This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa File: 669652b6-0b22-49a0-b29f-dfb51835c988.roa (raw, json) Hash identifier: iAlaGUWvBHRmfPuC4VlYP5zS+2L7k2GFXOABZoLyIH4= Subject key identifier: F7:B1:BA:BA:BC:D5:97:7B:26:98:28:AF:E2:81:74:A8:69:9A:3C:99 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2A88973577A40A640E457D9C98156E3368A95590 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa Signing time: Sat 15 Nov 2025 06:31:05 +0000 ROA not before: Sat 15 Nov 2025 06:31:05 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01c::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:88:97:35:77:a4:0a:64:0e:45:7d:9c:98:15:6e:33:68:a9:55:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:31:05 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=5fbd08742220238d7f164329da4a7ac65bd0910fc34576b230b7d76f9c003c62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:0a:0a:86:66:22:13:3d:62:5c:92:a1:69:cb: 0a:ae:ea:d0:8f:f8:08:c2:fb:4f:f3:fa:de:3e:51: cb:b8:08:22:4e:2e:03:2f:b8:da:12:f7:54:c1:ca: d4:bc:ea:e1:77:43:18:b1:e3:7b:fb:dd:31:69:f6: 28:cb:64:30:ce:47:ad:03:c8:09:d8:ad:29:af:72: 7c:36:5f:c6:34:1b:f2:29:9d:cb:89:f9:ba:de:91: 0e:87:af:a3:bd:ea:cd:3c:8b:f8:7c:03:b5:3d:94: 53:06:e9:77:0f:07:fb:a1:75:09:05:9b:df:40:1b: e9:86:3a:19:67:41:83:9a:c7:32:6e:d0:49:fa:5a: 9b:21:b3:a4:70:bf:dd:67:76:70:31:79:b3:b7:78: 90:ae:28:10:69:57:7b:55:d7:64:36:1b:b0:e5:83: c9:c4:b3:a1:cf:d3:93:ef:bf:0a:0c:e0:a3:4d:e2: 0c:18:81:05:e4:7f:9f:72:68:3f:5c:74:cb:0f:97: af:a2:67:c9:00:73:79:d0:f4:9e:c8:95:44:10:c2: 3e:0d:4e:05:2c:88:64:f7:cf:73:99:7e:d4:d5:49: d9:e4:e1:79:6e:ee:af:48:bb:41:2b:da:ff:bf:94: 5c:3c:57:94:b6:c9:6a:58:d7:6d:79:34:19:c4:bd: 85:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:B1:BA:BA:BC:D5:97:7B:26:98:28:AF:E2:81:74:A8:69:9A:3C:99 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01c::/38 Signature Algorithm: sha256WithRSAEncryption 1a:00:c1:e3:8c:80:95:d3:6f:f7:1f:8b:54:6e:31:4c:0f:fd: 4e:7b:82:89:e3:d5:75:c9:db:96:fd:90:3d:f3:9f:a1:52:c8: 13:73:b6:c3:63:ae:69:1d:fe:97:c9:ca:8e:89:e3:13:ad:31: c2:4d:a4:d5:0f:91:3a:0b:52:a3:ba:ab:5e:6d:eb:1b:0b:13: ca:d1:49:67:02:46:c4:d9:46:00:34:65:76:11:ff:00:f0:e0: 09:39:b5:1e:d6:26:d5:a1:bd:5d:f6:03:1d:03:7f:86:81:d0: 02:e5:e9:bd:3d:f7:ac:71:47:1a:99:fd:be:b2:6b:0b:aa:78: f6:ad:13:e1:18:b8:82:bc:f8:43:ca:d6:50:03:93:6c:3b:3d: 27:85:81:ee:5a:d4:43:33:bb:50:97:0d:66:7a:85:81:e4:50: cb:bd:35:7f:d0:ca:a8:4d:13:61:5c:1f:d7:55:87:ab:43:c9: c5:4d:10:00:ab:4e:b8:fe:b1:db:a6:f6:50:b6:0b:e1:74:61: 6c:cd:f8:fc:82:85:dc:87:10:b6:a7:11:cb:ee:a3:b7:7b:7d: ea:1d:da:a4:d0:68:6b:e4:ce:b7:a1:5b:4a:d2:f1:9f:24:18: 2b:56:3e:66:f6:1f:e1:90:65:3d:16:8d:cd:fc:4a:b9:73:85: 82:9c:e9:37 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUKoiXNXekCmQORX2cmBVuM2ipVZAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMxMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDVmYmQwODc0MjIyMDIzOGQ3ZjE2NDMyOWRhNGE3YWM2NWJkMDkxMGZjMzQ1 NzZiMjMwYjdkNzZmOWMwMDNjNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO4KCoZmIhM9YlySoWnLCq7q0I/4CML7T/P63j5Ry7gIIk4uAy+42hL3VMHK 1Lzq4XdDGLHje/vdMWn2KMtkMM5HrQPICditKa9yfDZfxjQb8imdy4n5ut6RDoev o73qzTyL+HwDtT2UUwbpdw8H+6F1CQWb30Ab6YY6GWdBg5rHMm7QSfpamyGzpHC/ 3Wd2cDF5s7d4kK4oEGlXe1XXZDYbsOWDycSzoc/Tk++/Cgzgo03iDBiBBeR/n3Jo P1x0yw+Xr6JnyQBzedD0nsiVRBDCPg1OBSyIZPfPc5l+1NVJ2eTheW7ur0i7QSva /7+UXDxXlLbJaljXbXk0GcS9hUMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3sbq6 vNWXeyaYKK/igXSoaZo8mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjY5NjUyYjYtMGIyMi00OWEwLWIyOWYtZGZiNTE4MzVjOTg4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwA MA0GCSqGSIb3DQEBCwUAA4IBAQAaAMHjjICV02/3H4tUbjFMD/1Oe4KJ49V1yduW /ZA985+hUsgTc7bDY65pHf6XycqOieMTrTHCTaTVD5E6C1KjuqtebesbCxPK0Uln AkbE2UYANGV2Ef8A8OAJObUe1ibVob1d9gMdA3+GgdAC5em9PfescUcamf2+smsL qnj2rRPhGLiCvPhDytZQA5NsOz0nhYHuWtRDM7tQlw1meoWB5FDLvTV/0MqoTRNh XB/XVYerQ8nFTRAAq064/rHbpvZQtgvhdGFszfj8goXchxC2pxHL7qO3e33qHdqk 0Ghr5M63oVtK0vGfJBgrVj5m9h/hkGU9Fo3N/Eq5c4WCnOk3 -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:49 2025 by rpki-client