This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa File: 541034be-1844-4bf7-9c43-91bf5b83fa3d.roa (raw, json) Hash identifier: K61zZkqZkh9x20mujMiZhcWow3hf6INlava+EIZuEME= Subject key identifier: A8:7F:CD:94:69:5C:52:9A:92:66:14:0F:2E:18:B2:7A:37:13:33:BA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 19EF4BD2D1D1D4A7551A0C6C5041A7FCBA79EB38 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa Signing time: Tue 02 Dec 2025 01:50:48 +0000 ROA not before: Tue 02 Dec 2025 01:50:48 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:ef:4b:d2:d1:d1:d4:a7:55:1a:0c:6c:50:41:a7:fc:ba:79:eb:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:50:48 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=c3e5c122562c6c445dbcd9ad8b1eb3121d15685160d7e8ee33b100097c1a02d4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:82:32:f7:ed:8d:ed:9e:ca:d3:11:11:3a:28: c7:36:24:ae:75:d2:58:0a:2f:a3:e3:2a:d9:04:39: a9:98:56:0c:f6:55:c4:1f:7e:7a:60:90:15:a3:50: 91:bc:58:17:9d:0a:bd:52:d4:4c:b2:f2:3e:a8:80: 17:fd:35:21:f7:00:70:36:27:37:60:fc:7f:f2:de: fc:63:c5:93:e5:57:1b:7a:4c:bb:20:52:53:c8:cd: ee:25:3f:7c:c4:e6:ba:ec:ae:01:1e:f4:e5:c0:c5: 7e:17:3d:81:9b:c7:18:1f:7d:16:fd:a2:92:58:c3: fc:17:95:94:41:24:49:02:c9:e1:f7:50:c4:0b:f7: 3a:78:e1:34:74:bb:e6:21:1c:85:0e:36:14:ee:9a: c3:4f:36:86:5c:49:00:62:90:ab:ea:60:b5:5d:31: 76:d6:01:89:4f:04:a2:14:2b:4d:4c:c8:5d:32:13: ef:02:fa:35:42:81:58:05:ad:88:90:72:f9:ad:c6: 57:5b:c0:9e:36:d1:93:ed:35:a3:17:c2:6d:46:ff: 44:74:06:03:9b:e8:e5:77:64:45:2c:14:26:b0:43: bf:56:b0:be:25:a0:f3:1d:c1:1e:90:d4:be:4f:e3: 18:31:f8:25:8f:67:8a:2f:92:2d:84:25:d2:e4:0a: 76:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:7F:CD:94:69:5C:52:9A:92:66:14:0F:2E:18:B2:7A:37:13:33:BA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/541034be-1844-4bf7-9c43-91bf5b83fa3d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:8000::/40 Signature Algorithm: sha256WithRSAEncryption c8:bc:32:24:1d:18:2e:04:dc:33:b3:fe:5e:4a:9c:e9:12:e2: b2:12:ec:2f:1e:70:e0:71:04:56:26:f7:75:ae:f8:0f:09:9d: de:15:f7:4f:71:c1:a4:34:06:d7:92:6f:52:1f:a4:1b:5a:f5: 58:85:d9:26:8f:6f:ca:a1:3e:0d:52:6c:aa:79:f5:97:7b:26: 86:03:f0:82:5e:ae:fc:85:17:5c:ba:d8:af:f6:1e:83:0e:00: b7:dc:fc:0e:d5:28:6d:14:39:97:47:88:7e:e7:78:dc:6d:d7: 97:54:c9:14:84:c4:68:92:7c:e8:8f:32:5d:a1:9c:2e:7d:f0: fa:c8:ed:c0:e5:38:69:a7:c7:95:de:2e:09:92:23:d1:19:0b: 8b:03:5b:89:f3:89:7a:9f:74:bc:51:77:8c:89:15:da:37:5a: 33:91:35:3d:34:e4:d1:d6:46:87:b1:70:e2:80:2a:12:c3:10: 15:70:fd:d3:4a:f7:1d:48:37:38:99:20:33:c9:40:b7:09:15: cd:64:75:f0:6b:bd:ab:ae:b6:a2:71:ee:92:79:c1:af:86:d5: 36:6f:b2:5b:14:f9:0c:1d:83:f7:90:99:a1:a8:43:a3:88:0d: 19:26:76:ba:a8:ca:bc:26:3e:f1:12:e1:45:95:a3:8f:18:41: 21:2c:8a:13 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGe9L0tHR1KdVGgxsUEGn/Lp56zgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUwNDhaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQGMzZTVjMTIyNTYyYzZjNDQ1ZGJjZDlhZDhiMWViMzEyMWQxNTY4NTE2MGQ3 ZThlZTMzYjEwMDA5N2MxYTAyZDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL2CMvftje2eytMRETooxzYkrnXSWAovo+Mq2QQ5qZhWDPZVxB9+emCQFaNQ kbxYF50KvVLUTLLyPqiAF/01IfcAcDYnN2D8f/Le/GPFk+VXG3pMuyBSU8jN7iU/ fMTmuuyuAR705cDFfhc9gZvHGB99Fv2ikljD/BeVlEEkSQLJ4fdQxAv3OnjhNHS7 5iEchQ42FO6aw082hlxJAGKQq+pgtV0xdtYBiU8EohQrTUzIXTIT7wL6NUKBWAWt iJBy+a3GV1vAnjbRk+01oxfCbUb/RHQGA5vo5XdkRSwUJrBDv1awviWg8x3BHpDU vk/jGDH4JY9nii+SLYQl0uQKdnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSof82U aVxSmpJmFA8uGLJ6NxMzujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTQxMDM0YmUtMTg0NC00YmY3LTljNDMtOTFiZjViODNmYTNkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaA MA0GCSqGSIb3DQEBCwUAA4IBAQDIvDIkHRguBNwzs/5eSpzpEuKyEuwvHnDgcQRW Jvd1rvgPCZ3eFfdPccGkNAbXkm9SH6QbWvVYhdkmj2/KoT4NUmyqefWXeyaGA/CC Xq78hRdcutiv9h6DDgC33PwO1ShtFDmXR4h+53jcbdeXVMkUhMRoknzojzJdoZwu ffD6yO3A5Thpp8eV3i4JkiPRGQuLA1uJ84l6n3S8UXeMiRXaN1ozkTU9NOTR1kaH sXDigCoSwxAVcP3TSvcdSDc4mSAzyUC3CRXNZHXwa72rrraice6SecGvhtU2b7Jb FPkMHYP3kJmhqEOjiA0ZJna6qMq8Jj7xEuFFlaOPGEEhLIoT -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:21 2025 by rpki-client