This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa File: 58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa (raw, json) Hash identifier: Km/gXLfLReBWI5ef6QTXxi8dutMTG6uXtkwNlcmaKmI= Subject key identifier: 2E:D9:5E:3E:26:10:AB:63:06:41:20:C4:FF:73:A6:F6:37:6F:44:00 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 649811D4CBBECC7C6F7304BCCF39D2B21ADEE767 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa Signing time: Wed 10 Dec 2025 06:30:13 +0000 ROA not before: Wed 10 Dec 2025 06:30:13 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:2040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:98:11:d4:cb:be:cc:7c:6f:73:04:bc:cf:39:d2:b2:1a:de:e7:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:13 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=6f2e888d0e2d9e019dc477bed8e7a935ed51196235641f9dee4e5edd5176dce6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:22:d9:3d:65:fb:16:08:65:ec:1f:2d:d6:a8: 0d:23:e2:b3:9c:8b:1f:64:b9:05:e8:df:15:f2:29: fa:ac:32:83:fd:7a:bb:53:f5:0f:2a:89:bc:f6:31: f7:84:4e:db:26:c2:0e:8f:3c:3f:b4:f3:45:31:82: 57:d0:6c:57:52:d1:be:cb:c1:eb:fd:8a:12:b9:9c: 34:6d:87:b4:9c:1d:aa:e1:94:af:2b:c9:ee:48:3d: 16:c6:77:44:34:e9:3f:b3:f5:31:a6:0a:79:cf:d3: 32:07:d7:83:db:5a:52:39:21:1e:71:14:58:0f:39: 19:77:a7:e7:f0:55:9f:b3:b4:90:bd:85:0e:9f:f7: 0b:08:43:47:14:d4:d2:ce:5a:30:bb:f3:f0:0f:60: 0f:61:3e:f6:66:7c:69:46:fd:88:3c:80:a7:c6:2c: 08:a7:73:f7:90:3f:8f:43:f8:7f:de:ba:58:37:9c: 53:22:bd:04:ea:a3:11:48:a4:c1:be:e2:73:c7:1f: cb:bb:c4:5c:84:ce:15:08:83:cd:12:e7:3b:56:16: 57:a7:2e:14:10:73:d8:02:c2:8f:24:3b:03:86:be: 8a:d0:29:17:2b:e3:e1:04:83:16:3b:b1:bd:b6:d0: fe:9c:2d:e8:a2:40:ee:90:0b:ac:3f:bb:68:cb:52: 37:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:D9:5E:3E:26:10:AB:63:06:41:20:C4:FF:73:A6:F6:37:6F:44:00 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/58557a89-b431-49c3-bc0e-d49e2d4c79d7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:2040::/48 Signature Algorithm: sha256WithRSAEncryption 01:57:95:93:a5:c6:42:1f:d3:8e:65:01:2a:be:9f:e3:b3:5a: cf:da:98:4f:23:ef:83:10:ad:be:bf:ff:60:ef:da:ea:eb:f2: 39:c6:07:5a:cf:30:a4:b4:26:75:5f:45:a3:aa:7a:71:8a:b7: a6:4b:b1:36:6b:75:51:b8:2c:53:84:fb:26:33:bf:5c:13:37: 48:49:11:8f:83:77:3e:f3:4f:71:8e:4d:44:5f:f8:e3:ca:d2: b7:31:d6:b0:08:2b:cd:50:84:3d:63:08:13:d6:52:1a:e1:56: 7c:e5:ac:3a:4a:91:30:db:e1:07:47:30:54:52:ca:f1:60:ac: 0f:1e:46:64:6f:ca:a2:9a:ac:e5:18:e4:33:e3:23:dc:28:48: 60:d5:75:1f:53:bf:c7:51:33:7f:6d:ff:60:b8:e3:b0:74:1d: 51:5a:b8:17:a5:26:f1:97:53:8b:17:0f:4d:ec:52:b1:f1:53: 6f:97:f2:5c:ba:7a:69:e5:14:bf:6a:5f:87:79:3b:5c:51:f9: a2:d3:1a:21:ba:de:31:e7:4a:5b:7f:c9:fb:bb:ee:a6:d5:b6: af:be:da:21:33:af:21:73:30:41:37:19:f1:8d:8b:2c:6a:46: 65:46:d5:b6:76:ec:83:2d:e5:b3:ff:2f:1c:95:cb:b9:b1:af: 5c:f0:a5:9d -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUZJgR1Mu+zHxvcwS8zznSshre52cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDZmMmU4ODhkMGUyZDllMDE5ZGM0NzdiZWQ4ZTdhOTM1ZWQ1MTE5NjIzNTY0 MWY5ZGVlNGU1ZWRkNTE3NmRjZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJAi2T1l+xYIZewfLdaoDSPis5yLH2S5BejfFfIp+qwyg/16u1P1DyqJvPYx 94RO2ybCDo88P7TzRTGCV9BsV1LRvsvB6/2KErmcNG2HtJwdquGUryvJ7kg9FsZ3 RDTpP7P1MaYKec/TMgfXg9taUjkhHnEUWA85GXen5/BVn7O0kL2FDp/3CwhDRxTU 0s5aMLvz8A9gD2E+9mZ8aUb9iDyAp8YsCKdz95A/j0P4f966WDecUyK9BOqjEUik wb7ic8cfy7vEXITOFQiDzRLnO1YWV6cuFBBz2ALCjyQ7A4a+itApFyvj4QSDFjux vbbQ/pwt6KJA7pALrD+7aMtSNx0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQu2V4+ JhCrYwZBIMT/c6b2N29EADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTg1NTdhODktYjQzMS00OWMzLWJjMGUtZDQ5ZTJkNGM3OWQ3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HIg QDANBgkqhkiG9w0BAQsFAAOCAQEAAVeVk6XGQh/TjmUBKr6f47Naz9qYTyPvgxCt vr//YO/a6uvyOcYHWs8wpLQmdV9Fo6p6cYq3pkuxNmt1UbgsU4T7JjO/XBM3SEkR j4N3PvNPcY5NRF/448rStzHWsAgrzVCEPWMIE9ZSGuFWfOWsOkqRMNvhB0cwVFLK 8WCsDx5GZG/Kopqs5RjkM+Mj3ChIYNV1H1O/x1Ezf23/YLjjsHQdUVq4F6Um8ZdT ixcPTexSsfFTb5fyXLp6aeUUv2pfh3k7XFH5otMaIbreMedKW3/J+7vuptW2r77a ITOvIXMwQTcZ8Y2LLGpGZUbVtnbsgy3ls/8vHJXLubGvXPClnQ== -----END CERTIFICATE-----Generated at Mon Dec 15 17:03:27 2025 by rpki-client