This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa File: 57c971db-5779-4af6-9c2f-2c7cd904e742.roa (raw, json) Hash identifier: p7mTUdkjPcxRtxdwen1RLHdh0i58cu7sIV3L7c4XZU8= Subject key identifier: 7D:B4:14:69:79:6D:EF:C5:B7:CD:33:F5:45:9A:07:5E:88:8F:C1:88 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 393F5B5E7EA965C9956253C57F85940ACABCB267 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa Signing time: Sat 15 Nov 2025 06:11:00 +0000 ROA not before: Sat 15 Nov 2025 06:11:00 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d076:c000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:3f:5b:5e:7e:a9:65:c9:95:62:53:c5:7f:85:94:0a:ca:bc:b2:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:11:00 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=25dd7dd2c9ffb587b79f4f9ab2a802dda19ee4a1bbfba386ef950b9676849d03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:70:7b:9b:b9:4f:05:b3:c3:fc:b6:d0:ce:be: b6:14:1d:cf:b6:cc:bd:b9:b2:e0:16:80:75:64:4f: 52:f9:bf:bb:a8:9d:0d:0a:ac:be:a3:b2:cf:ca:c9: 97:30:3e:59:cf:20:e8:1f:ad:31:f3:da:a1:0c:8a: 95:22:69:2e:77:af:f7:12:73:9d:a4:33:e4:80:9e: 89:6c:7a:17:0d:7b:b8:b9:53:17:5c:1e:46:80:11: 98:c3:e6:d2:89:8e:5b:0a:71:2e:d1:be:a9:03:31: 82:2a:31:de:af:e5:c6:48:92:01:06:31:66:0b:f6: 24:4c:f5:fc:fb:37:62:b0:fe:8d:64:23:d9:fc:b7: 38:d9:79:35:0e:b4:1f:27:b9:27:38:7f:b4:b0:13: 2e:25:14:1d:6b:00:83:a2:48:c7:88:e3:b6:59:4e: 4e:09:45:7f:5a:7a:a1:e7:a2:4e:fe:6c:33:71:de: 2f:a6:ac:69:5b:35:7e:b7:f1:b3:de:40:4b:db:05: 17:bc:38:3e:c9:12:1b:b4:97:30:54:df:53:c3:89: 95:09:14:67:dc:3e:07:2d:0a:33:e4:83:09:48:5e: 3a:47:e0:fe:70:ff:ab:3d:fe:06:b1:3c:a1:22:d7: 93:5f:be:75:86:a4:f4:7b:ed:1d:8e:25:0f:bd:14: ba:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:B4:14:69:79:6D:EF:C5:B7:CD:33:F5:45:9A:07:5E:88:8F:C1:88 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57c971db-5779-4af6-9c2f-2c7cd904e742.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d076:c000::/48 Signature Algorithm: sha256WithRSAEncryption 14:a7:13:53:eb:b8:53:da:d1:c3:50:5f:e7:fd:2f:38:56:87: fc:06:c2:10:ba:da:bd:e7:89:4f:8e:ae:2f:f9:59:44:6e:1e: 6d:cb:93:f0:a8:82:e6:0f:c1:8c:62:32:01:ab:55:00:dc:ab: 6b:a0:bc:05:79:6d:14:a9:07:81:69:52:8e:07:71:f0:f1:2d: 8a:c3:a0:cd:60:ea:d5:2f:c6:4a:1a:b4:f5:27:8c:12:c7:81: ad:fb:10:8f:45:b5:62:25:b6:67:8d:c9:c7:4c:ec:13:e5:d7: 62:bb:c7:3d:89:3f:74:e2:a0:7d:f1:28:86:09:55:af:5e:07: 67:94:44:73:6e:aa:cb:40:8e:55:30:f0:9d:53:8a:64:2a:08: b4:68:90:ab:f1:ad:44:50:97:e1:64:95:6c:0f:c8:90:5d:4e: 90:df:0e:b6:5b:be:f0:40:dc:ea:fe:86:15:22:63:f2:a4:7f: 5d:77:21:ea:74:05:49:e7:71:27:0d:5b:32:01:f0:6b:e6:16: 38:00:a4:c1:44:cd:99:a9:48:fc:24:70:44:1c:6d:a7:d3:ff: 0c:57:91:4e:bb:3e:1f:86:05:d1:8e:07:bb:fd:8c:d6:8e:8f: 4e:ca:2e:1e:e7:76:15:07:67:b9:0b:72:9e:12:c0:b2:ea:4d: 75:64:77:40 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUOT9bXn6pZcmVYlPFf4WUCsq8smcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjExMDBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDI1ZGQ3ZGQyYzlmZmI1ODdiNzlmNGY5YWIyYTgwMmRkYTE5ZWU0YTFiYmZi YTM4NmVmOTUwYjk2NzY4NDlkMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFwe5u5TwWzw/y20M6+thQdz7bMvbmy4BaAdWRPUvm/u6idDQqsvqOyz8rJ lzA+Wc8g6B+tMfPaoQyKlSJpLnev9xJznaQz5ICeiWx6Fw17uLlTF1weRoARmMPm 0omOWwpxLtG+qQMxgiox3q/lxkiSAQYxZgv2JEz1/Ps3YrD+jWQj2fy3ONl5NQ60 Hye5Jzh/tLATLiUUHWsAg6JIx4jjtllOTglFf1p6oeeiTv5sM3HeL6asaVs1frfx s95AS9sFF7w4PskSG7SXMFTfU8OJlQkUZ9w+By0KM+SDCUheOkfg/nD/qz3+BrE8 oSLXk1++dYak9HvtHY4lD70UurUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR9tBRp eW3vxbfNM/VFmgdeiI/BiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTdjOTcxZGItNTc3OS00YWY2LTljMmYtMmM3Y2Q5MDRlNzQyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HbA ADANBgkqhkiG9w0BAQsFAAOCAQEAFKcTU+u4U9rRw1Bf5/0vOFaH/AbCELraveeJ T46uL/lZRG4ebcuT8KiC5g/BjGIyAatVANyra6C8BXltFKkHgWlSjgdx8PEtisOg zWDq1S/GShq09SeMEseBrfsQj0W1YiW2Z43Jx0zsE+XXYrvHPYk/dOKgffEohglV r14HZ5REc26qy0COVTDwnVOKZCoItGiQq/GtRFCX4WSVbA/IkF1OkN8Otlu+8EDc 6v6GFSJj8qR/XXch6nQFSedxJw1bMgHwa+YWOACkwUTNmalI/CRwRBxtp9P/DFeR Trs+H4YF0Y4Hu/2M1o6PTsouHud2FQdnuQtynhLAsupNdWR3QA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:51:09 2025 by rpki-client