This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa File: 5f28c807-572d-4641-be39-53109963f4c3.roa (raw, json) Hash identifier: T0TrFlQ9LZnh3TlAGWBPWFny5DeimTSsd1HMdm0q2Wc= Subject key identifier: EA:9A:7C:A5:32:FD:29:6B:CF:5E:5C:60:5E:FA:12:4B:5A:FB:AD:BA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2AD549C190663C26FCAC029776E06A8CA7897798 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa Signing time: Wed 10 Dec 2025 05:10:10 +0000 ROA not before: Wed 10 Dec 2025 05:10:10 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d036:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:d5:49:c1:90:66:3c:26:fc:ac:02:97:76:e0:6a:8c:a7:89:77:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:10:10 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=2a6e094b86c16121af8eb4c97516e8297e936b5de41c60510319bd500b220a97, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:98:34:2e:c8:9c:5a:20:a2:65:1e:a6:6a:da: cd:f4:f1:cf:58:52:ba:d1:e8:4b:8f:45:16:f5:2c: 67:9c:ed:c4:12:32:36:39:92:b3:4a:a4:be:73:c0: 21:27:df:fc:25:e5:0d:7c:7d:51:2a:2e:2b:0e:07: bf:1c:ed:a3:e6:63:d5:0b:db:ca:85:b4:0b:94:79: 98:8f:ae:08:a2:f1:58:f0:41:d7:28:a5:0f:b5:8c: a5:a9:07:35:9e:2c:be:8d:b7:4a:c1:10:bc:1f:af: 7a:a9:21:69:54:84:67:dd:6f:2e:75:f9:cf:26:b0: 79:57:a2:27:7c:2e:81:14:c1:bd:cc:45:f4:43:be: e5:11:a5:e8:e3:60:ac:84:18:b4:a5:24:48:30:dc: 08:41:5e:6a:c5:2f:e0:c1:04:ef:0d:db:1c:c8:15: d7:6c:68:40:27:a5:50:83:93:02:4b:f4:ed:70:59: f6:dc:11:5b:7d:e7:d7:11:fa:b5:66:02:ce:36:c4: 29:06:7b:3b:a1:3f:01:17:3c:af:7f:73:d4:63:f3: a8:79:c4:ec:40:48:98:24:92:28:eb:d1:09:78:3d: 3e:5d:09:92:42:52:92:23:6f:69:80:b8:6a:27:4e: c1:87:f4:63:a5:a9:3b:f1:a8:93:dd:e7:19:29:ec: 97:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:9A:7C:A5:32:FD:29:6B:CF:5E:5C:60:5E:FA:12:4B:5A:FB:AD:BA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d036:a000::/40 Signature Algorithm: sha256WithRSAEncryption ca:6b:82:5d:38:9c:a7:85:d2:85:56:75:76:0b:d9:19:f1:ce: 0a:72:3a:cf:8b:2d:e5:77:e6:ae:1b:ed:50:d9:3d:b0:03:b7: 0e:3f:fa:1a:fb:89:74:01:df:cc:d4:53:c5:64:4a:a0:9c:29: 9b:99:5b:76:98:ae:86:8d:0f:ea:05:66:9a:5a:dd:ed:20:01: ac:0d:a5:de:12:11:88:a1:42:a3:73:9a:e8:50:3a:cc:7e:96: fc:65:5c:b3:43:1e:07:27:9f:d2:f9:52:6b:ba:dc:45:dc:e6: f0:37:ed:5f:67:a3:ce:c4:30:87:95:dd:e3:0c:a7:0d:b0:41: 36:1f:4a:e9:69:46:fd:6b:75:ed:15:fc:87:29:86:2d:21:9c: a6:31:c9:ec:61:f0:09:d7:89:e2:fd:8c:88:e8:f9:87:1c:e5: e5:a8:e6:85:68:6e:a1:8b:5c:09:da:6e:9d:8a:56:88:b3:f3: 45:f2:a5:81:79:d3:a0:17:fe:b6:30:85:e0:3d:a8:a0:14:ea: d0:da:ca:ca:f8:ee:76:f4:fa:fe:10:6c:5a:24:98:77:68:d0: 31:e0:45:f4:87:9c:be:af:f4:29:b6:94:b7:c3:d3:50:c2:86: 98:1b:08:ed:df:68:80:cc:b1:07:66:bb:94:ad:c3:6a:b8:c0: f1:ff:67:ee -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKtVJwZBmPCb8rAKXduBqjKeJd5gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTEwMTBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDJhNmUwOTRiODZjMTYxMjFhZjhlYjRjOTc1MTZlODI5N2U5MzZiNWRlNDFj NjA1MTAzMTliZDUwMGIyMjBhOTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPeYNC7InFogomUepmrazfTxz1hSutHoS49FFvUsZ5ztxBIyNjmSs0qkvnPA ISff/CXlDXx9USouKw4Hvxzto+Zj1QvbyoW0C5R5mI+uCKLxWPBB1yilD7WMpakH NZ4svo23SsEQvB+veqkhaVSEZ91vLnX5zyaweVeiJ3wugRTBvcxF9EO+5RGl6ONg rIQYtKUkSDDcCEFeasUv4MEE7w3bHMgV12xoQCelUIOTAkv07XBZ9twRW33n1xH6 tWYCzjbEKQZ7O6E/ARc8r39z1GPzqHnE7EBImCSSKOvRCXg9Pl0JkkJSkiNvaYC4 aidOwYf0Y6WpO/Gok93nGSnsl98CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqmnyl Mv0pa89eXGBe+hJLWvutujAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWYyOGM4MDctNTcyZC00NjQxLWJlMzktNTMxMDk5NjNmNGMzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dag MA0GCSqGSIb3DQEBCwUAA4IBAQDKa4JdOJynhdKFVnV2C9kZ8c4KcjrPiy3ld+au G+1Q2T2wA7cOP/oa+4l0Ad/M1FPFZEqgnCmbmVt2mK6GjQ/qBWaaWt3tIAGsDaXe EhGIoUKjc5roUDrMfpb8ZVyzQx4HJ5/S+VJrutxF3ObwN+1fZ6POxDCHld3jDKcN sEE2H0rpaUb9a3XtFfyHKYYtIZymMcnsYfAJ14ni/YyI6PmHHOXlqOaFaG6hi1wJ 2m6dilaIs/NF8qWBedOgF/62MIXgPaigFOrQ2srK+O529Pr+EGxaJJh3aNAx4EX0 h5y+r/QptpS3w9NQwoaYGwjt32iAzLEHZruUrcNquMDx/2fu -----END CERTIFICATE-----Generated at Mon Dec 15 15:34:20 2025 by rpki-client