This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa File: 5f28c807-572d-4641-be39-53109963f4c3.roa (raw, json) Hash identifier: WO2NCqbw/k1jpiYZOBRN4osGLCBSl+w2o0NXGeqA3kE= Subject key identifier: AE:A1:63:AF:47:4E:A0:C3:09:D8:C2:92:F4:AE:E6:AA:3D:FE:D9:BB Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5D32EBCF4EAE630515A8C13EC1F43B4987A3E4CA Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa Signing time: Sat 15 Nov 2025 05:20:42 +0000 ROA not before: Sat 15 Nov 2025 05:20:42 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d036:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:32:eb:cf:4e:ae:63:05:15:a8:c1:3e:c1:f4:3b:49:87:a3:e4:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:20:42 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=567acdd535d09e613b9c120aaf6367d11ba8ff30677aa0183f1f08cb618767ad, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:07:89:c2:47:2e:8e:0b:c9:17:51:ac:bb:94: 62:0c:c2:0e:2e:66:d5:e0:36:a8:42:83:62:2d:92: d8:85:4f:76:84:6a:9b:bb:5e:77:50:44:1a:ac:bc: 16:d8:df:c9:10:c7:60:4a:b9:7c:31:c2:a0:3c:66: 23:bc:d3:2f:ca:02:60:68:2a:f3:46:f2:d0:cb:0e: d5:01:31:34:0d:a0:04:f7:42:f0:27:7b:fe:63:42: 0a:66:25:8d:ee:b1:00:f0:b8:aa:e5:66:57:b7:ba: 20:03:20:ba:bf:ff:bd:71:a2:5c:0f:74:1a:c9:b1: be:8c:5a:5b:1e:82:0a:0c:e0:70:7c:18:09:c6:7b: 23:5f:da:33:24:61:e3:6f:1e:c2:bc:9b:b3:8f:0a: 50:e5:6a:e3:72:e2:e4:b6:e9:29:21:5b:4a:40:05: e6:54:cc:05:c7:82:68:52:e1:bf:b7:1f:0f:c2:5e: 41:e2:9f:2f:62:a5:e1:d7:ce:fb:36:ad:ca:ff:fe: 01:bf:77:41:88:84:6c:a0:04:03:f2:73:f2:e1:8e: 6f:42:a3:d2:92:3d:29:92:79:91:14:ca:54:7c:62: f5:a0:5f:17:30:55:a9:de:db:cc:ec:0e:21:f3:4a: eb:36:21:1b:9d:c3:ad:5e:a8:d1:a9:df:1b:78:3c: cc:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:A1:63:AF:47:4E:A0:C3:09:D8:C2:92:F4:AE:E6:AA:3D:FE:D9:BB X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5f28c807-572d-4641-be39-53109963f4c3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d036:a000::/40 Signature Algorithm: sha256WithRSAEncryption 27:f2:90:83:b5:b5:a8:1e:c9:ec:46:72:b1:db:a8:b7:e3:a8: 2e:e2:9c:89:95:45:2e:98:b8:de:4f:f5:0c:47:20:ba:ac:88: cb:88:a1:a9:27:d6:ae:58:ed:84:28:ea:6c:7f:17:ba:e6:e8: 02:be:04:66:fd:3c:1f:1f:d2:9d:24:8c:d0:8f:03:3a:30:73: 12:73:2e:62:b4:32:13:30:8b:75:89:b0:ae:e9:bd:5d:35:fe: c6:c8:d8:69:65:00:ee:5b:7a:93:03:6f:12:ad:8e:54:cc:6f: 8a:96:fa:de:c4:22:5d:8d:e3:b4:5b:5d:0b:ed:63:dd:61:bb: 0c:27:01:83:a3:1d:f4:d6:a0:81:4c:04:30:58:5f:75:2c:d3: fa:a9:1d:08:09:bc:e5:2f:bf:04:38:20:81:28:2a:0b:be:31: 74:db:05:ab:f1:e9:3b:7c:17:8d:8d:93:40:fb:8e:d5:84:f7: aa:3e:43:35:e7:04:fe:fc:22:e3:a7:ec:cb:c6:c0:7c:a8:2b: 98:6a:46:0a:5d:01:d6:b2:ef:06:14:f5:1f:1a:ac:27:fa:cc: 61:88:b2:ef:c7:da:f3:59:51:a7:37:19:e4:c1:7f:52:f1:0b: cf:62:5c:eb:4d:41:2b:57:ae:d9:e1:38:2e:0d:cf:8e:9d:2b: 80:62:70:65 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXTLrz06uYwUVqME+wfQ7SYej5MowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTIwNDJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDU2N2FjZGQ1MzVkMDllNjEzYjljMTIwYWFmNjM2N2QxMWJhOGZmMzA2Nzdh YTAxODNmMWYwOGNiNjE4NzY3YWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOcHicJHLo4LyRdRrLuUYgzCDi5m1eA2qEKDYi2S2IVPdoRqm7ted1BEGqy8 FtjfyRDHYEq5fDHCoDxmI7zTL8oCYGgq80by0MsO1QExNA2gBPdC8Cd7/mNCCmYl je6xAPC4quVmV7e6IAMgur//vXGiXA90GsmxvoxaWx6CCgzgcHwYCcZ7I1/aMyRh 428ewrybs48KUOVq43Li5LbpKSFbSkAF5lTMBceCaFLhv7cfD8JeQeKfL2Kl4dfO +zatyv/+Ab93QYiEbKAEA/Jz8uGOb0Kj0pI9KZJ5kRTKVHxi9aBfFzBVqd7bzOwO IfNK6zYhG53DrV6o0anfG3g8zE0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuoWOv R06gwwnYwpL0ruaqPf7ZuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NWYyOGM4MDctNTcyZC00NjQxLWJlMzktNTMxMDk5NjNmNGMzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dag MA0GCSqGSIb3DQEBCwUAA4IBAQAn8pCDtbWoHsnsRnKx26i346gu4pyJlUUumLje T/UMRyC6rIjLiKGpJ9auWO2EKOpsfxe65ugCvgRm/TwfH9KdJIzQjwM6MHMScy5i tDITMIt1ibCu6b1dNf7GyNhpZQDuW3qTA28SrY5UzG+KlvrexCJdjeO0W10L7WPd YbsMJwGDox301qCBTAQwWF91LNP6qR0ICbzlL78EOCCBKCoLvjF02wWr8ek7fBeN jZNA+47VhPeqPkM15wT+/CLjp+zLxsB8qCuYakYKXQHWsu8GFPUfGqwn+sxhiLLv x9rzWVGnNxnkwX9S8QvPYlzrTUErV67Z4TguDc+OnSuAYnBl -----END CERTIFICATE-----Generated at Sat Dec 6 12:45:38 2025 by rpki-client