This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa File: 5c829516-8640-4a9a-a2b3-cfababf09faa.roa (raw, json) Hash identifier: QdjoNERWve/Sj6zSZD87vtPIU6wDWIwsQSbYl1vHEkQ= Subject key identifier: DC:10:B7:43:59:29:FD:06:42:99:2C:92:15:5B:D3:82:8D:56:D2:D2 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 298B2E4BE08FAA67D289B1AABCE4BFD16B52EB9F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa Signing time: Sat 15 Nov 2025 06:20:03 +0000 ROA not before: Sat 15 Nov 2025 06:20:03 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d031:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:8b:2e:4b:e0:8f:aa:67:d2:89:b1:aa:bc:e4:bf:d1:6b:52:eb:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:20:03 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=ebece0b102f1dce90b39a60c8b9a80d700b95eff29d74746ef5ce33e50b8d898, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:34:97:13:f4:71:ae:2e:1a:d8:25:ef:e0:b4: 6b:95:10:37:71:e6:8c:fb:c2:26:64:e7:09:42:aa: c6:61:b4:67:56:ff:17:a3:f3:6b:56:6b:07:6f:c8: 7b:9b:24:f5:b3:7f:fe:66:49:76:0a:b0:14:59:56: 1f:d4:14:d1:6a:69:44:fe:42:32:43:60:6a:48:10: 58:6d:e1:8a:60:92:b0:39:37:fe:1b:24:17:17:7b: 1e:ee:22:8d:4c:ce:68:75:99:be:46:88:04:93:18: 4f:c1:56:47:66:75:92:fb:1c:de:bd:6f:bd:a2:b3: 77:00:ce:f3:e6:8d:93:f4:5c:ce:88:37:90:8e:fd: 51:3f:2d:62:dd:b3:10:cf:c3:fe:65:98:b1:81:17: 10:60:16:5d:3e:50:fc:ff:f8:79:c6:79:da:2d:8e: 96:4f:22:eb:44:b8:33:d9:44:3e:56:19:50:9c:06: 09:21:2f:c1:63:e3:53:35:7f:b8:c0:a0:fb:6f:f6: 53:f2:37:1c:51:ca:5d:09:ae:f6:d4:fd:3c:1d:63: 77:d5:72:1e:c5:90:0c:49:e0:c2:d1:6e:de:53:50: fa:37:ac:87:53:22:75:08:ab:fb:a2:21:c4:e5:53: 21:bf:0b:3a:36:48:55:c3:2f:8f:f6:ef:cf:ad:3b: 98:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:10:B7:43:59:29:FD:06:42:99:2C:92:15:5B:D3:82:8D:56:D2:D2 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c829516-8640-4a9a-a2b3-cfababf09faa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d031:e080::/48 Signature Algorithm: sha256WithRSAEncryption 5c:61:5b:5b:e9:ca:16:dc:73:ca:9d:f1:74:d5:7c:86:0c:99: bd:62:9b:77:73:18:f0:bd:44:38:35:43:30:24:41:23:c2:34: 62:69:5b:7b:d9:db:b8:de:7d:7a:ec:69:dd:7e:aa:89:1c:7c: 33:52:97:b6:9b:6c:32:20:06:81:1d:c5:da:58:61:66:4f:24: 3e:eb:b1:fe:7a:3d:58:93:af:7f:6f:78:67:18:dd:90:df:eb: 74:13:e3:ac:0b:45:af:c4:c6:da:50:aa:6f:26:ef:8f:97:77: a5:ff:4c:03:6c:1d:23:17:a5:df:b5:0b:26:34:86:b6:d4:23: fc:c0:37:ff:b8:36:fc:0d:3f:4a:7e:a8:22:8a:fb:07:dd:26: f4:3a:72:0e:cb:64:b9:7d:8b:50:79:71:5a:e2:6f:ea:0a:c3: 15:61:e2:1f:13:61:fb:58:db:e8:6f:29:2f:e2:26:ba:81:36: 63:ce:c9:98:fc:62:81:94:b5:14:04:dc:6c:42:35:1b:e1:ac: e4:08:82:e7:91:ee:69:a0:38:c0:ee:81:94:1c:b5:5f:e6:8e: 1e:ef:76:b4:43:56:76:3d:48:80:5b:a5:08:ad:97:c5:18:20: 87:71:06:96:4a:b6:bd:b1:8a:d8:6a:34:ea:cc:a6:84:b5:20: f7:51:1c:2c -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUKYsuS+CPqmfSibGqvOS/0WtS658wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIwMDNaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGViZWNlMGIxMDJmMWRjZTkwYjM5YTYwYzhiOWE4MGQ3MDBiOTVlZmYyOWQ3 NDc0NmVmNWNlMzNlNTBiOGQ4OTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALw0lxP0ca4uGtgl7+C0a5UQN3HmjPvCJmTnCUKqxmG0Z1b/F6Pza1ZrB2/I e5sk9bN//mZJdgqwFFlWH9QU0WppRP5CMkNgakgQWG3himCSsDk3/hskFxd7Hu4i jUzOaHWZvkaIBJMYT8FWR2Z1kvsc3r1vvaKzdwDO8+aNk/Rczog3kI79UT8tYt2z EM/D/mWYsYEXEGAWXT5Q/P/4ecZ52i2Olk8i60S4M9lEPlYZUJwGCSEvwWPjUzV/ uMCg+2/2U/I3HFHKXQmu9tT9PB1jd9VyHsWQDEngwtFu3lNQ+jesh1MidQir+6Ih xOVTIb8LOjZIVcMvj/bvz607mDECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTcELdD WSn9BkKZLJIVW9OCjVbS0jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWM4Mjk1MTYtODY0MC00YTlhLWEyYjMtY2ZhYmFiZjA5ZmFhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHg gDANBgkqhkiG9w0BAQsFAAOCAQEAXGFbW+nKFtxzyp3xdNV8hgyZvWKbd3MY8L1E ODVDMCRBI8I0Ymlbe9nbuN59euxp3X6qiRx8M1KXtptsMiAGgR3F2lhhZk8kPuux /no9WJOvf294ZxjdkN/rdBPjrAtFr8TG2lCqbybvj5d3pf9MA2wdIxel37ULJjSG ttQj/MA3/7g2/A0/Sn6oIor7B90m9DpyDstkuX2LUHlxWuJv6grDFWHiHxNh+1jb 6G8pL+ImuoE2Y87JmPxigZS1FATcbEI1G+Gs5AiC55HuaaA4wO6BlBy1X+aOHu92 tENWdj1IgFulCK2XxRggh3EGlkq2vbGK2Go06symhLUg91EcLA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:40 2025 by rpki-client