This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa File: 5c57a644-0d1c-4126-9684-e345f93c1560.roa (raw, json) Hash identifier: gcRBUjhj9MV+tbZV5fibVpB9skktPFhgcNm3oDzarnM= Subject key identifier: 11:1A:D6:57:49:3D:87:5C:72:31:76:92:DE:7E:A7:12:33:C4:41:04 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 74EBD9DCC5EBD2D88BBC260486CD2BBA7EE7FE52 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa Signing time: Sat 15 Nov 2025 06:20:05 +0000 ROA not before: Sat 15 Nov 2025 06:20:05 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:eb:d9:dc:c5:eb:d2:d8:8b:bc:26:04:86:cd:2b:ba:7e:e7:fe:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:05 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=38b422661a20485e2c6f469384fca071e9c3cf4074e00c3a0624133f4a79c9e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:be:7c:19:27:fc:d0:9e:36:be:e3:1f:61:28: 7b:ea:a9:76:7d:ed:c6:67:05:ee:b5:a0:e6:39:e7: 00:a8:95:0c:d3:bf:79:70:b3:c2:84:82:a3:2d:d0: 46:4e:b3:c5:ec:d1:a0:10:50:40:e9:28:f6:be:7f: 0b:17:13:a0:8c:dd:5e:b7:52:74:8b:36:e1:d8:1d: 38:30:3b:68:0b:ea:3b:68:d5:c9:c0:40:ae:20:21: a8:c1:54:3e:9a:95:b9:8a:cc:b3:3f:c3:2a:a4:8e: f4:d7:60:f4:f5:c0:0d:a7:c7:f0:95:6e:34:78:f6: 64:29:b7:ff:00:60:12:3c:d6:b1:73:cb:ea:4b:1d: 56:f9:97:97:6d:91:7c:8e:c1:de:3a:a0:c1:d5:64: 6c:3e:88:0b:74:be:58:86:c9:2b:09:37:1b:a3:a3: 6b:43:d4:c9:73:88:29:2e:9e:f7:96:eb:81:ec:c8: 5b:f6:4f:99:1a:38:99:10:ef:32:80:06:65:5d:77: af:02:5a:63:34:d0:aa:2a:f8:5a:b9:f9:5a:c4:ae: f9:eb:4f:ee:f3:76:fd:a8:75:a0:84:61:7a:9f:5b: d9:db:74:a4:99:7a:a1:24:fa:95:16:24:34:65:ff: 74:d4:57:7c:8a:b3:11:c6:1b:cd:cc:23:0b:61:8e: 22:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:1A:D6:57:49:3D:87:5C:72:31:76:92:DE:7E:A7:12:33:C4:41:04 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c57a644-0d1c-4126-9684-e345f93c1560.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:9040::/48 Signature Algorithm: sha256WithRSAEncryption 8e:55:a5:23:5a:5a:5e:35:41:d6:fc:80:73:1f:43:2a:35:53: b3:2a:95:29:78:74:bf:cb:f3:f6:c8:cf:b5:f8:3b:2c:98:e5: 6f:5d:c8:fe:d9:04:9a:1c:4a:4f:04:36:56:46:80:9b:f5:cc: dd:eb:77:c5:06:10:02:b5:2f:83:61:70:5a:7d:6d:ba:c5:df: 39:52:46:59:75:d3:09:b9:37:f2:d2:b4:18:51:84:7b:ea:91: c5:ce:b6:f7:0e:dd:f5:5d:56:59:bb:d0:78:e7:63:cd:50:da: 85:b6:d0:d0:ee:c4:a3:25:20:59:fa:21:a2:3e:96:c4:2e:2f: 46:b9:78:19:f9:6a:b9:63:6e:e5:cb:f5:06:37:94:91:80:1b: 1d:30:b3:5c:dd:e5:a4:22:b5:8e:3c:a4:b2:5c:01:64:12:e6: b1:9c:89:01:94:8d:26:b6:a6:8b:12:e2:aa:ef:c6:82:06:0b: 25:e5:47:12:16:b7:39:90:6d:8f:8e:d7:c1:0d:bd:a5:f9:b6: 11:1e:30:8a:aa:85:fd:81:ca:36:d8:b2:eb:3f:1b:f3:f9:c6: a5:d2:e9:b0:87:48:25:ab:f9:dc:ec:f8:7f:5c:b7:e9:9e:2d: 6c:3b:cf:11:13:f1:37:dd:48:2b:d8:7c:51:78:1b:c4:6a:25: 0d:27:32:67 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUdOvZ3MXr0tiLvCYEhs0run7n/lIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDM4YjQyMjY2MWEyMDQ4NWUyYzZmNDY5Mzg0ZmNhMDcxZTljM2NmNDA3NGUw MGMzYTA2MjQxMzNmNGE3OWM5ZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMa+fBkn/NCeNr7jH2Eoe+qpdn3txmcF7rWg5jnnAKiVDNO/eXCzwoSCoy3Q Rk6zxezRoBBQQOko9r5/CxcToIzdXrdSdIs24dgdODA7aAvqO2jVycBAriAhqMFU PpqVuYrMsz/DKqSO9Ndg9PXADafH8JVuNHj2ZCm3/wBgEjzWsXPL6ksdVvmXl22R fI7B3jqgwdVkbD6IC3S+WIbJKwk3G6Oja0PUyXOIKS6e95brgezIW/ZPmRo4mRDv MoAGZV13rwJaYzTQqir4Wrn5WsSu+etP7vN2/ah1oIRhep9b2dt0pJl6oST6lRYk NGX/dNRXfIqzEcYbzcwjC2GOIisCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQRGtZX ST2HXHIxdpLefqcSM8RBBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWM1N2E2NDQtMGQxYy00MTI2LTk2ODQtZTM0NWY5M2MxNTYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ QDANBgkqhkiG9w0BAQsFAAOCAQEAjlWlI1paXjVB1vyAcx9DKjVTsyqVKXh0v8vz 9sjPtfg7LJjlb13I/tkEmhxKTwQ2VkaAm/XM3et3xQYQArUvg2FwWn1tusXfOVJG WXXTCbk38tK0GFGEe+qRxc629w7d9V1WWbvQeOdjzVDahbbQ0O7EoyUgWfohoj6W xC4vRrl4GflquWNu5cv1BjeUkYAbHTCzXN3lpCK1jjykslwBZBLmsZyJAZSNJram ixLiqu/GggYLJeVHEha3OZBtj47XwQ29pfm2ER4wiqqF/YHKNtiy6z8b8/nGpdLp sIdIJav53Oz4f1y36Z4tbDvPERPxN91IK9h8UXgbxGolDScyZw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:55 2025 by rpki-client