This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa File: 68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa (raw, json) Hash identifier: plAcUtK0v7LOskRJEicD+Uji+94eqWPcXdCkDYJn4W0= Subject key identifier: 4F:44:57:3F:CE:A0:0F:DD:C7:D4:DB:38:BA:44:39:E8:2F:76:6D:A1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 64D7AF30CF417C78586D997CDC09464114B116CA Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa Signing time: Sat 15 Nov 2025 06:00:10 +0000 ROA not before: Sat 15 Nov 2025 06:00:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d058:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:d7:af:30:cf:41:7c:78:58:6d:99:7c:dc:09:46:41:14:b1:16:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=1da6a5cbe4cae45aab20f6dc0aada683ac3ae6ea3bc7b5ae6d616abeaaab6ddb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:dd:50:80:ae:47:18:73:ff:a4:d1:b0:cb:76: d4:ff:38:6f:43:0b:d3:19:a5:45:77:5e:cf:64:de: 9f:99:c6:65:b0:25:41:86:90:76:85:3d:0b:2c:15: 3a:f6:ec:2f:ee:de:70:d7:a3:2a:71:2e:d5:26:dc: e5:e9:3a:56:88:81:1e:17:ab:65:15:5a:1f:13:ee: 44:11:80:1e:73:97:dd:6c:3b:0e:b0:4f:f5:c1:87: 4f:f9:57:d2:7f:76:de:0e:48:b0:32:f3:56:b6:3e: 9a:4c:91:d3:74:87:a2:93:f7:01:90:e4:8b:f6:c4: af:50:a2:48:fa:5b:67:c4:73:50:7f:36:e2:4c:e3: 80:36:90:eb:c0:3b:15:e9:bc:95:9a:d8:8d:27:82: 49:c2:db:81:d1:82:90:29:a0:67:04:b0:84:91:5a: c9:fd:d5:72:4e:72:0b:80:a0:58:1c:d0:c9:0d:0a: ed:e8:de:ba:0b:d7:06:94:e3:30:03:dc:46:1d:48: ce:81:45:ba:2e:20:e9:a3:4b:cd:8d:44:79:93:cb: 77:de:36:30:24:7e:61:91:42:88:e7:7e:3c:2d:a5: aa:db:3a:d9:67:7c:a4:d3:24:9a:16:17:31:a4:42: 9b:a2:db:c3:0b:da:2f:44:78:51:3f:4f:58:43:24: b7:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:44:57:3F:CE:A0:0F:DD:C7:D4:DB:38:BA:44:39:E8:2F:76:6D:A1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68d5d934-fed6-49a5-ae03-a28a586e9c2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d058:a000::/40 Signature Algorithm: sha256WithRSAEncryption 39:19:17:30:6d:35:32:08:3a:83:60:02:f2:ea:ef:b1:16:6a: a6:a0:7a:77:d5:9f:29:ed:47:a6:48:17:48:c5:01:b3:a4:bd: cd:ea:b3:0b:05:36:78:ac:cf:a5:9d:fe:35:e5:5b:3a:72:d1: 04:b9:eb:1f:d4:6b:8d:75:5e:47:f9:aa:de:a1:f8:b6:fb:07: dd:4b:b3:b0:3c:90:15:b7:11:27:5e:64:97:bd:53:db:1e:76: 1b:05:c1:4d:d3:f2:f9:9b:71:6d:17:34:00:94:9a:ed:c7:0e: cb:fa:59:06:78:7e:0f:3e:b1:15:09:46:42:8b:65:f0:df:95: 5d:90:d2:d4:b8:52:67:f5:01:c0:46:34:55:26:f9:7e:f8:7b: 68:a8:12:ce:75:33:f6:02:8c:a8:8a:e8:ad:70:98:02:92:81: 31:ac:12:02:b8:61:a7:7c:07:34:2f:b3:03:81:5b:9b:40:75: 38:46:9e:cd:bb:40:bd:38:66:84:19:cf:83:6e:c6:f2:4f:9d: 1a:3b:ed:da:ae:3a:9c:ac:d2:d0:4a:08:05:e4:c6:3b:09:0d: ec:95:dc:3f:ce:c0:69:69:45:f1:e9:0a:fa:18:35:61:b1:fc: d9:33:e1:28:31:45:12:89:ca:3b:71:12:2d:6e:46:cd:c0:b3: 22:b3:6e:6d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZNevMM9BfHhYbZl83AlGQRSxFsowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDFkYTZhNWNiZTRjYWU0NWFhYjIwZjZkYzBhYWRhNjgzYWMzYWU2ZWEzYmM3 YjVhZTZkNjE2YWJlYWFhYjZkZGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALDdUICuRxhz/6TRsMt21P84b0ML0xmlRXdez2Ten5nGZbAlQYaQdoU9CywV OvbsL+7ecNejKnEu1Sbc5ek6VoiBHherZRVaHxPuRBGAHnOX3Ww7DrBP9cGHT/lX 0n923g5IsDLzVrY+mkyR03SHopP3AZDki/bEr1CiSPpbZ8RzUH824kzjgDaQ68A7 Fem8lZrYjSeCScLbgdGCkCmgZwSwhJFayf3Vck5yC4CgWBzQyQ0K7ejeugvXBpTj MAPcRh1IzoFFui4g6aNLzY1EeZPLd942MCR+YZFCiOd+PC2lqts62Wd8pNMkmhYX MaRCm6LbwwvaL0R4UT9PWEMktzECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRPRFc/ zqAP3cfU2zi6RDnoL3ZtoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjhkNWQ5MzQtZmVkNi00OWE1LWFlMDMtYTI4YTU4NmU5YzJlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fig MA0GCSqGSIb3DQEBCwUAA4IBAQA5GRcwbTUyCDqDYALy6u+xFmqmoHp31Z8p7Uem SBdIxQGzpL3N6rMLBTZ4rM+lnf415Vs6ctEEuesf1GuNdV5H+areofi2+wfdS7Ow PJAVtxEnXmSXvVPbHnYbBcFN0/L5m3FtFzQAlJrtxw7L+lkGeH4PPrEVCUZCi2Xw 35VdkNLUuFJn9QHARjRVJvl++HtoqBLOdTP2AoyoiuitcJgCkoExrBICuGGnfAc0 L7MDgVubQHU4Rp7Nu0C9OGaEGc+DbsbyT50aO+3arjqcrNLQSggF5MY7CQ3sldw/ zsBpaUXx6Qr6GDVhsfzZM+EoMUUSico7cRItbkbNwLMis25t -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:24 2025 by rpki-client