This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6866e708-97dc-4a53-a9f1-7fe1a42a1fb3.roa File: 6866e708-97dc-4a53-a9f1-7fe1a42a1fb3.roa (raw, json) Hash identifier: fSQfPT+H35D3ubGvlBXjHrx1ruo25q8jXhOJgeJKGc8= Subject key identifier: 68:6D:CC:A1:65:89:7D:16:A6:D7:CD:6A:0F:32:BE:AC:4A:42:F6:EE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6D2891041425F2E6BD2F47E2A50F2A364B76ACF2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6866e708-97dc-4a53-a9f1-7fe1a42a1fb3.roa Signing time: Sun 23 Nov 2025 01:30:35 +0000 ROA not before: Sun 23 Nov 2025 01:30:35 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:8040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:28:91:04:14:25:f2:e6:bd:2f:47:e2:a5:0f:2a:36:4b:76:ac:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:35 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=6fbf63e256b7696f32221566b77c6000fbb4b58a193e29fe64a9c3433e802158, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:60:9e:e8:40:04:03:05:c4:d7:d3:56:05:98: dc:81:6f:ba:0f:c9:d2:92:09:50:b6:94:38:bf:c1: c8:63:63:b2:17:06:22:66:66:be:a3:0b:f0:8f:64: ec:ef:fe:7d:fb:47:78:4b:19:09:9e:16:2e:f6:38: 41:e9:98:96:40:a6:a9:78:85:c0:ac:ae:40:4b:b7: 4e:7d:63:78:97:cd:29:1e:2c:18:c2:34:b8:e9:5a: d0:9d:e5:57:71:e3:59:46:dd:cb:3c:71:c5:8c:18: 66:48:53:ab:04:24:eb:99:2f:db:60:27:fc:0c:9c: 0b:3b:44:7e:a3:1f:a9:a5:7b:c5:61:fc:98:fe:98: d0:da:19:d1:ad:d9:af:46:3d:19:21:f8:bc:82:21: 6a:c8:b0:1f:87:9a:07:4f:3e:72:e5:0c:ba:83:4d: 30:e9:1d:5b:3d:72:04:4c:cd:ac:0f:45:49:58:b2: e5:01:39:0f:a1:b7:75:89:08:5b:7d:35:91:2a:1f: 2c:d0:68:72:bb:a3:cc:67:e0:68:3e:8c:a5:32:2f: cd:52:f8:88:8b:f8:06:33:d6:e5:7d:45:bc:08:36: a4:73:a2:dd:fa:b3:08:be:c1:7b:d5:a9:6c:05:4c: f8:63:a4:00:81:8a:cc:0b:f5:4b:96:ec:79:03:ee: 65:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:6D:CC:A1:65:89:7D:16:A6:D7:CD:6A:0F:32:BE:AC:4A:42:F6:EE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6866e708-97dc-4a53-a9f1-7fe1a42a1fb3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:8040::/48 Signature Algorithm: sha256WithRSAEncryption 18:97:4c:0c:44:5e:07:db:d6:09:f3:c5:a4:54:af:5f:42:5a: d7:86:7b:86:93:de:8f:91:f3:82:ef:18:9a:bb:7f:df:08:3f: a9:30:1e:ad:04:cb:f9:36:7e:3b:17:e5:cd:8b:7c:f6:d9:2e: 5b:fa:9d:6c:41:2d:8e:97:ab:1b:24:7a:04:bd:38:01:14:d1: 7e:2a:da:a9:49:5d:26:96:66:15:bf:28:a4:8d:a4:ee:75:db: de:23:fe:ee:e2:43:91:dd:63:9e:b5:81:bf:8f:8b:ff:a7:74: 4c:66:8f:39:b9:c3:16:51:b9:bf:81:6c:ef:73:07:9c:ee:10: 12:48:ed:fc:7c:20:43:6e:fb:14:7b:c5:5b:e2:8e:40:0d:86: 2b:82:77:86:0f:af:94:10:94:72:d3:79:39:b0:7e:cd:33:aa: 56:da:60:56:98:05:db:66:0e:9a:8b:8e:19:60:92:9e:cf:b4: c8:c1:78:d5:bd:a1:3c:1c:c3:ca:02:32:95:9d:b2:38:28:0f: 42:d1:90:08:d5:c6:41:61:45:6d:c6:63:f3:7c:b8:8f:44:08: 5c:c1:48:f2:bd:85:29:13:1c:b2:a2:75:be:2e:aa:ae:26:70: 38:84:c7:c0:d0:f6:5b:2e:13:cb:4c:1d:ed:f4:42:e2:61:96: b6:66:bd:1f -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUbSiRBBQl8ua9L0fipQ8qNkt2rPIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwMzVaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDZmYmY2M2UyNTZiNzY5NmYzMjIyMTU2NmI3N2M2MDAwZmJiNGI1OGExOTNl MjlmZTY0YTljMzQzM2U4MDIxNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ5gnuhABAMFxNfTVgWY3IFvug/J0pIJULaUOL/ByGNjshcGImZmvqML8I9k 7O/+fftHeEsZCZ4WLvY4QemYlkCmqXiFwKyuQEu3Tn1jeJfNKR4sGMI0uOla0J3l V3HjWUbdyzxxxYwYZkhTqwQk65kv22An/AycCztEfqMfqaV7xWH8mP6Y0NoZ0a3Z r0Y9GSH4vIIhasiwH4eaB08+cuUMuoNNMOkdWz1yBEzNrA9FSViy5QE5D6G3dYkI W301kSofLNBocrujzGfgaD6MpTIvzVL4iIv4BjPW5X1FvAg2pHOi3fqzCL7Be9Wp bAVM+GOkAIGKzAv1S5bseQPuZQ8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRobcyh ZYl9FqbXzWoPMr6sSkL27jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv Njg2NmU3MDgtOTdkYy00YTUzLWE5ZjEtN2ZlMWE0MmExZmIzLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqA QDANBgkqhkiG9w0BAQsFAAOCAQEAGJdMDEReB9vWCfPFpFSvX0Ja14Z7hpPej5Hz gu8Ymrt/3wg/qTAerQTL+TZ+OxflzYt89tkuW/qdbEEtjperGyR6BL04ARTRfira qUldJpZmFb8opI2k7nXb3iP+7uJDkd1jnrWBv4+L/6d0TGaPObnDFlG5v4Fs73MH nO4QEkjt/HwgQ277FHvFW+KOQA2GK4J3hg+vlBCUctN5ObB+zTOqVtpgVpgF22YO mouOGWCSns+0yMF41b2hPBzDygIylZ2yOCgPQtGQCNXGQWFFbcZj83y4j0QIXMFI 8r2FKRMcsqJ1vi6qriZwOITHwND2Wy4Ty0wd7fRC4mGWtma9Hw== -----END CERTIFICATE-----Generated at Sat Dec 6 21:47:00 2025 by rpki-client