This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa File: 5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa (raw, json) Hash identifier: Zlxv9Tf43nmZ3sEHYKvZs4J2Mlr2CAF5cE5iOCDCra8= Subject key identifier: 77:4A:64:43:A8:6E:D4:D3:D2:A0:94:E1:94:BB:D3:A3:15:BA:D5:1A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7F14DECF1AB94B20FD7A36EE172F3A137B59BC87 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa Signing time: Thu 13 Nov 2025 02:00:42 +0000 ROA not before: Thu 13 Nov 2025 02:00:42 +0000 ROA not after: Thu 18 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:14:de:cf:1a:b9:4b:20:fd:7a:36:ee:17:2f:3a:13:7b:59:bc:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 13 02:00:42 2025 GMT Not After : Dec 18 23:59:59 2025 GMT Subject: serialNumber=a850cdcb55995c88cdf41c3c6bc0b0406d3f25cb115349c49b436532a51de9ca, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:4f:bc:cb:7f:21:71:14:65:c8:7e:7a:c7:37: f8:73:31:c7:c8:9c:4e:50:e8:c7:12:a2:d1:85:65: 98:df:1e:b7:5f:f0:e4:dc:d2:bb:1a:ff:b9:62:eb: 06:4b:9f:77:24:72:db:9e:ab:f0:96:a4:1b:98:ae: 50:0e:f7:55:e5:71:4b:cb:e6:65:30:17:65:09:bc: 22:10:f0:9d:4b:5d:d9:be:d3:b2:3f:6f:26:e9:d9: e6:aa:50:f0:20:3c:63:18:e8:8f:91:e7:82:76:0e: cb:07:14:02:86:b8:42:da:96:8e:18:15:64:46:6f: 02:a1:73:bc:0b:07:20:67:51:3e:87:95:30:47:55: c6:51:00:ea:42:ab:2e:bf:4d:aa:49:48:f7:9f:da: dc:2c:46:d0:54:6a:d4:d0:59:e3:16:1a:77:cd:0f: 7e:55:81:e0:64:52:96:e7:61:69:3f:2b:fc:5a:55: 53:c1:11:14:bd:09:8c:60:37:ec:7b:79:7e:54:c8: d1:58:2b:63:7c:bc:ff:4d:2e:4b:3b:5f:ce:95:22: ff:4c:43:df:ab:9a:ad:79:18:d0:ab:bf:18:0d:a9: 07:29:65:4c:16:47:fc:d0:1f:00:aa:3d:72:f0:4c: 90:3c:5c:12:5c:41:b3:0b:e3:4a:26:31:b0:99:61: 7b:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:4A:64:43:A8:6E:D4:D3:D2:A0:94:E1:94:BB:D3:A3:15:BA:D5:1A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:8c0::/48 Signature Algorithm: sha256WithRSAEncryption b5:4e:cf:a5:f4:22:29:75:a3:52:81:5d:41:5f:a0:60:c4:d8: 49:68:4a:b1:b9:5a:a4:30:9e:0e:b7:38:1d:99:a1:a5:b4:e7: d5:d2:e9:92:2f:ad:b7:d3:33:1d:9e:a1:24:1b:fe:63:17:d0: e9:2e:c1:c0:eb:74:b2:1b:2f:cd:05:1c:52:54:5a:09:e2:12: c2:da:09:01:31:58:62:b7:64:f6:d6:b9:4e:21:7d:e9:b0:3f: d5:b7:4b:3c:75:d4:42:9f:c6:b3:1d:dc:2b:c1:81:07:ae:a1: a1:fb:f0:67:53:71:26:16:e6:cf:72:96:22:a2:3b:20:e5:f9: b3:6d:cc:a0:31:89:aa:39:86:ce:7c:bb:11:9b:67:d8:3b:bc: 84:9a:81:ef:38:d6:f0:f3:e6:e2:61:43:d2:15:a1:50:09:39: fb:46:8b:80:9f:5c:73:62:cd:6c:e4:35:df:84:0b:7b:3d:b8: 82:77:56:92:16:ba:1d:bc:f0:57:da:a4:b8:7b:67:42:69:c3: 5d:69:05:ac:5f:14:fc:4e:76:68:f2:69:ef:52:a7:ea:ab:f4: 75:fd:bc:69:55:9d:dc:f1:cf:57:2b:42:5e:57:0b:f8:f7:71: cf:7b:f1:c2:b1:c5:b6:d7:33:a5:57:65:14:58:22:e1:5e:68: e7:40:2e:a1 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUfxTezxq5SyD9ejbuFy86E3tZvIcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTMwMjAwNDJaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV BAUTQGE4NTBjZGNiNTU5OTVjODhjZGY0MWMzYzZiYzBiMDQwNmQzZjI1Y2IxMTUz NDljNDliNDM2NTMyYTUxZGU5Y2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKpPvMt/IXEUZch+esc3+HMxx8icTlDoxxKi0YVlmN8et1/w5NzSuxr/uWLr BkufdyRy256r8JakG5iuUA73VeVxS8vmZTAXZQm8IhDwnUtd2b7Tsj9vJunZ5qpQ 8CA8Yxjoj5HngnYOywcUAoa4QtqWjhgVZEZvAqFzvAsHIGdRPoeVMEdVxlEA6kKr Lr9NqklI95/a3CxG0FRq1NBZ4xYad80PflWB4GRSludhaT8r/FpVU8ERFL0JjGA3 7Ht5flTI0VgrY3y8/00uSztfzpUi/0xD36uarXkY0Ku/GA2pByllTBZH/NAfAKo9 cvBMkDxcElxBswvjSiYxsJlhe08CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR3SmRD qG7U09KglOGUu9OjFbrVGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWEwMjNiYTctNmRiZS00NmFjLWJjNmYtNjIxZWQ2OTQ2YjZlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I wDANBgkqhkiG9w0BAQsFAAOCAQEAtU7PpfQiKXWjUoFdQV+gYMTYSWhKsblapDCe Drc4HZmhpbTn1dLpki+tt9MzHZ6hJBv+YxfQ6S7BwOt0shsvzQUcUlRaCeISwtoJ ATFYYrdk9ta5TiF96bA/1bdLPHXUQp/Gsx3cK8GBB66hofvwZ1NxJhbmz3KWIqI7 IOX5s23MoDGJqjmGzny7EZtn2Du8hJqB7zjW8PPm4mFD0hWhUAk5+0aLgJ9cc2LN bOQ134QLez24gndWkha6HbzwV9qkuHtnQmnDXWkFrF8U/E52aPJp71Kn6qv0df28 aVWd3PHPVytCXlcL+Pdxz3vxwrHFttczpVdlFFgi4V5o50AuoQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:35 2025 by rpki-client