This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa File: 70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa (raw, json) Hash identifier: QIaC2oU6Q7PrhpwbjTSWwKJODLuD6lIlRM9lXVX2Vhk= Subject key identifier: 20:14:5A:3A:83:09:79:79:9B:C1:5F:F8:FE:13:D6:37:2C:59:0F:0F Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 640C45140135E0E73E872DF613D0D6E75201D657 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa Signing time: Sat 15 Nov 2025 05:41:29 +0000 ROA not before: Sat 15 Nov 2025 05:41:29 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d075:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:0c:45:14:01:35:e0:e7:3e:87:2d:f6:13:d0:d6:e7:52:01:d6:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:41:29 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=4948e65c7d1b50edf1440d2470592ed2cff75cfe9cee7452f1affd014d27fb95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c4:08:e9:34:3b:91:fd:ee:c4:37:9d:b2:47: aa:cb:d3:5c:18:dc:a2:ad:c4:81:18:8b:08:e2:a1: 2c:25:53:e0:97:98:71:ac:11:9a:c0:2c:48:b3:c2: 73:3b:e7:15:31:36:21:84:58:ca:32:31:28:d5:cd: 2f:8c:5b:21:a8:05:91:d9:94:cd:4e:79:e9:f5:57: c4:fa:6f:b4:a1:f8:6b:f2:1e:c0:01:95:a8:9e:71: 7b:ae:e4:fc:b8:23:b6:9d:17:3b:f2:5b:d8:46:e7: e5:64:0c:82:4f:8e:48:79:05:ee:24:80:dc:3d:aa: 98:ac:b8:b8:4e:32:52:59:57:9a:2a:33:7a:d6:b8: 0c:e5:fb:b9:bb:c1:03:79:ea:09:a4:3b:cb:a1:bc: f2:e0:dd:37:02:75:27:d5:4f:38:18:4c:52:ba:5a: f1:d3:08:78:85:fe:ed:1f:0a:ee:61:cb:fc:b5:d8: 68:8e:e2:04:02:32:80:ea:d1:73:a2:a0:53:23:49: 9e:34:aa:d3:ba:5b:03:e1:6a:07:30:05:36:cf:ef: 49:a1:23:4c:57:c4:c7:95:13:9c:9b:5d:e3:72:39: 55:07:b8:82:1e:13:79:97:3d:46:b3:12:ee:9f:c8: 72:f7:04:6f:08:b4:54:c3:0f:f3:a3:b4:ff:3a:3f: 61:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:14:5A:3A:83:09:79:79:9B:C1:5F:F8:FE:13:D6:37:2C:59:0F:0F X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d075:5000::/40 Signature Algorithm: sha256WithRSAEncryption 89:c1:04:4b:d8:3f:0a:3c:62:fa:d7:6c:70:08:21:39:ce:34: 7a:1c:6a:3b:fb:cf:75:bd:b2:e3:4f:f9:1c:a3:e1:f5:99:e5: 74:9a:6b:2c:b1:8f:10:92:35:e3:1c:e6:82:38:d3:a7:26:36: 2d:4f:6b:f3:2e:9e:e7:1d:69:b5:9a:fd:ed:bd:b4:d1:5f:a0: 92:75:b0:e3:8b:a7:61:0a:c0:78:50:74:07:2d:b4:2c:05:d3: 44:00:b7:d8:f8:de:72:d7:cd:4d:ca:02:7b:5b:d6:5c:d1:64: fc:4b:59:4c:46:ca:74:4f:dd:5c:bc:c5:e5:4a:4b:55:dd:73: cb:a0:c6:30:d5:75:50:f5:f2:81:3f:f2:7a:fd:78:91:a9:09: a3:4b:86:4d:92:37:10:c9:75:b3:19:f9:60:9c:76:48:1e:fe: bc:ee:72:0a:fd:c5:49:38:57:ce:4e:e4:29:b0:36:b5:a8:f0: 27:da:4a:90:06:f0:f2:f8:93:65:67:da:23:72:f7:91:81:51: 73:a5:fa:8a:93:bf:53:39:4c:6c:ad:9f:45:1d:ce:bb:0e:13: 86:ef:75:1d:88:34:93:3b:eb:60:5d:52:58:b6:d8:d7:32:c9: 6a:a6:15:72:5a:61:46:c1:60:97:08:98:da:8d:cd:b5:09:61: 32:6e:76:0c -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZAxFFAE14Oc+hy32E9DW51IB1lcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTQxMjlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ5NDhlNjVjN2QxYjUwZWRmMTQ0MGQyNDcwNTkyZWQyY2ZmNzVjZmU5Y2Vl NzQ1MmYxYWZmZDAxNGQyN2ZiOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANTECOk0O5H97sQ3nbJHqsvTXBjcoq3EgRiLCOKhLCVT4JeYcawRmsAsSLPC czvnFTE2IYRYyjIxKNXNL4xbIagFkdmUzU556fVXxPpvtKH4a/IewAGVqJ5xe67k /Lgjtp0XO/Jb2Ebn5WQMgk+OSHkF7iSA3D2qmKy4uE4yUllXmiozeta4DOX7ubvB A3nqCaQ7y6G88uDdNwJ1J9VPOBhMUrpa8dMIeIX+7R8K7mHL/LXYaI7iBAIygOrR c6KgUyNJnjSq07pbA+FqBzAFNs/vSaEjTFfEx5UTnJtd43I5VQe4gh4TeZc9RrMS 7p/IcvcEbwi0VMMP86O0/zo/YXkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQgFFo6 gwl5eZvBX/j+E9Y3LFkPDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzBkOWIzMmQtNmRiMy00OTcxLWJkYjQtZTVkZDI1MWY2NzA1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVQ MA0GCSqGSIb3DQEBCwUAA4IBAQCJwQRL2D8KPGL612xwCCE5zjR6HGo7+891vbLj T/kco+H1meV0mmsssY8QkjXjHOaCONOnJjYtT2vzLp7nHWm1mv3tvbTRX6CSdbDj i6dhCsB4UHQHLbQsBdNEALfY+N5y181NygJ7W9Zc0WT8S1lMRsp0T91cvMXlSktV 3XPLoMYw1XVQ9fKBP/J6/XiRqQmjS4ZNkjcQyXWzGflgnHZIHv687nIK/cVJOFfO TuQpsDa1qPAn2kqQBvDy+JNlZ9ojcveRgVFzpfqKk79TOUxsrZ9FHc67DhOG73Ud iDSTO+tgXVJYttjXMslqphVyWmFGwWCXCJjajc21CWEybnYM -----END CERTIFICATE-----Generated at Sat Dec 6 10:54:21 2025 by rpki-client