This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa File: 5387f3e7-ef20-46b2-8929-bf638dce97e1.roa (raw, json) Hash identifier: zVRTAuTCvZ5NGbkDlgL6vAyODX/uRGAj+6yMsjQG4DY= Subject key identifier: C3:2A:60:4A:B6:7A:FC:F9:D2:E9:E4:C0:1F:F4:91:4A:5D:96:E7:56 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 110C82EF67BCCB2B3C78B38CB0424DF756B0AC47 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa Signing time: Sat 15 Nov 2025 05:50:30 +0000 ROA not before: Sat 15 Nov 2025 05:50:30 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:5000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:0c:82:ef:67:bc:cb:2b:3c:78:b3:8c:b0:42:4d:f7:56:b0:ac:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:30 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=906790ea49f3288f87479e74068249550e4af103b3ccc5d4a1ba37bd95c28d4e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:01:0d:7e:d0:97:54:31:cd:5b:7b:a7:07:f1: 53:00:51:90:e4:e6:81:cf:d8:d4:9a:22:4c:4c:f6: 21:8f:3c:6e:6f:26:1c:ce:20:60:d1:ad:46:3e:9f: fe:63:ba:26:e3:a2:4c:ba:64:78:46:30:eb:80:9b: 7e:7a:72:e9:0c:89:ac:56:24:74:a8:74:47:7f:ce: 55:44:7f:40:20:8f:1d:7e:97:60:4e:50:bb:c5:7a: 81:a8:66:3d:b4:5f:08:ff:10:a5:70:1d:40:14:29: 07:11:47:36:09:e1:89:57:84:57:ce:f5:86:34:f7: c8:c4:2c:ce:75:6f:6b:a9:35:ed:4b:e6:cb:47:7c: 86:50:20:3d:e1:57:be:83:ca:fb:4b:3f:39:59:2e: c5:f4:27:b8:fa:53:32:e4:3c:ad:68:1b:75:a3:d4: 05:21:1a:8b:d3:e9:9a:8b:77:b2:db:8f:28:d8:f9: 84:bc:56:9c:c4:4f:f5:3f:39:62:8d:0d:84:f6:a3: cc:d7:77:51:c0:dd:37:d5:29:a3:ad:30:dd:4a:f4: 07:ae:8c:93:d7:60:7d:16:c7:2e:10:95:b5:df:9e: 60:e7:c2:61:83:12:b9:4b:9a:31:33:75:64:a8:e9: 59:20:12:cf:d1:70:f4:fc:88:0d:32:7a:e4:23:23: 77:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:2A:60:4A:B6:7A:FC:F9:D2:E9:E4:C0:1F:F4:91:4A:5D:96:E7:56 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5387f3e7-ef20-46b2-8929-bf638dce97e1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:5000::/40 Signature Algorithm: sha256WithRSAEncryption 22:57:e5:fd:ff:0b:6f:6b:06:7d:05:17:40:47:73:14:61:b4: 20:e3:bc:ed:b9:aa:45:02:48:a3:1a:07:3e:62:f0:a6:46:bb: 70:4d:fe:66:7c:0a:03:97:00:d7:e4:23:46:ac:74:de:5b:7e: 8b:01:0e:4e:d8:6d:83:cf:55:37:ef:86:32:c9:48:84:93:85: 7f:e7:4f:69:1f:f7:99:da:ec:61:aa:76:ef:a6:96:c2:64:0b: 93:4b:e9:d3:e2:e9:e5:8e:11:63:6e:ec:ae:78:38:24:1f:8c: aa:07:8f:ae:56:4c:82:09:01:7f:83:6d:55:50:4a:02:de:65: e1:cc:0c:85:fd:1f:78:71:ab:fc:65:35:e0:14:dc:cc:c2:1d: 9e:08:44:c3:c4:2c:47:90:dd:89:24:66:eb:5f:da:8b:46:aa: 4f:f9:a9:79:eb:41:c7:ed:34:c5:8b:45:96:35:be:bf:ec:2e: c4:ea:0b:1f:2e:75:04:10:4c:d3:ee:92:b8:5c:be:d7:3a:16: 50:3b:fd:a2:58:0d:3d:95:54:9b:e1:b9:1e:6a:fc:7c:9f:28: ba:8a:a0:35:be:76:57:0f:e7:d3:1c:d2:96:c0:f7:4e:f0:21: e9:01:04:47:82:86:ca:c2:4d:0d:87:ad:bf:41:53:df:9b:17: 7c:6f:2f:89 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEQyC72e8yys8eLOMsEJN91awrEcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMzBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDkwNjc5MGVhNDlmMzI4OGY4NzQ3OWU3NDA2ODI0OTU1MGU0YWYxMDNiM2Nj YzVkNGExYmEzN2JkOTVjMjhkNGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMQBDX7Ql1QxzVt7pwfxUwBRkOTmgc/Y1JoiTEz2IY88bm8mHM4gYNGtRj6f /mO6JuOiTLpkeEYw64Cbfnpy6QyJrFYkdKh0R3/OVUR/QCCPHX6XYE5Qu8V6gahm PbRfCP8QpXAdQBQpBxFHNgnhiVeEV871hjT3yMQsznVva6k17Uvmy0d8hlAgPeFX voPK+0s/OVkuxfQnuPpTMuQ8rWgbdaPUBSEai9Ppmot3stuPKNj5hLxWnMRP9T85 Yo0NhPajzNd3UcDdN9Upo60w3Ur0B66Mk9dgfRbHLhCVtd+eYOfCYYMSuUuaMTN1 ZKjpWSASz9Fw9PyIDTJ65CMjd/ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDKmBK tnr8+dLp5MAf9JFKXZbnVjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTM4N2YzZTctZWYyMC00NmIyLTg5MjktYmY2MzhkY2U5N2UxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DFQ MA0GCSqGSIb3DQEBCwUAA4IBAQAiV+X9/wtvawZ9BRdAR3MUYbQg47ztuapFAkij Ggc+YvCmRrtwTf5mfAoDlwDX5CNGrHTeW36LAQ5O2G2Dz1U374YyyUiEk4V/509p H/eZ2uxhqnbvppbCZAuTS+nT4unljhFjbuyueDgkH4yqB4+uVkyCCQF/g21VUEoC 3mXhzAyF/R94cav8ZTXgFNzMwh2eCETDxCxHkN2JJGbrX9qLRqpP+al560HH7TTF i0WWNb6/7C7E6gsfLnUEEEzT7pK4XL7XOhZQO/2iWA09lVSb4bkeavx8nyi6iqA1 vnZXD+fTHNKWwPdO8CHpAQRHgobKwk0Nh62/QVPfmxd8by+J -----END CERTIFICATE-----Generated at Sat Dec 6 19:19:56 2025 by rpki-client