This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa File: 7116ef93-bff5-462e-a725-ae90147ffd39.roa (raw, json) Hash identifier: JztVQrLKAS/Gi/eX2QuY4QakloSSn8NpRlQTF8ZXZug= Subject key identifier: 3E:FD:67:E5:F7:C9:2C:B8:34:CB:29:D3:46:AF:8D:A5:E5:13:74:5D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3A8021A27871CF6C1552C08ED800E227BDE738DD Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa Signing time: Sat 15 Nov 2025 06:10:58 +0000 ROA not before: Sat 15 Nov 2025 06:10:58 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d072:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:80:21:a2:78:71:cf:6c:15:52:c0:8e:d8:00:e2:27:bd:e7:38:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:58 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=45ccc67a9b89220c564b8de430ed9a446d31070d23f31ea1c3557ca7c96a3595, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:4d:e9:3d:d0:00:16:41:cf:14:92:f6:87:dd: b4:64:3c:62:67:e3:d0:fc:2e:e4:5a:5c:a1:bb:d6: 47:01:71:cc:63:fb:89:b6:35:c2:62:4f:f7:10:24: 9a:80:b2:a2:e7:db:35:38:f9:ad:e7:bc:0d:6e:4c: e5:91:d0:b3:a0:a7:07:49:80:61:d9:e9:8f:5c:f8: b7:83:55:c6:9d:d5:a6:d4:cf:98:8e:55:f8:61:b0: 7a:14:df:0f:fa:20:40:d8:a0:9a:3f:55:fc:92:31: ce:ec:63:b9:df:9c:68:48:82:75:a3:20:d5:03:9a: c7:6a:b8:51:f3:a4:05:f1:87:22:17:52:6a:a5:d9: 37:da:b7:ae:d3:32:0c:df:f7:14:c2:73:ad:5a:53: e6:c3:9e:e8:11:54:80:cd:38:ef:5b:a0:d7:25:56: e2:3b:a7:f8:71:45:2b:e7:3b:df:b6:90:53:91:a1: 74:e6:44:50:3a:fe:cc:3b:2d:ba:38:32:4e:10:3e: 25:9d:b4:18:cb:28:44:81:94:71:89:9d:1b:dc:50: a8:35:32:be:92:dc:25:e1:1c:de:17:c8:2a:47:57: 8c:1a:28:14:df:c6:b2:dd:a3:01:01:14:d0:c9:d4: d0:5b:96:15:f4:0c:ee:1a:8a:6e:5c:d9:f5:e8:75: 65:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:FD:67:E5:F7:C9:2C:B8:34:CB:29:D3:46:AF:8D:A5:E5:13:74:5D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7116ef93-bff5-462e-a725-ae90147ffd39.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d072:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption 8b:c5:01:35:26:24:a8:de:d4:1b:47:6d:69:fb:ab:33:5f:ef: 7e:83:48:a6:a8:45:26:60:10:ee:11:47:7a:57:a7:f3:02:e5: 16:22:05:34:32:b9:a0:12:cc:da:22:97:18:56:39:63:48:09: da:6b:5e:1b:eb:8c:0d:d1:dd:bd:ff:02:35:b5:05:71:2c:9f: 0c:27:b9:62:95:30:15:47:64:97:c2:85:46:02:78:fb:56:34: 28:59:aa:d5:e5:86:46:b3:92:26:8c:30:cb:40:f2:b8:1f:7e: c6:60:f5:35:26:9d:eb:7d:76:4c:fa:ed:7d:ac:59:9d:cd:33: 6c:3b:c1:44:b9:54:61:21:df:92:2b:c4:f5:27:57:83:01:ea: f1:fb:8c:89:24:8a:24:9b:f2:c0:39:42:68:5a:5e:ee:60:5a: 02:ee:20:1f:0b:f5:8b:09:e5:c1:cc:b4:9a:0d:30:98:04:fa: 0b:e8:88:fa:59:cf:25:48:96:11:cb:8b:e4:63:48:ec:bb:3b: 9b:86:5b:a8:b3:72:81:ab:76:95:72:4a:1a:70:14:83:72:f4: 52:d0:98:bb:46:09:50:d9:6a:9b:71:d8:15:e4:27:c1:df:61: 11:1e:92:7f:ae:39:38:40:2f:69:f3:b8:85:78:c8:93:f2:ff: b1:9b:d8:bd -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUOoAhonhxz2wVUsCO2ADiJ73nON0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwNThaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDQ1Y2NjNjdhOWI4OTIyMGM1NjRiOGRlNDMwZWQ5YTQ0NmQzMTA3MGQyM2Yz MWVhMWMzNTU3Y2E3Yzk2YTM1OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ1N6T3QABZBzxSS9ofdtGQ8Ymfj0Pwu5FpcobvWRwFxzGP7ibY1wmJP9xAk moCyoufbNTj5ree8DW5M5ZHQs6CnB0mAYdnpj1z4t4NVxp3VptTPmI5V+GGwehTf D/ogQNigmj9V/JIxzuxjud+caEiCdaMg1QOax2q4UfOkBfGHIhdSaqXZN9q3rtMy DN/3FMJzrVpT5sOe6BFUgM0471ug1yVW4jun+HFFK+c737aQU5GhdOZEUDr+zDst ujgyThA+JZ20GMsoRIGUcYmdG9xQqDUyvpLcJeEc3hfIKkdXjBooFN/Gst2jAQEU 0MnU0FuWFfQM7hqKblzZ9eh1ZQMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ+/Wfl 98ksuDTLKdNGr42l5RN0XTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzExNmVmOTMtYmZmNS00NjJlLWE3MjUtYWU5MDE0N2ZmZDM5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA wDANBgkqhkiG9w0BAQsFAAOCAQEAi8UBNSYkqN7UG0dtafurM1/vfoNIpqhFJmAQ 7hFHelen8wLlFiIFNDK5oBLM2iKXGFY5Y0gJ2mteG+uMDdHdvf8CNbUFcSyfDCe5 YpUwFUdkl8KFRgJ4+1Y0KFmq1eWGRrOSJowwy0DyuB9+xmD1NSad6312TPrtfaxZ nc0zbDvBRLlUYSHfkivE9SdXgwHq8fuMiSSKJJvywDlCaFpe7mBaAu4gHwv1iwnl wcy0mg0wmAT6C+iI+lnPJUiWEcuL5GNI7Ls7m4ZbqLNygat2lXJKGnAUg3L0UtCY u0YJUNlqm3HYFeQnwd9hER6Sf645OEAvafO4hXjIk/L/sZvYvQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:54:17 2025 by rpki-client