This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa File: 68f2af14-43e2-4447-a8a7-f8fe713e249e.roa (raw, json) Hash identifier: s+GHAzxl0ZoABnETmJlMLbR+NJR3hI7mYCoM+aVxRYc= Subject key identifier: F3:E8:C6:77:46:2C:80:2B:B3:20:C4:AA:F2:D5:1B:AA:12:16:7B:F4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3011FB2AF8BD174FCAC880EED993552C3884676D Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa Signing time: Tue 18 Nov 2025 00:40:09 +0000 ROA not before: Tue 18 Nov 2025 00:40:09 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d01f:800::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:11:fb:2a:f8:bd:17:4f:ca:c8:80:ee:d9:93:55:2c:38:84:67:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 18 00:40:09 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=3e1824cbaa513a0f08cd32695d8c2978a04a152c13f7103618eb7e5ab0a1da8b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:7f:8e:dc:ff:45:52:c7:b5:eb:e2:1a:bf:39: c6:a5:0d:d9:4c:52:bf:4a:7a:8e:10:f8:de:fa:bf: dc:2c:84:ca:10:03:77:1f:6a:c5:c9:41:73:5e:9b: 2d:a9:c2:5a:3c:5c:c1:43:26:38:fe:08:9a:39:01: a9:a1:b5:93:d9:b0:fd:4f:08:2f:69:9e:bc:f0:ab: c3:47:00:66:ef:39:63:3f:e9:36:2b:38:ab:61:60: ba:2e:6d:b5:89:54:ec:b8:a9:b3:c1:8e:f3:3d:c0: a8:fe:8d:99:c2:ea:b4:45:c2:2b:bf:60:7d:5b:4b: 82:08:44:be:de:ba:7f:2f:49:98:8b:65:f2:05:49: 63:de:2a:d3:19:8f:92:4f:c1:99:ab:34:c5:ab:36: ec:42:b5:25:d2:a8:bb:a2:67:68:ac:be:3a:a9:73: db:20:59:1a:29:63:90:1a:1c:d2:37:70:0d:a5:43: c0:95:00:08:e7:4c:0a:d3:2a:6d:9d:89:d0:8d:ee: a4:76:77:0b:f1:88:da:b8:58:4f:92:94:2d:f5:47: a7:be:b9:e4:31:89:12:91:56:3b:53:04:d3:07:fc: 93:2e:b1:1d:1e:bf:c7:06:fe:13:6c:79:30:4b:e9: 4e:07:24:f9:03:69:87:d3:c6:0b:59:3c:b7:fa:09: 91:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:E8:C6:77:46:2C:80:2B:B3:20:C4:AA:F2:D5:1B:AA:12:16:7B:F4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68f2af14-43e2-4447-a8a7-f8fe713e249e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d01f:800::/37 Signature Algorithm: sha256WithRSAEncryption 8c:9c:54:b0:bb:6a:d0:b8:4f:2d:de:32:c8:48:ed:6c:1f:97: 32:89:48:85:9e:91:c5:3d:cf:45:3d:f5:f7:e1:a8:20:66:bb: dc:4e:32:bc:a5:2e:f2:71:31:38:e9:33:9e:60:1d:35:9c:88: ec:8e:af:6c:aa:ef:7d:50:84:9c:a5:29:88:e2:7a:5d:15:41: 6f:fb:93:53:7b:98:6c:f0:24:07:f3:b0:0a:45:96:2c:5f:1e: 25:57:6a:ee:45:4e:82:76:75:ad:6c:c0:e6:c8:99:d9:ab:a3: 93:36:1e:fa:f2:94:9b:5c:48:ac:60:61:4e:d7:b0:87:a9:f5: 08:08:18:4f:e1:ec:51:e5:ee:6f:85:6d:5d:1e:b0:59:1e:95: 5c:ce:84:cc:00:d4:8d:4a:c1:c4:58:be:55:e6:33:78:cd:7f: b1:bc:ad:3c:7b:13:19:d7:da:35:06:d7:30:83:6c:c5:25:2f: 13:92:0a:02:0a:71:37:81:d9:83:ee:19:46:b8:6a:76:ee:f5: a4:f8:b9:4d:ea:aa:93:0a:56:15:bf:c7:eb:8d:12:28:58:4a: fa:36:6d:83:31:32:02:f3:2a:21:1d:c7:16:76:c9:8b:cc:56: 3d:56:c4:f8:1e:f8:70:6c:20:4a:47:df:7b:e9:24:ff:02:73: 62:5c:64:10 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUMBH7Kvi9F0/KyIDu2ZNVLDiEZ20wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTgwMDQwMDlaFw0yNjAyMTYyMzU5NTlaMHoxSTBHBgNV BAUTQDNlMTgyNGNiYWE1MTNhMGYwOGNkMzI2OTVkOGMyOTc4YTA0YTE1MmMxM2Y3 MTAzNjE4ZWI3ZTVhYjBhMWRhOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK9/jtz/RVLHteviGr85xqUN2UxSv0p6jhD43vq/3CyEyhADdx9qxclBc16b LanCWjxcwUMmOP4ImjkBqaG1k9mw/U8IL2mevPCrw0cAZu85Yz/pNis4q2Fgui5t tYlU7Lips8GO8z3AqP6NmcLqtEXCK79gfVtLgghEvt66fy9JmItl8gVJY94q0xmP kk/Bmas0xas27EK1JdKou6JnaKy+Oqlz2yBZGiljkBoc0jdwDaVDwJUACOdMCtMq bZ2J0I3upHZ3C/GI2rhYT5KULfVHp7655DGJEpFWO1ME0wf8ky6xHR6/xwb+E2x5 MEvpTgck+QNph9PGC1k8t/oJkfsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTz6MZ3 RiyAK7MgxKry1RuqEhZ79DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NjhmMmFmMTQtNDNlMi00NDQ3LWE4YTctZjhmZTcxM2UyNDllLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B8I MA0GCSqGSIb3DQEBCwUAA4IBAQCMnFSwu2rQuE8t3jLISO1sH5cyiUiFnpHFPc9F PfX34aggZrvcTjK8pS7ycTE46TOeYB01nIjsjq9squ99UIScpSmI4npdFUFv+5NT e5hs8CQH87AKRZYsXx4lV2ruRU6CdnWtbMDmyJnZq6OTNh768pSbXEisYGFO17CH qfUICBhP4exR5e5vhW1dHrBZHpVczoTMANSNSsHEWL5V5jN4zX+xvK08exMZ19o1 Btcwg2zFJS8TkgoCCnE3gdmD7hlGuGp27vWk+LlN6qqTClYVv8frjRIoWEr6Nm2D MTIC8yohHccWdsmLzFY9VsT4HvhwbCBKR9976ST/AnNiXGQQ -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:09 2025 by rpki-client