This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa File: 5836d090-8999-43ab-a38c-f63a0e829c0b.roa (raw, json) Hash identifier: 3RlHXGkMfAL04PzNEZRgAvML9yvTkqm4T8xlXQGiNaM= Subject key identifier: A6:C4:39:77:F3:AE:5A:6F:5D:88:4E:EF:1D:CA:29:BE:28:76:5D:BD Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 35817BC780B17770E5FE121E55999A799DFB8CC1 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa Signing time: Sat 15 Nov 2025 05:51:02 +0000 ROA not before: Sat 15 Nov 2025 05:51:02 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:5000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:81:7b:c7:80:b1:77:70:e5:fe:12:1e:55:99:9a:79:9d:fb:8c:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:51:02 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=f6cad1e6c8386cf571f9fb5613d17a2741f334afd0ed647934a32550c4285af6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:84:ef:c2:5e:07:3a:70:f5:b9:6d:ce:0b:74: 92:6e:d5:02:e7:53:12:d2:fc:67:b1:03:64:b1:1f: 8c:8d:16:dd:32:aa:6f:7d:f3:f6:5f:0b:97:bb:27: 80:fc:d9:c3:ac:79:4a:8e:c1:db:62:47:92:cd:ce: 5e:72:32:e1:64:3c:29:1c:14:65:80:e4:46:9e:09: 61:08:5e:e1:7e:10:3b:9d:ad:97:e4:a4:49:69:9a: c2:99:52:cb:f0:c2:fb:83:ba:69:79:97:9a:08:46: 3b:67:0e:09:28:2c:93:60:6f:9e:5e:16:93:2a:ea: 24:46:60:17:e7:a5:6a:15:01:c8:d9:90:53:5c:6d: 7d:ce:3e:02:5d:52:42:1f:6b:a7:ad:eb:7a:62:17: f6:1c:0f:cc:e0:12:80:8a:f9:64:34:14:0b:0c:db: dc:21:22:f2:f9:ac:ff:b8:88:c6:a0:50:ae:52:e5: ec:95:36:73:ba:7d:91:7e:33:2c:06:c7:3d:4a:18: 2f:a7:ec:ee:59:fc:1e:24:0f:0a:e2:61:26:4b:97: 62:b4:d2:d5:57:93:af:d6:d4:eb:bb:f9:a8:10:e5: 5f:86:ea:e1:35:6e:93:e4:51:be:0d:d5:d6:ac:d1: bf:a2:76:9a:cb:24:cb:81:10:88:f4:a7:f8:67:57: 1f:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:C4:39:77:F3:AE:5A:6F:5D:88:4E:EF:1D:CA:29:BE:28:76:5D:BD X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5836d090-8999-43ab-a38c-f63a0e829c0b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:5000::/40 Signature Algorithm: sha256WithRSAEncryption b5:75:ce:37:f2:4a:dd:60:14:50:30:c2:a6:88:86:97:84:28: d8:23:1a:98:29:6b:bc:2d:16:b4:42:f7:0a:01:3e:aa:ea:c5: b6:c0:1c:32:b1:7e:79:24:fb:15:87:a2:19:56:e1:9d:b9:31: e9:9a:27:cc:12:58:30:80:e1:77:71:44:60:36:40:44:16:66: 4e:19:3d:80:d5:f3:2b:da:4a:cb:bd:da:89:f2:1f:08:a7:de: a4:bf:3c:be:df:66:6f:d7:ff:9f:da:a1:12:7c:c9:f5:65:77: f5:0d:d5:4d:f1:2a:be:f7:b5:36:0b:ca:e8:f3:82:d3:8b:7b: d5:c1:8f:ee:47:8d:06:3b:d3:a8:71:55:1a:73:41:f7:1c:73: 99:aa:73:b4:72:ce:04:82:01:c8:6d:9d:e0:5e:fa:4c:d7:9f: 3b:88:ef:4a:87:c3:8d:e4:3a:53:f0:82:66:dd:71:3d:96:7f: 78:05:13:66:57:27:90:47:c4:cb:8f:a0:16:02:72:f6:63:72: d4:4a:f8:60:13:69:82:f1:8e:ae:cc:de:f2:68:71:34:5a:f8: e4:4f:7f:0c:94:56:80:7e:80:61:a9:f2:c7:21:29:5a:10:f6: 86:b4:4a:0b:a9:1e:43:03:84:f9:8b:52:59:59:ba:38:db:b7: d0:44:3d:2b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUNYF7x4Cxd3Dl/hIeVZmaeZ37jMEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUxMDJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGY2Y2FkMWU2YzgzODZjZjU3MWY5ZmI1NjEzZDE3YTI3NDFmMzM0YWZkMGVk NjQ3OTM0YTMyNTUwYzQyODVhZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALKE78JeBzpw9bltzgt0km7VAudTEtL8Z7EDZLEfjI0W3TKqb33z9l8Ll7sn gPzZw6x5So7B22JHks3OXnIy4WQ8KRwUZYDkRp4JYQhe4X4QO52tl+SkSWmawplS y/DC+4O6aXmXmghGO2cOCSgsk2Bvnl4WkyrqJEZgF+elahUByNmQU1xtfc4+Al1S Qh9rp63remIX9hwPzOASgIr5ZDQUCwzb3CEi8vms/7iIxqBQrlLl7JU2c7p9kX4z LAbHPUoYL6fs7ln8HiQPCuJhJkuXYrTS1VeTr9bU67v5qBDlX4bq4TVuk+RRvg3V 1qzRv6J2mssky4EQiPSn+GdXH1sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSmxDl3 865ab12ITu8dyim+KHZdvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTgzNmQwOTAtODk5OS00M2FiLWEzOGMtZjYzYTBlODI5YzBiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9Q MA0GCSqGSIb3DQEBCwUAA4IBAQC1dc438krdYBRQMMKmiIaXhCjYIxqYKWu8LRa0 QvcKAT6q6sW2wBwysX55JPsVh6IZVuGduTHpmifMElgwgOF3cURgNkBEFmZOGT2A 1fMr2krLvdqJ8h8Ip96kvzy+32Zv1/+f2qESfMn1ZXf1DdVN8Sq+97U2C8ro84LT i3vVwY/uR40GO9OocVUac0H3HHOZqnO0cs4EggHIbZ3gXvpM1587iO9Kh8ON5DpT 8IJm3XE9ln94BRNmVyeQR8TLj6AWAnL2Y3LUSvhgE2mC8Y6uzN7yaHE0WvjkT38M lFaAfoBhqfLHISlaEPaGtEoLqR5DA4T5i1JZWbo427fQRD0r -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:56 2025 by rpki-client