This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa File: 57cdb107-9a3c-4e41-87e2-149f989f7fae.roa (raw, json) Hash identifier: nLJsFP4r9WlaImI3T4WGUPmVTDHfrzs1tYmRIIv055s= Subject key identifier: 75:05:09:C4:24:C5:B8:6F:8D:8F:B9:65:71:2F:2A:43:27:7F:05:A9 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7D693107C524E223B0B5FE9EC5071FBADEB620B4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa Signing time: Tue 18 Nov 2025 00:30:09 +0000 ROA not before: Tue 18 Nov 2025 00:30:09 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d034:60c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:69:31:07:c5:24:e2:23:b0:b5:fe:9e:c5:07:1f:ba:de:b6:20:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:30:09 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=db91e5189b270d6eb50778e42d76840141203027e298ed933a904c4a25fd30a9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:9f:ac:7d:e4:a6:d1:05:e7:f9:3a:f5:a4:5a: ae:4b:4b:2c:71:d2:90:4f:90:28:1b:19:ec:93:be: d3:a3:be:d9:28:5c:ce:ba:cc:ba:8f:bc:17:52:86: f2:d3:98:b2:3e:bc:bb:a4:ca:58:b3:59:08:24:c2: 9a:e6:ec:6a:2e:94:80:97:d9:b8:35:ea:1c:83:8a: 85:f1:ad:06:91:2c:21:85:5b:54:bd:cf:01:93:dc: 81:87:f1:39:9a:3f:5b:fd:e8:b7:b9:32:70:05:1c: a6:88:72:86:a8:33:61:80:dd:c3:9e:e0:a3:10:15: ae:b0:d4:20:b5:57:61:44:29:b7:b5:65:51:26:80: 08:7e:03:73:a0:d4:c3:c8:21:5a:67:43:88:b9:ce: dc:91:b1:d0:8b:42:fe:a9:61:5f:e5:ba:e3:de:cc: 2b:a6:9f:b6:7e:db:4d:ea:43:60:d8:74:15:e9:d6: 59:85:c7:d1:7a:02:28:3d:03:b6:0a:ca:bf:c8:48: f0:7a:ac:12:7c:5c:9c:5b:f4:14:8e:0e:65:cf:11: 35:86:2f:2d:25:2f:d0:eb:37:e0:d4:89:7c:7a:a1: a8:87:58:8c:7b:d2:16:ce:e2:bb:2b:f8:4b:62:b8: 2e:55:fd:ea:1e:6b:65:f2:9c:ca:99:ea:1d:92:9e: ae:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:05:09:C4:24:C5:B8:6F:8D:8F:B9:65:71:2F:2A:43:27:7F:05:A9 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57cdb107-9a3c-4e41-87e2-149f989f7fae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d034:60c0::/46 Signature Algorithm: sha256WithRSAEncryption 26:99:d0:22:9b:24:12:2b:10:92:72:93:78:41:f7:12:87:04: ee:c9:3b:f1:0f:dd:ec:10:99:f4:87:0d:12:cc:9f:20:a0:ef: 80:88:69:98:4e:a3:a8:85:5f:90:ba:8c:d2:ae:2a:08:bf:5d: c3:6b:e1:28:04:16:47:64:e7:54:fe:11:7d:a6:a8:66:8c:75: 35:99:7d:17:50:f7:97:9e:14:58:16:63:b8:0e:ad:42:34:f4: 59:f9:d6:4b:7a:5f:f3:fe:3e:ea:b3:a9:bc:f7:ad:45:a9:9a: 1d:b5:40:e3:88:36:f6:5e:52:e1:7e:cf:53:56:53:71:09:0d: 8e:5e:68:96:42:df:85:37:cf:fa:af:5a:27:ff:1f:90:fa:f4: aa:5a:78:d4:b9:70:6a:91:66:e7:a1:b4:91:78:c2:db:7b:53: bf:44:8e:cd:d4:b0:ab:b5:c6:1c:30:6a:3d:b5:3b:ff:a1:63: 6d:df:31:07:a4:13:df:2e:01:53:e3:f0:c5:3a:e8:92:49:15: a5:89:11:75:6f:4f:dd:d9:ed:85:0f:81:bc:4f:99:c4:2a:8a: d2:76:ea:3a:45:73:02:0e:dc:95:41:7c:d2:8c:d4:b7:fa:9b: c0:4e:c0:30:fa:36:ff:5d:cb:c3:16:96:53:10:c4:2e:ee:f1: 08:b3:e0:8c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUfWkxB8Uk4iOwtf6exQcfut62ILQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDMwMDlaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQGRiOTFlNTE4OWIyNzBkNmViNTA3NzhlNDJkNzY4NDAxNDEyMDMwMjdlMjk4 ZWQ5MzNhOTA0YzRhMjVmZDMwYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIqfrH3kptEF5/k69aRarktLLHHSkE+QKBsZ7JO+06O+2ShczrrMuo+8F1KG 8tOYsj68u6TKWLNZCCTCmubsai6UgJfZuDXqHIOKhfGtBpEsIYVbVL3PAZPcgYfx OZo/W/3ot7kycAUcpohyhqgzYYDdw57goxAVrrDUILVXYUQpt7VlUSaACH4Dc6DU w8ghWmdDiLnO3JGx0ItC/qlhX+W6497MK6aftn7bTepDYNh0FenWWYXH0XoCKD0D tgrKv8hI8HqsEnxcnFv0FI4OZc8RNYYvLSUv0Os34NSJfHqhqIdYjHvSFs7iuyv4 S2K4LlX96h5rZfKcypnqHZKerscCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR1BQnE JMW4b42PuWVxLypDJ38FqTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTdjZGIxMDctOWEzYy00ZTQxLTg3ZTItMTQ5Zjk4OWY3ZmFlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg wDANBgkqhkiG9w0BAQsFAAOCAQEAJpnQIpskEisQknKTeEH3EocE7sk78Q/d7BCZ 9IcNEsyfIKDvgIhpmE6jqIVfkLqM0q4qCL9dw2vhKAQWR2TnVP4RfaaoZox1NZl9 F1D3l54UWBZjuA6tQjT0WfnWS3pf8/4+6rOpvPetRamaHbVA44g29l5S4X7PU1ZT cQkNjl5olkLfhTfP+q9aJ/8fkPr0qlp41LlwapFm56G0kXjC23tTv0SOzdSwq7XG HDBqPbU7/6Fjbd8xB6QT3y4BU+PwxTrokkkVpYkRdW9P3dnthQ+BvE+ZxCqK0nbq OkVzAg7clUF80ozUt/qbwE7AMPo2/13LwxaWUxDELu7xCLPgjA== -----END CERTIFICATE-----Generated at Sat Dec 6 22:37:11 2025 by rpki-client