This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa File: 7802179a-c80f-42f1-a50b-a0af1df078c2.roa (raw, json) Hash identifier: 3tpCZDVHo1OCZnd5kZpxNKNjnuTqxHh5k8E/eP71DKY= Subject key identifier: 69:26:9B:B9:CF:3C:8A:9D:0B:C6:00:E8:D0:6F:52:71:79:87:09:61 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 5F001A97CF650E4E434A1E8C61346DC8FEF32822 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa Signing time: Wed 10 Dec 2025 06:00:04 +0000 ROA not before: Wed 10 Dec 2025 06:00:04 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d059:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:00:1a:97:cf:65:0e:4e:43:4a:1e:8c:61:34:6d:c8:fe:f3:28:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:04 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=ae860feabd9935566903d2581dfbd84583d74b389c949e5cdc3602f77873b84c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d6:3e:0d:bd:fb:e4:26:5d:77:9c:5d:06:53: 16:76:92:4a:2f:6c:a8:b7:3f:38:10:cb:2b:c2:b3: 5b:02:59:8d:f9:af:0c:cd:16:a0:f4:fc:df:ca:8e: 32:1d:8d:06:43:b6:a6:f9:7e:2a:e5:d5:ee:23:cb: a1:b2:52:d1:ed:69:7a:ab:cc:38:ea:9b:53:35:1b: ee:5e:47:2a:16:f2:a2:16:12:d0:b6:0d:ed:39:a0: 8e:4e:5b:e6:de:17:89:61:e6:f2:a2:d0:fc:f7:59: 55:9f:58:91:00:b6:5b:39:a4:8c:66:bf:a6:ff:32: a1:47:8d:d3:e0:5b:b5:40:e3:4c:63:23:84:58:f3: c7:62:70:2c:ee:fb:df:a6:27:b7:af:ac:6c:84:24: 3d:c1:50:ae:e5:3b:84:77:47:ff:85:3b:0a:16:c6: c9:90:02:2d:43:4a:96:8f:97:24:6c:63:73:e1:dd: 41:b2:4b:4c:5a:e6:02:4f:92:5b:e2:9c:70:f9:db: 4c:19:ab:8c:e2:3c:6d:55:dc:c0:4c:de:43:e5:a1: ec:f1:3a:74:fe:5c:19:7b:5a:e0:69:65:95:f6:24: 6c:b0:32:9a:bf:17:23:83:2c:98:81:90:30:dc:d2: cb:e0:7d:ee:3a:4f:90:70:b6:90:f9:4e:94:af:7a: 67:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:26:9B:B9:CF:3C:8A:9D:0B:C6:00:E8:D0:6F:52:71:79:87:09:61 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7802179a-c80f-42f1-a50b-a0af1df078c2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:4000::/40 Signature Algorithm: sha256WithRSAEncryption bb:7e:1b:4d:e9:a2:5e:22:cf:ba:3d:e0:ef:03:dc:d8:af:76: 6b:48:be:40:ed:6a:0a:3e:7e:c6:93:b8:71:68:21:64:40:7d: 28:b9:83:4b:89:46:96:f1:b7:2d:cf:e0:f4:ad:e9:eb:33:19: b0:98:9f:02:71:e3:44:d1:d1:ec:2b:29:0e:06:14:ad:4d:46: 10:d1:50:10:13:fc:b1:ee:96:4a:5f:85:4a:ff:80:63:f8:72: ee:58:1c:1b:ea:39:67:f8:2d:ab:ec:10:60:46:ef:7b:c5:82: cf:b2:8f:5a:22:69:0d:b0:cd:ff:c3:64:c8:c8:3a:7f:6c:c3: 92:53:a7:9e:05:42:5a:49:20:8e:2a:59:7b:bd:18:48:64:96: 9e:ea:75:73:67:03:62:6e:6d:09:49:5b:90:3c:87:13:58:38: 95:2c:1f:9f:5e:49:70:ac:ce:22:c9:64:3b:45:57:6d:0e:49: 84:cd:0d:7d:80:be:93:9a:55:8f:4c:d5:2e:b9:d1:e5:70:f1: 5d:68:87:0e:ce:e3:67:85:c7:6e:fa:98:8a:9e:b2:64:b4:0f: bb:16:bf:12:54:34:ce:20:f5:c7:53:75:d5:47:17:22:27:70: f7:1a:4b:1e:0f:4a:c5:de:58:af:ed:9e:70:62:6e:b8:15:66: 26:cb:ba:74 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUXwAal89lDk5DSh6MYTRtyP7zKCIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwMDRaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGFlODYwZmVhYmQ5OTM1NTY2OTAzZDI1ODFkZmJkODQ1ODNkNzRiMzg5Yzk0 OWU1Y2RjMzYwMmY3Nzg3M2I4NGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ/WPg29++QmXXecXQZTFnaSSi9sqLc/OBDLK8KzWwJZjfmvDM0WoPT838qO Mh2NBkO2pvl+KuXV7iPLobJS0e1peqvMOOqbUzUb7l5HKhbyohYS0LYN7Tmgjk5b 5t4XiWHm8qLQ/PdZVZ9YkQC2WzmkjGa/pv8yoUeN0+BbtUDjTGMjhFjzx2JwLO77 36Ynt6+sbIQkPcFQruU7hHdH/4U7ChbGyZACLUNKlo+XJGxjc+HdQbJLTFrmAk+S W+KccPnbTBmrjOI8bVXcwEzeQ+Wh7PE6dP5cGXta4GlllfYkbLAymr8XI4MsmIGQ MNzSy+B97jpPkHC2kPlOlK96Z2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRpJpu5 zzyKnQvGAOjQb1JxeYcJYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzgwMjE3OWEtYzgwZi00MmYxLWE1MGItYTBhZjFkZjA3OGMyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlA MA0GCSqGSIb3DQEBCwUAA4IBAQC7fhtN6aJeIs+6PeDvA9zYr3ZrSL5A7WoKPn7G k7hxaCFkQH0ouYNLiUaW8bctz+D0renrMxmwmJ8CceNE0dHsKykOBhStTUYQ0VAQ E/yx7pZKX4VK/4Bj+HLuWBwb6jln+C2r7BBgRu97xYLPso9aImkNsM3/w2TIyDp/ bMOSU6eeBUJaSSCOKll7vRhIZJae6nVzZwNibm0JSVuQPIcTWDiVLB+fXklwrM4i yWQ7RVdtDkmEzQ19gL6TmlWPTNUuudHlcPFdaIcOzuNnhcdu+piKnrJktA+7Fr8S VDTOIPXHU3XVRxciJ3D3GkseD0rF3liv7Z5wYm64FWYmy7p0 -----END CERTIFICATE-----Generated at Mon Dec 15 15:28:20 2025 by rpki-client