This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa File: 68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa (raw, json) Hash identifier: R9SOtUCm0QOBBPRNlArl2pQmcHccJuidKCSTNKn+fE0= Subject key identifier: AB:A0:33:3E:13:E7:9C:CF:79:E7:4C:A3:D3:55:2D:07:E6:AF:E4:0E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 12AB7FDB8A51EBCF34D4536E51B7103974F1EB53 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa Signing time: Tue 25 Nov 2025 20:00:43 +0000 ROA not before: Tue 25 Nov 2025 20:00:43 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:ab:7f:db:8a:51:eb:cf:34:d4:53:6e:51:b7:10:39:74:f1:eb:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:00:43 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=f9febf5fa7f9a40b7a00af69dd4492d2199df368ff2ba56e725979a5ccee11c5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:e9:fe:23:04:22:2d:57:88:b9:e3:23:62:59: 8d:fd:68:49:7c:e0:21:6a:18:d0:4a:8e:10:2e:42: d2:73:64:ca:94:59:d2:1d:7f:0a:d1:a5:14:88:ae: 52:09:1f:af:55:02:a4:44:ac:c9:30:72:da:cf:63: 58:1f:19:ea:c7:b4:4d:99:5f:71:f7:e8:88:49:5d: 1d:d8:69:06:c7:27:92:fb:f3:c7:e4:b1:76:21:66: 7c:04:57:e2:a6:15:97:ea:f2:72:4b:00:5c:aa:1f: d9:16:69:14:ae:1b:f8:5c:6f:35:36:fe:48:4a:94: 63:83:30:fc:dd:b8:8c:b3:65:1f:29:aa:fb:03:8c: 7d:6f:fe:61:05:d0:0b:bb:6d:7f:23:fd:b7:86:94: f4:ed:00:a7:e5:63:73:7f:b1:e0:29:44:ab:ea:11: 34:34:44:ef:a2:23:b3:02:df:8d:c2:ad:be:4f:99: ea:cb:27:4a:a9:b6:9f:46:96:ce:95:80:c5:1f:b8: 2e:f4:83:60:d8:28:8b:48:67:5e:cc:28:38:c2:ce: db:06:96:1f:04:24:28:20:cc:7e:7f:d9:0e:e8:4c: 55:96:eb:d1:e6:e5:a9:22:81:b1:5c:02:ac:da:6b: aa:b7:5b:84:de:26:1e:64:eb:bd:ca:76:f5:9a:a1: b9:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:A0:33:3E:13:E7:9C:CF:79:E7:4C:A3:D3:55:2D:07:E6:AF:E4:0E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:c000::/40 Signature Algorithm: sha256WithRSAEncryption 7a:f1:b3:15:31:3a:03:5f:dc:cb:f0:1e:0d:b7:8a:57:9f:c6: 5a:40:0e:b7:58:fa:8a:31:7d:a5:ae:32:16:7b:5f:65:51:4d: 6f:7c:54:cf:12:07:f7:07:d5:0d:3c:37:07:00:4d:38:a4:80: ac:c8:70:58:1e:06:19:87:8a:1c:0e:9a:e3:c5:73:54:47:9f: db:d0:44:a6:fb:58:ec:ae:31:a0:78:75:d8:ed:64:e7:18:71: ed:7f:62:30:c9:73:03:fb:fb:56:1b:23:47:d7:1b:1e:5c:e4: a5:5c:2d:cd:c1:67:b2:e6:a0:c1:06:c3:91:5d:9d:ec:8c:ac: 5b:86:b4:17:14:6d:88:a2:4f:26:cb:a9:d0:75:92:b2:9f:65: 16:bf:d3:e4:48:f0:95:11:89:b3:95:22:90:64:84:69:3c:6a: bb:49:a7:6c:4b:f7:61:d6:1d:2a:60:0e:1c:84:26:cd:c7:23: 1f:4d:70:58:48:c1:0b:d9:d2:e2:cd:5c:51:c8:02:a0:6a:3b: 0f:23:f4:f8:91:86:d6:8d:c7:a8:03:a6:9f:fb:b9:ba:6a:6c: 83:6f:6f:87:d8:a3:6d:0c:2c:56:0f:83:5b:98:59:e4:e6:0b: 16:bd:6c:d5:fe:0e:89:6b:b7:dd:a8:97:79:e7:82:a4:6d:4d: 6b:6f:63:de -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEqt/24pR68801FNuUbcQOXTx61MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjUyMDAwNDNaFw0yNjAyMjMyMzU5NTlaMHoxSTBHBgNV BAUTQGY5ZmViZjVmYTdmOWE0MGI3YTAwYWY2OWRkNDQ5MmQyMTk5ZGYzNjhmZjJi YTU2ZTcyNTk3OWE1Y2NlZTExYzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMvp/iMEIi1XiLnjI2JZjf1oSXzgIWoY0EqOEC5C0nNkypRZ0h1/CtGlFIiu Ugkfr1UCpESsyTBy2s9jWB8Z6se0TZlfcffoiEldHdhpBscnkvvzx+SxdiFmfARX 4qYVl+rycksAXKof2RZpFK4b+FxvNTb+SEqUY4Mw/N24jLNlHymq+wOMfW/+YQXQ C7ttfyP9t4aU9O0Ap+Vjc3+x4ClEq+oRNDRE76IjswLfjcKtvk+Z6ssnSqm2n0aW zpWAxR+4LvSDYNgoi0hnXswoOMLO2waWHwQkKCDMfn/ZDuhMVZbr0eblqSKBsVwC rNprqrdbhN4mHmTrvcp29ZqhuU0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSroDM+ E+ecz3nnTKPTVS0H5q/kDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjhiNmZkM2UtZTA2Yy00NDU2LWJkODgtNmU4ZDljZTkyYjIyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLA MA0GCSqGSIb3DQEBCwUAA4IBAQB68bMVMToDX9zL8B4Nt4pXn8ZaQA63WPqKMX2l rjIWe19lUU1vfFTPEgf3B9UNPDcHAE04pICsyHBYHgYZh4ocDprjxXNUR5/b0ESm +1jsrjGgeHXY7WTnGHHtf2IwyXMD+/tWGyNH1xseXOSlXC3NwWey5qDBBsORXZ3s jKxbhrQXFG2Iok8my6nQdZKyn2UWv9PkSPCVEYmzlSKQZIRpPGq7SadsS/dh1h0q YA4chCbNxyMfTXBYSMEL2dLizVxRyAKgajsPI/T4kYbWjceoA6af+7m6amyDb2+H 2KNtDCxWD4NbmFnk5gsWvWzV/g6Ja7fdqJd554KkbU1rb2Pe -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:14 2025 by rpki-client