This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa File: 669652b6-0b22-49a0-b29f-dfb51835c988.roa (raw, json) Hash identifier: /T0cYMySbGukoKxvoDdEB5bjmd7P+JE6xacFRafpacE= Subject key identifier: B6:DF:5A:50:8C:79:E8:8C:F0:AE:EE:BD:B5:1C:38:57:29:29:9B:4A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 7452DF2CB3672E339AF44420BDA2E1348107A17C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa Signing time: Wed 10 Dec 2025 06:30:11 +0000 ROA not before: Wed 10 Dec 2025 06:30:11 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01c::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:52:df:2c:b3:67:2e:33:9a:f4:44:20:bd:a2:e1:34:81:07:a1:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:30:11 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=fec5a7023721d0952400e2e0deb614e50cc2c9ccf80dec02a1ff0ec70e519cef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2a:54:21:b1:cb:ad:2b:7e:63:71:8a:f5:5f: 53:50:e1:8d:23:5f:56:27:87:e4:3d:ae:00:10:80: 90:fa:8f:20:45:93:05:0c:6e:72:ff:ee:dc:0c:f7: d7:5c:b5:b3:31:de:4b:4e:31:50:71:6f:45:24:cb: c2:7a:23:18:52:88:a5:34:6b:b2:d0:e9:8a:65:3b: da:00:b7:63:aa:65:39:5a:42:bc:05:dd:61:8b:63: 14:01:04:4a:90:72:b9:d7:02:cd:75:74:ae:6d:4d: b2:d4:ec:8b:3a:68:c8:22:66:f8:d3:d4:d4:c8:d7: 87:b5:d9:d0:ab:ee:a1:a2:48:b0:cd:2f:aa:43:7a: 2f:fe:e9:3a:e5:58:f1:73:3e:66:ce:6a:ac:1c:c4: 75:4f:44:aa:1f:2f:03:62:40:75:e3:84:3c:9f:a7: e7:08:35:d6:b9:e3:b3:43:25:7e:e8:41:a2:45:70: 22:b1:73:16:8a:fe:6c:34:f6:03:ad:d0:00:7b:52: 3c:14:b4:b6:af:5c:40:f5:31:96:2e:ca:d4:99:72: ab:af:ca:65:f6:f7:9f:2b:31:e7:0c:1f:9f:ca:ad: 0b:ea:d2:15:e5:67:f7:ed:f2:8c:45:db:36:34:19: ac:36:d2:43:70:4e:35:20:fb:01:9e:07:4e:d3:6c: 65:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:DF:5A:50:8C:79:E8:8C:F0:AE:EE:BD:B5:1C:38:57:29:29:9B:4A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/669652b6-0b22-49a0-b29f-dfb51835c988.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01c::/38 Signature Algorithm: sha256WithRSAEncryption 9f:4c:84:33:ed:ec:d4:f5:00:08:ad:1b:a1:aa:03:08:e1:d2: 80:4a:74:4c:af:5f:61:e9:13:07:4b:3b:8b:26:9a:93:ac:54: ec:d1:04:3c:3f:43:a7:b5:63:27:af:51:95:ee:c0:76:b6:49: d0:7a:41:a3:7b:d7:4a:24:44:a3:6d:24:57:67:90:9b:f3:35: a5:0a:d4:50:d0:26:e6:99:74:6e:79:88:75:a6:f4:c8:7f:77: 04:2c:ca:47:f0:1a:f8:fc:7e:a1:a6:95:06:d9:d4:4f:e4:bb: 77:fe:3d:25:ef:11:e6:eb:6a:e6:19:6a:0f:10:a5:c7:43:f7: b9:5b:ad:da:62:c8:a5:d0:9b:61:6b:1c:86:c3:cc:51:9a:2d: d7:8c:2b:5b:3d:1b:94:1d:a6:da:94:de:bd:56:95:d9:7a:d9: 45:50:fd:9e:e6:c8:18:7c:0f:c3:15:bf:5e:e7:36:a5:aa:bf: c8:84:94:76:d1:f3:0d:df:b9:28:6a:11:fb:1c:80:20:b1:e5: ae:07:91:2a:c9:ef:6d:98:5a:88:db:aa:79:b0:76:e8:eb:71: 19:04:26:1e:5b:9b:8b:eb:87:b3:ca:63:2c:91:6d:48:54:68: 56:cb:3c:96:61:b8:d6:d6:0f:0b:c2:22:36:60:b4:8e:83:af: 1d:0b:84:1a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUdFLfLLNnLjOa9EQgvaLhNIEHoXwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMwMTFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGZlYzVhNzAyMzcyMWQwOTUyNDAwZTJlMGRlYjYxNGU1MGNjMmM5Y2NmODBk ZWMwMmExZmYwZWM3MGU1MTljZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKYqVCGxy60rfmNxivVfU1DhjSNfVieH5D2uABCAkPqPIEWTBQxucv/u3Az3 11y1szHeS04xUHFvRSTLwnojGFKIpTRrstDpimU72gC3Y6plOVpCvAXdYYtjFAEE SpByudcCzXV0rm1NstTsizpoyCJm+NPU1MjXh7XZ0KvuoaJIsM0vqkN6L/7pOuVY 8XM+Zs5qrBzEdU9Eqh8vA2JAdeOEPJ+n5wg11rnjs0MlfuhBokVwIrFzFor+bDT2 A63QAHtSPBS0tq9cQPUxli7K1Jlyq6/KZfb3nysx5wwfn8qtC+rSFeVn9+3yjEXb NjQZrDbSQ3BONSD7AZ4HTtNsZcMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS231pQ jHnojPCu7r21HDhXKSmbSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjY5NjUyYjYtMGIyMi00OWEwLWIyOWYtZGZiNTE4MzVjOTg4LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BwA MA0GCSqGSIb3DQEBCwUAA4IBAQCfTIQz7ezU9QAIrRuhqgMI4dKASnRMr19h6RMH SzuLJpqTrFTs0QQ8P0OntWMnr1GV7sB2tknQekGje9dKJESjbSRXZ5Cb8zWlCtRQ 0CbmmXRueYh1pvTIf3cELMpH8Br4/H6hppUG2dRP5Lt3/j0l7xHm62rmGWoPEKXH Q/e5W63aYsil0JthaxyGw8xRmi3XjCtbPRuUHabalN69VpXZetlFUP2e5sgYfA/D Fb9e5zalqr/IhJR20fMN37koahH7HIAgseWuB5Eqye9tmFqI26p5sHbo63EZBCYe W5uL64ezymMskW1IVGhWyzyWYbjW1g8LwiI2YLSOg68dC4Qa -----END CERTIFICATE-----Generated at Mon Dec 15 15:34:44 2025 by rpki-client