov 2025 05:30:11 +0000 ROA not before: Sat 15 Nov 2025 05:30:11 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d029::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:ad:9c:79:24:0a:1a:54:c0:ca:ed:50:7b:9b:7f:f2:66:4e:74:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:11 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=a0df1bcd945f70f4f3bfca5bdfd81613ee5675488143689a94bb5dc6437454b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:eb:13:96:78:8b:bd:02:d8:a0:19:02:ca:91: 9a:48:27:58:fb:10:d7:b4:65:3e:e9:48:66:a5:b3: 6d:7a:a7:c6:78:ed:11:25:1f:8e:7b:4b:38:a4:9b: 3f:40:43:55:be:77:d9:3f:0d:70:09:72:9f:1c:c7: 47:62:6c:5b:95:c0:b8:8c:f2:13:e4:45:06:37:1f: 67:f1:9e:99:ea:17:93:16:39:5f:0b:01:c2:bd:1f: 2d:ae:b5:cc:41:b4:73:21:92:63:f0:94:0e:7c:4c: 80:54:99:b3:8f:68:fe:b9:cb:3f:6a:57:98:cd:77: ad:40:16:06:2e:15:c0:25:b1:24:a4:51:ed:1f:a8: 85:a0:75:34:4d:3f:15:82:92:49:e8:96:32:d4:f3: 65:94:fa:e0:3c:ed:8e:18:dd:01:99:3f:e1:c1:a6: 38:0d:95:1e:ff:a3:65:64:8c:0d:00:fe:2d:72:1f: cd:36:cd:c8:c9:2c:d2:75:05:e5:92:08:69:74:33: 7c:22:b6:50:45:8a:df:29:65:bc:03:a2:af:31:35: af:6e:a8:75:d6:cc:d6:af:db:9a:1b:f3:65:8c:42: f5:5d:36:14:79:09:3e:9b:f4:15:cc:a4:e1:22:a6: f3:29:d6:ba:d4:0d:f0:40:a8:80:9a:a5:bb:f7:ed: 97:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:AB:33:B9:22:9A:F8:D0:C2:51:22:A7:85:B9:35:44:80:4A:FD:4F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/538037c5-70a6-4b45-b84c-b4af8015af39.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d029::/36 Signature Algorithm: sha256WithRSAEncryption 7d:f6:e0:57:ad:22:9e:06:fc:19:a4:cd:10:15:61:39:d0:0c: b1:e3:88:20:7b:d2:78:6f:1c:43:48:44:4b:a7:92:8e:8e:f4: e3:38:34:cc:aa:97:60:85:b3:c8:40:ee:99:bf:c6:2b:14:d5: 6f:a7:45:77:9a:71:e7:91:80:6c:6f:8e:24:c2:9f:fb:77:10: 06:53:cb:0f:ee:89:e9:88:af:9d:ad:42:fb:84:a4:f3:7f:9b: 0e:4c:f8:28:73:0d:83:4b:a1:55:39:11:09:c2:15:e6:d7:8d: ab:e1:ab:45:fa:86:25:48:f0:da:3e:64:02:e6:ee:ae:9b:14: ea:ea:bd:b2:5f:74:01:c4:e3:19:27:d3:a8:93:df:60:ec:ea: 25:3b:26:dc:5f:14:4c:e6:ff:6f:e2:39:cd:e5:7a:97:a5:0c: 55:c3:78:30:55:e9:03:ad:9e:e0:ca:f9:81:ce:62:45:d2:7c: 7f:bb:eb:ca:3a:f6:c5:a8:a0:65:19:6a:24:40:ff:55:ec:35: a4:0c:6c:b1:20:f3:7a:62:41:c0:3e:58:da:67:74:73:6d:a1: d1:d1:24:21:53:0a:8c:26:89:0f:9b:ff:c2:95:e3:36:b2:82: 74:03:04:bd:fa:37:6f:ae:3a:3b:67:0c:af:8d:48:fa:6d:31: 03:7c:f4:3e -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUIq2ceSQKGlTAyu1Qe5t/8mZOdN0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwMTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGEwZGYxYmNkOTQ1ZjcwZjRmM2JmY2E1YmRmZDgxNjEzZWU1Njc1NDg4MTQz Njg5YTk0YmI1ZGM2NDM3NDU0YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANDrE5Z4i70C2KAZAsqRmkgnWPsQ17RlPulIZqWzbXqnxnjtESUfjntLOKSb P0BDVb532T8NcAlynxzHR2JsW5XAuIzyE+RFBjcfZ/GemeoXkxY5XwsBwr0fLa61 zEG0cyGSY/CUDnxMgFSZs49o/rnLP2pXmM13rUAWBi4VwCWxJKRR7R+ohaB1NE0/ FYKSSeiWMtTzZZT64DztjhjdAZk/4cGmOA2VHv+jZWSMDQD+LXIfzTbNyMks0nUF 5ZIIaXQzfCK2UEWK3yllvAOirzE1r26oddbM1q/bmhvzZYxC9V02FHkJPpv0Fcyk 4SKm8ynWutQN8ECogJqlu/ftl1ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrqzO5 Ipr40MJRIqeFuTVEgEr9TzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTM4MDM3YzUtNzBhNi00YjQ1LWI4NGMtYjRhZjgwMTVhZjM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CkA MA0GCSqGSIb3DQEBCwUAA4IBAQB99uBXrSKeBvwZpM0QFWE50Ayx44gge9J4bxxD SERLp5KOjvTjODTMqpdghbPIQO6Zv8YrFNVvp0V3mnHnkYBsb44kwp/7dxAGU8sP 7onpiK+drUL7hKTzf5sOTPgocw2DS6FVOREJwhXm142r4atF+oYlSPDaPmQC5u6u mxTq6r2yX3QBxOMZJ9Ook99g7OolOybcXxRM5v9v4jnN5XqXpQxVw3gwVekDrZ7g yvmBzmJF0nx/u+vKOvbFqKBlGWokQP9V7DWkDGyxIPN6YkHAPljaZ3RzbaHR0SQh UwqMJokPm//CleM2soJ0AwS9+jdvrjo7ZwyvjUj6bTEDfPQ+ -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:34 2025 by rpki-client