This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa File: 57b964c4-07ca-4501-bd01-5cb8936846cc.roa (raw, json) Hash identifier: hWNUlT95Eb1D4wr8SXah2VTpXSs4bzh6a6/0JlbXuHo= Subject key identifier: 25:0D:E0:62:13:BD:FD:5B:D6:6E:7E:07:A7:ED:2C:A1:C3:82:74:26 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2531D4821B56F260BE468D82E51A3D48465E1A9C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa Signing time: Sat 15 Nov 2025 06:20:52 +0000 ROA not before: Sat 15 Nov 2025 06:20:52 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:31:d4:82:1b:56:f2:60:be:46:8d:82:e5:1a:3d:48:46:5e:1a:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:52 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=94d660fe8bd733b824aabaa55f8da6fc2dd39a89f2561f183f30b75e1fd318f9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:7a:23:9a:ad:93:44:2b:22:84:dc:ba:90:86: 62:05:45:e1:b0:f5:40:d5:2f:af:20:8e:a6:90:5d: 5a:7b:a7:a6:04:4f:dd:4a:e8:61:07:96:5e:bb:f6: 71:88:0b:57:17:c3:95:a7:5f:5c:8a:1d:1c:86:95: 8e:07:bb:30:5d:5f:56:1d:a5:ea:e0:ac:35:01:42: 1a:17:7e:a1:2e:13:8c:d7:3e:7f:b7:74:58:59:89: 1e:27:8c:b7:1d:cb:81:a0:27:05:2b:be:6d:35:41: cb:55:d2:3e:c6:30:71:9b:99:19:15:41:bd:76:a6: 84:35:09:98:2b:21:26:69:bc:3e:b2:4f:1f:fb:c5: 38:c1:df:ea:8d:89:56:a5:25:31:b0:9f:90:ae:fe: f4:d2:64:cb:cb:25:91:20:71:3c:0d:30:15:7b:81: 85:b2:66:4f:b9:c1:39:1c:50:2a:32:17:b7:ea:a7: 20:df:0d:94:c1:40:2f:b3:bf:7e:cb:4d:7c:fe:a4: 00:26:64:0b:06:bc:4f:0c:f5:7d:7e:7e:e5:61:ad: 5f:bd:65:0f:2a:1a:9e:e1:6f:4c:eb:cc:8c:c1:7b: 78:10:68:83:2a:0c:4c:2c:73:85:5a:1a:af:0e:00: 47:b4:b2:31:e6:4b:4f:3d:bd:91:a6:74:11:f5:db: f4:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:0D:E0:62:13:BD:FD:5B:D6:6E:7E:07:A7:ED:2C:A1:C3:82:74:26 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:b000::/40 Signature Algorithm: sha256WithRSAEncryption 30:d2:30:17:b7:a3:1b:06:58:5a:0e:08:f0:e9:5a:bd:47:74: a8:97:4b:41:02:4e:6b:29:63:52:51:8c:cb:6b:77:dd:b6:52: 69:cf:20:9e:80:8a:33:21:e5:20:a8:c2:99:82:a8:45:2d:98: 59:70:e4:47:20:9a:0c:92:1c:5c:9f:e3:41:eb:98:3c:74:c0: d0:c2:4b:d2:1b:0f:0f:23:e5:89:a3:f7:c9:d1:6c:ad:98:db: 76:92:22:55:ec:eb:46:5f:fd:26:ae:73:dd:a2:a6:36:4a:83: 02:f5:91:7d:0f:0e:3e:0b:31:87:a5:7c:e3:8d:5c:25:1d:25: 6c:01:ff:d8:2d:fd:92:cd:e9:4c:2d:75:8b:ff:17:df:4b:d9: 5a:61:a6:18:5c:c3:7c:86:98:34:86:70:8b:f7:04:72:40:22: bd:db:3a:1f:4e:89:5b:0f:83:0e:98:e9:03:6f:54:38:f6:7d: 1c:7b:9e:17:09:de:4e:bb:3a:01:12:14:b6:c6:ff:0e:65:be: c5:c9:8f:9c:5b:7a:c7:09:d7:6d:84:4b:b0:f2:1c:75:96:1c: ca:cd:7a:34:04:fc:18:4f:db:09:32:0d:8b:d4:e0:62:6f:33: 0f:92:46:31:2b:92:51:db:79:9f:19:da:3d:2f:ed:a0:a0:71: 59:1d:b4:35 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUJTHUghtW8mC+Ro2C5Ro9SEZeGpwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwNTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDk0ZDY2MGZlOGJkNzMzYjgyNGFhYmFhNTVmOGRhNmZjMmRkMzlhODlmMjU2 MWYxODNmMzBiNzVlMWZkMzE4ZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJl6I5qtk0QrIoTcupCGYgVF4bD1QNUvryCOppBdWnunpgRP3UroYQeWXrv2 cYgLVxfDladfXIodHIaVjge7MF1fVh2l6uCsNQFCGhd+oS4TjNc+f7d0WFmJHieM tx3LgaAnBSu+bTVBy1XSPsYwcZuZGRVBvXamhDUJmCshJmm8PrJPH/vFOMHf6o2J VqUlMbCfkK7+9NJky8slkSBxPA0wFXuBhbJmT7nBORxQKjIXt+qnIN8NlMFAL7O/ fstNfP6kACZkCwa8Twz1fX5+5WGtX71lDyoanuFvTOvMjMF7eBBogyoMTCxzhVoa rw4AR7SyMeZLTz29kaZ0EfXb9GUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQlDeBi E739W9Zufgen7Syhw4J0JjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTdiOTY0YzQtMDdjYS00NTAxLWJkMDEtNWNiODkzNjg0NmNjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w MA0GCSqGSIb3DQEBCwUAA4IBAQAw0jAXt6MbBlhaDgjw6Vq9R3Sol0tBAk5rKWNS UYzLa3fdtlJpzyCegIozIeUgqMKZgqhFLZhZcORHIJoMkhxcn+NB65g8dMDQwkvS Gw8PI+WJo/fJ0WytmNt2kiJV7OtGX/0mrnPdoqY2SoMC9ZF9Dw4+CzGHpXzjjVwl HSVsAf/YLf2SzelMLXWL/xffS9laYaYYXMN8hpg0hnCL9wRyQCK92zofTolbD4MO mOkDb1Q49n0ce54XCd5OuzoBEhS2xv8OZb7FyY+cW3rHCddthEuw8hx1lhzKzXo0 BPwYT9sJMg2L1OBibzMPkkYxK5JR23mfGdo9L+2goHFZHbQ1 -----END CERTIFICATE-----Generated at Sat Dec 6 19:20:20 2025 by rpki-client