This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79b38dbd-37eb-42da-af11-211a30b259a9.roa File: 79b38dbd-37eb-42da-af11-211a30b259a9.roa (raw, json) Hash identifier: FLcnY3qnVgEtF+9APN6N+IDp8U5BxUp/oAi6dHHzYVM= Subject key identifier: 19:93:7E:F8:5C:28:D7:D7:D2:FF:5F:A7:9D:EE:07:87:3F:25:25:95 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1FAE03DC4600CE398E7957321D05A9AE27A6C7FA Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79b38dbd-37eb-42da-af11-211a30b259a9.roa Signing time: Sun 23 Nov 2025 01:30:49 +0000 ROA not before: Sun 23 Nov 2025 01:30:49 +0000 ROA not after: Sat 21 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06a:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:ae:03:dc:46:00:ce:39:8e:79:57:32:1d:05:a9:ae:27:a6:c7:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 23 01:30:49 2025 GMT Not After : Feb 21 23:59:59 2026 GMT Subject: serialNumber=eb212491bef4add99a0d599cb419c26734665ea9086a568686cb373048cf5487, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:19:35:05:f5:42:91:1c:e0:77:42:b3:25:89: 69:fb:ea:fa:5a:e3:d0:fb:77:27:ff:dc:5e:98:e0: 52:7a:d4:cd:9f:bc:a6:44:63:0f:7f:d9:6f:28:f3: 1a:c3:eb:49:0c:64:e6:4a:f2:a6:2a:90:76:a1:37: 9c:ff:69:43:aa:e2:4b:9a:86:3e:5b:1d:eb:c0:ed: c2:74:e0:53:53:be:55:95:ec:05:ad:f8:c0:ad:b7: 1f:4b:2f:78:af:66:a8:2d:a8:ef:4e:d9:f3:48:11: 89:0f:cf:c3:01:b7:9b:37:7c:1d:a2:3f:e5:74:f6: d8:dc:92:6b:03:d4:79:d8:ee:fe:55:27:74:8d:85: 07:73:ff:ac:20:4f:bb:a2:7d:7a:11:4c:4f:a6:7f: ac:77:ec:f1:03:5d:35:f3:e6:05:b3:9c:e4:28:91: 93:88:e3:b4:a1:03:a2:a8:f4:ba:c2:0e:75:36:30: 43:c1:5f:30:f9:f0:7e:4d:c4:c8:f4:fe:fc:a6:b9: cd:9e:e0:e7:31:31:5c:cf:9e:fc:ca:88:48:64:3a: 64:6c:60:98:41:dd:60:f4:9c:88:0f:a3:b4:a4:17: a9:c9:bb:01:24:dd:1d:5e:96:35:11:6e:3c:08:cd: ed:ba:5d:d2:42:aa:9a:b9:37:9b:e1:76:a7:8a:5c: 51:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:93:7E:F8:5C:28:D7:D7:D2:FF:5F:A7:9D:EE:07:87:3F:25:25:95 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79b38dbd-37eb-42da-af11-211a30b259a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06a:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 12:11:92:54:e1:41:98:48:8e:52:1e:84:dd:a0:3f:82:78:c1: 61:2f:0c:87:63:76:3c:e0:5b:b8:5d:b8:c3:ea:f0:b9:4d:23: df:15:9d:b4:0d:f3:6f:e1:52:7e:de:0c:ee:55:19:f6:a2:7f: 3b:2e:70:a3:ee:36:94:38:18:94:2d:04:6d:ef:36:5d:8d:46: dc:49:60:f2:46:51:34:bb:a7:d6:0b:a0:14:33:5c:1e:a1:c2: 9e:92:90:5b:00:b7:fd:89:25:9a:6f:dd:65:6d:95:50:e7:ef: 9d:7a:25:01:2f:b0:33:d8:5a:74:cf:b8:a6:28:c5:8c:d7:4a: c0:5a:06:a9:98:c9:91:a2:88:b2:38:d9:01:70:44:5d:c1:80: a8:2e:d4:33:82:f5:45:d7:93:f0:c9:7f:6f:af:8d:12:97:c1: 2e:78:89:42:7d:4d:4b:ff:49:be:c7:5a:2f:22:7f:6d:32:b0: b3:5b:a3:68:0a:2e:f7:8f:e2:6f:cd:cb:41:53:40:fc:0f:31: 69:88:71:36:91:ca:04:39:9c:7a:fa:78:49:40:93:30:03:8d: 52:42:b3:78:1e:19:99:35:39:2a:75:36:4a:f7:84:81:ae:55: 46:7d:04:7d:7d:35:55:29:1c:c9:72:e5:9c:d7:ed:da:5d:77: bd:68:9e:d4 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUH64D3EYAzjmOeVcyHQWpriemx/owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjMwMTMwNDlaFw0yNjAyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQGViMjEyNDkxYmVmNGFkZDk5YTBkNTk5Y2I0MTljMjY3MzQ2NjVlYTkwODZh NTY4Njg2Y2IzNzMwNDhjZjU0ODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsZNQX1QpEc4HdCsyWJafvq+lrj0Pt3J//cXpjgUnrUzZ+8pkRjD3/Zbyjz GsPrSQxk5krypiqQdqE3nP9pQ6riS5qGPlsd68DtwnTgU1O+VZXsBa34wK23H0sv eK9mqC2o707Z80gRiQ/PwwG3mzd8HaI/5XT22NySawPUedju/lUndI2FB3P/rCBP u6J9ehFMT6Z/rHfs8QNdNfPmBbOc5CiRk4jjtKEDoqj0usIOdTYwQ8FfMPnwfk3E yPT+/Ka5zZ7g5zExXM+e/MqISGQ6ZGxgmEHdYPSciA+jtKQXqcm7ASTdHV6WNRFu PAjN7bpd0kKqmrk3m+F2p4pcUTkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQZk374 XCjX19L/X6ed7geHPyUllTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NzliMzhkYmQtMzdlYi00MmRhLWFmMTEtMjExYTMwYjI1OWE5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gpg wDANBgkqhkiG9w0BAQsFAAOCAQEAEhGSVOFBmEiOUh6E3aA/gnjBYS8Mh2N2POBb uF24w+rwuU0j3xWdtA3zb+FSft4M7lUZ9qJ/Oy5wo+42lDgYlC0Ebe82XY1G3Elg 8kZRNLun1gugFDNcHqHCnpKQWwC3/Yklmm/dZW2VUOfvnXolAS+wM9hadM+4pijF jNdKwFoGqZjJkaKIsjjZAXBEXcGAqC7UM4L1RdeT8Ml/b6+NEpfBLniJQn1NS/9J vsdaLyJ/bTKws1ujaAou94/ib83LQVNA/A8xaYhxNpHKBDmcevp4SUCTMAONUkKz eB4ZmTU5KnU2SveEga5VRn0EfX01VSkcyXLlnNft2l13vWie1A== -----END CERTIFICATE-----Generated at Sun Dec 7 01:07:20 2025 by rpki-client