This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa File: 7a025e69-9e3e-460c-9734-42e9bd14485c.roa (raw, json) Hash identifier: Y9z4wvleq0TU361Ebo4SQ9EAjUUSdk3jv4ufMSdn6SY= Subject key identifier: CA:74:42:B8:45:7B:74:7C:57:31:0B:06:76:50:EA:1A:F7:CA:58:31 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 0FA3356B69FDE5076FC2C7DE4FEF8F2726CB0B8F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa Signing time: Tue 02 Dec 2025 01:50:46 +0000 ROA not before: Tue 02 Dec 2025 01:50:46 +0000 ROA not after: Mon 02 Mar 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d030:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:a3:35:6b:69:fd:e5:07:6f:c2:c7:de:4f:ef:8f:27:26:cb:0b:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 2 01:50:46 2025 GMT Not After : Mar 2 23:59:59 2026 GMT Subject: serialNumber=027ac9d3067b8ba64da76bc66f48462f31d62d23af062dd721fd19657e8ad09f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ce:ae:8f:d1:8b:cf:c3:0a:18:d4:65:23:4c: 1b:0b:52:46:04:af:7a:c4:3c:99:6c:12:94:5c:e4: d9:c4:b3:3e:6e:2f:68:99:ab:05:c5:44:f5:f4:a3: f6:93:9c:44:63:66:e9:95:e2:46:07:bd:4a:e6:81: 19:4a:79:31:a8:9a:70:04:6c:52:c2:b6:9b:7a:57: da:bf:d4:a7:4c:ef:0e:a4:b5:4b:cb:30:f1:d5:25: 8c:88:7e:25:f5:1c:58:fa:a4:41:7e:19:87:c3:bd: 34:d0:75:28:58:cc:3f:52:30:14:35:a2:fa:7e:ce: f5:f2:7e:69:a0:d1:33:64:77:41:9f:63:c9:fb:42: e3:ab:d3:00:cf:af:e5:55:1e:d3:b0:da:44:50:4e: 20:ea:3d:1f:fb:f8:e8:24:f7:b8:c7:e7:5f:98:52: d8:34:28:96:c0:2a:30:7a:c1:31:84:9b:6e:4d:16: 07:eb:4c:a5:5a:39:f1:e7:c2:23:8a:a0:63:5a:81: 95:dd:d7:4e:5e:ca:5f:32:7f:ef:dd:09:87:7d:80: 54:17:20:39:a4:de:1f:dd:9f:02:d1:51:76:db:e6: fc:6a:fe:f9:c8:74:9b:bb:2c:89:a7:fe:78:24:87: a3:06:61:f4:40:44:8d:f4:d1:e2:a3:66:74:8a:67: f8:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:74:42:B8:45:7B:74:7C:57:31:0B:06:76:50:EA:1A:F7:CA:58:31 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d030:6000::/40 Signature Algorithm: sha256WithRSAEncryption b3:97:cb:f1:ca:08:f5:1e:52:b8:e2:86:0a:8a:33:ac:55:d8: 2b:1d:c4:7a:ec:97:33:b5:74:ba:46:4b:3d:0b:44:2c:e0:b6: 1a:1e:4a:35:be:bb:ed:f1:e9:e7:bd:f1:b3:c3:11:54:eb:8a: 33:7e:35:ea:7f:6e:05:fe:1d:93:ad:5d:c1:d5:28:72:be:c4: cb:d0:38:8c:4b:43:7c:80:7e:09:c9:6a:ab:e5:dc:b3:d7:33: a6:5d:af:a7:6c:af:9b:8c:10:28:47:83:5e:e1:03:50:c9:e8: 9f:07:fd:18:70:8b:e1:4c:04:40:a1:ec:06:5e:18:60:f0:b8: 1a:84:11:db:39:7f:b0:b8:9c:4a:ce:10:50:ce:c9:75:66:37: e1:34:90:82:76:5d:ed:04:1f:59:59:e2:dc:c6:08:08:da:76: f5:77:0e:e8:c6:0f:c5:d8:cc:91:3c:aa:e1:fc:86:43:41:dd: ec:fa:94:b9:4c:cf:9e:79:a1:43:89:cc:78:2c:8b:ae:57:dd: c1:b9:dd:be:b8:eb:0a:1e:03:84:0c:82:6e:cc:46:ee:c5:13: 39:44:85:43:be:c9:05:8f:d2:94:0e:29:12:f8:10:4a:96:99: 5b:24:af:06:ca:f2:0c:1e:72:54:3f:f5:3d:be:e6:e1:99:a3: e8:32:2d:70 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUD6M1a2n95QdvwsfeT++PJybLC48wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDIwMTUwNDZaFw0yNjAzMDIyMzU5NTlaMHoxSTBHBgNV BAUTQDAyN2FjOWQzMDY3YjhiYTY0ZGE3NmJjNjZmNDg0NjJmMzFkNjJkMjNhZjA2 MmRkNzIxZmQxOTY1N2U4YWQwOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMTOro/Ri8/DChjUZSNMGwtSRgSvesQ8mWwSlFzk2cSzPm4vaJmrBcVE9fSj 9pOcRGNm6ZXiRge9SuaBGUp5MaiacARsUsK2m3pX2r/Up0zvDqS1S8sw8dUljIh+ JfUcWPqkQX4Zh8O9NNB1KFjMP1IwFDWi+n7O9fJ+aaDRM2R3QZ9jyftC46vTAM+v 5VUe07DaRFBOIOo9H/v46CT3uMfnX5hS2DQolsAqMHrBMYSbbk0WB+tMpVo58efC I4qgY1qBld3XTl7KXzJ/790Jh32AVBcgOaTeH92fAtFRdtvm/Gr++ch0m7ssiaf+ eCSHowZh9EBEjfTR4qNmdIpn+D0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKdEK4 RXt0fFcxCwZ2UOoa98pYMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2EwMjVlNjktOWUzZS00NjBjLTk3MzQtNDJlOWJkMTQ0ODVjLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg MA0GCSqGSIb3DQEBCwUAA4IBAQCzl8vxygj1HlK44oYKijOsVdgrHcR67JcztXS6 Rks9C0Qs4LYaHko1vrvt8ennvfGzwxFU64ozfjXqf24F/h2TrV3B1ShyvsTL0DiM S0N8gH4JyWqr5dyz1zOmXa+nbK+bjBAoR4Ne4QNQyeifB/0YcIvhTARAoewGXhhg 8LgahBHbOX+wuJxKzhBQzsl1ZjfhNJCCdl3tBB9ZWeLcxggI2nb1dw7oxg/F2MyR PKrh/IZDQd3s+pS5TM+eeaFDicx4LIuuV93Bud2+uOsKHgOEDIJuzEbuxRM5RIVD vskFj9KUDikS+BBKlplbJK8GyvIMHnJUP/U9vubhmaPoMi1w -----END CERTIFICATE-----Generated at Sat Dec 6 11:47:09 2025 by rpki-client