This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa File: 757087af-5baf-4a2f-a9ec-dbadb47313e2.roa (raw, json) Hash identifier: ZzApV0ocOaw64PTs/IbGlebj9tRi9GQBC7jGhkKic1o= Subject key identifier: 18:BF:C9:FB:44:42:E8:F5:44:5F:55:23:EF:9D:E8:01:D8:26:77:4D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 686A61799EF2E4128744CEC22FFDCD291CB9E9FA Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa Signing time: Sat 15 Nov 2025 05:30:17 +0000 ROA not before: Sat 15 Nov 2025 05:30:17 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:50c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:6a:61:79:9e:f2:e4:12:87:44:ce:c2:2f:fd:cd:29:1c:b9:e9:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:30:17 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=93b3decc436a40feff8edf05cefa6ecbcbf588cdedd0237978a4ab120c153764, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:66:f3:fe:df:f5:81:24:1d:46:5a:a8:c5:fa: 2b:ef:6a:a1:45:20:22:2b:36:6d:ab:6c:34:0a:b6: 85:f6:a3:5c:b2:f8:4e:eb:68:a6:1f:f9:71:97:74: c6:b4:a0:99:15:3c:94:f0:8b:66:3a:73:4d:a8:49: 7f:3d:7d:18:74:40:ac:76:c8:b9:c5:fd:0c:f1:d6: 30:51:7d:65:f8:94:10:f9:07:4b:ae:51:2c:bb:b2: c1:ef:da:30:bf:02:2c:42:e5:8d:f8:0d:04:e1:06: 1d:fa:26:28:a5:bd:c5:97:1f:8d:c9:42:e8:8d:49: 74:ed:d8:6b:79:10:d4:5e:a8:92:f0:54:68:28:e0: 9b:cf:8a:ff:00:1c:2d:09:24:34:0e:4d:47:72:c5: e0:3b:8b:3f:f4:1a:a8:52:48:3c:80:08:41:42:89: 4b:cd:e0:ba:8d:02:01:c9:98:a9:03:d9:76:b4:62: 83:c5:a7:cc:3f:9b:5f:58:48:81:ad:b5:55:5a:18: 25:ff:d4:9b:42:b6:c6:d5:29:b3:06:1a:be:53:04: 69:e8:3d:de:73:c0:24:72:4c:01:be:43:62:c1:cd: 79:3f:33:ce:21:86:c8:ef:dc:94:d5:d1:f0:76:e5: d8:c1:fe:8e:2e:f6:4d:49:d2:77:7c:3b:bb:f6:8c: 41:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:BF:C9:FB:44:42:E8:F5:44:5F:55:23:EF:9D:E8:01:D8:26:77:4D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/757087af-5baf-4a2f-a9ec-dbadb47313e2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:50c0::/48 Signature Algorithm: sha256WithRSAEncryption 13:b0:8a:d9:0d:39:79:4a:a1:e4:05:66:63:39:15:af:09:3f: 52:0e:b8:c9:d8:79:85:45:5e:9d:42:2a:ee:f5:4d:be:0c:4f: 91:4b:66:48:6e:da:5c:d2:d9:d5:4f:4e:87:72:6a:a5:21:51: 2e:a6:24:fd:a7:ae:86:89:38:48:67:e3:aa:a6:36:f5:1b:ee: 59:e3:98:0a:93:be:ab:08:1d:dc:9b:22:30:dc:15:9f:a2:94: 0c:c6:89:db:86:c3:6e:e2:88:a8:b0:01:a6:8b:4d:2e:2d:6d: c0:2f:ea:11:c2:0c:00:52:d4:d8:8a:a1:1f:da:41:c3:a2:e5: 1a:2d:76:84:fd:57:a6:d0:fc:09:29:8c:95:34:9f:9e:db:23: 68:04:94:5b:86:d5:37:d2:f3:a7:b4:9f:03:01:0d:3e:02:07: 8d:3b:37:96:d7:3c:47:74:5b:e0:04:b4:39:6d:9c:c5:39:86: 44:99:7b:8c:9c:32:54:3a:05:cd:c5:81:00:05:77:fc:62:4a: ab:ba:5d:7f:c5:68:cd:e0:f8:0f:31:43:a3:98:a5:cd:95:9c: 5d:20:2c:3a:a9:06:af:02:73:dd:ee:8e:66:97:51:bf:3a:d5: f2:53:cd:99:91:54:f6:49:1c:74:4b:ba:a3:3e:5c:fe:09:16: c1:21:5c:aa -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUaGpheZ7y5BKHRM7CL/3NKRy56fowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTMwMTdaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDkzYjNkZWNjNDM2YTQwZmVmZjhlZGYwNWNlZmE2ZWNiY2JmNTg4Y2RlZGQw MjM3OTc4YTRhYjEyMGMxNTM3NjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9m8/7f9YEkHUZaqMX6K+9qoUUgIis2batsNAq2hfajXLL4Tutoph/5cZd0 xrSgmRU8lPCLZjpzTahJfz19GHRArHbIucX9DPHWMFF9ZfiUEPkHS65RLLuywe/a ML8CLELljfgNBOEGHfomKKW9xZcfjclC6I1JdO3Ya3kQ1F6okvBUaCjgm8+K/wAc LQkkNA5NR3LF4DuLP/QaqFJIPIAIQUKJS83guo0CAcmYqQPZdrRig8WnzD+bX1hI ga21VVoYJf/Um0K2xtUpswYavlMEaeg93nPAJHJMAb5DYsHNeT8zziGGyO/clNXR 8Hbl2MH+ji72TUnSd3w7u/aMQXkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQYv8n7 RELo9URfVSPvnegB2CZ3TTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzU3MDg3YWYtNWJhZi00YTJmLWE5ZWMtZGJhZGI0NzMxM2UyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9Q wDANBgkqhkiG9w0BAQsFAAOCAQEAE7CK2Q05eUqh5AVmYzkVrwk/Ug64ydh5hUVe nUIq7vVNvgxPkUtmSG7aXNLZ1U9Oh3JqpSFRLqYk/aeuhok4SGfjqqY29RvuWeOY CpO+qwgd3JsiMNwVn6KUDMaJ24bDbuKIqLABpotNLi1twC/qEcIMAFLU2IqhH9pB w6LlGi12hP1XptD8CSmMlTSfntsjaASUW4bVN9Lzp7SfAwENPgIHjTs3ltc8R3Rb 4AS0OW2cxTmGRJl7jJwyVDoFzcWBAAV3/GJKq7pdf8VozeD4DzFDo5ilzZWcXSAs OqkGrwJz3e6OZpdRvzrV8lPNmZFU9kkcdEu6oz5c/gkWwSFcqg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:51 2025 by rpki-client