This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa File: 7cde858d-62b0-4607-8c80-6907e7e92d59.roa (raw, json) Hash identifier: 6Shb7I1mXb04+KNDYmYZYtvzpuMW8CPGWhICjdcTx1U= Subject key identifier: F9:D1:1D:F0:8F:D7:6E:2E:D3:8F:BB:1B:A9:54:C4:69:31:EA:D9:61 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1064BEC7A7CC1F78A81EDD9649F26DEF04899CB4 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa Signing time: Sat 29 Nov 2025 03:00:12 +0000 ROA not before: Sat 29 Nov 2025 03:00:12 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d059:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:64:be:c7:a7:cc:1f:78:a8:1e:dd:96:49:f2:6d:ef:04:89:9c:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:12 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=b803e4fc1b62c246ffae6055f467ac438543a35e135528462df368f65603f900, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:c9:a9:cd:01:b9:86:12:c2:49:f5:30:90:d3: 97:53:49:89:2b:10:4d:03:91:b0:a1:81:c9:cc:26: c5:ed:d9:75:d1:9e:0a:41:7d:d1:74:d1:3e:8d:7d: ce:b1:4c:a2:2c:bf:e1:08:c0:af:69:0c:60:83:54: db:a2:0e:41:20:5a:43:e3:00:8a:ee:35:67:ee:99: 67:29:ee:ff:37:0c:e0:57:cf:a0:9e:8c:30:77:ed: ec:11:12:97:16:a9:76:c0:98:33:da:0b:e2:93:32: 21:be:df:5d:6a:15:e4:4a:c8:09:f6:72:1d:2a:a1: 53:b1:61:43:b4:18:d2:a2:4c:c7:28:6e:88:cf:75: e7:f7:61:c6:7b:fb:51:a4:4c:ca:bb:02:75:21:57: e6:51:a9:87:cb:b9:06:c3:0e:8e:4c:d8:da:38:30: f1:e2:9d:8a:6b:29:27:a5:fc:f8:36:05:cf:d2:92: 52:81:07:ae:26:b4:eb:df:2e:ec:d7:23:a5:99:cd: eb:74:78:5b:0d:fd:75:b7:c9:6e:24:6d:2d:f8:f2: 04:49:e2:cd:e3:ef:d5:a9:cd:db:1e:c0:bd:41:c9: 58:42:b3:83:b5:3c:05:51:df:3c:74:90:6e:6c:cd: 75:98:06:56:3a:f8:26:5d:ff:a0:8d:c9:56:f4:43: e3:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:D1:1D:F0:8F:D7:6E:2E:D3:8F:BB:1B:A9:54:C4:69:31:EA:D9:61 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde858d-62b0-4607-8c80-6907e7e92d59.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:800::/40 Signature Algorithm: sha256WithRSAEncryption 19:d4:7c:2b:46:53:4c:fa:67:51:af:9d:42:36:6c:23:77:4e: c9:a6:2b:db:57:2b:e1:a7:21:67:83:27:9f:c9:1d:d9:82:58: ca:86:66:96:72:2a:f4:79:82:26:60:8e:0b:0e:36:82:f8:a4: 87:3e:fc:ed:b2:a3:76:ab:d9:9a:3e:2b:75:c7:05:c8:42:f3: 73:de:18:fa:e5:ac:ff:fd:7d:65:f0:b1:7a:b7:92:eb:72:04: cd:e1:36:34:bc:d3:0c:59:6d:36:69:94:0e:81:6b:74:4a:45: c3:14:ac:87:12:7c:99:3a:5a:c0:81:d5:0b:5d:03:ee:c4:7b: 93:74:0d:03:e0:b0:7b:58:5c:a6:a8:b6:ae:21:5e:65:1a:ab: 2c:98:da:7c:84:1a:c8:e1:9b:7e:8b:4e:b6:12:3a:65:5f:d6: cc:e0:91:c2:5c:cd:f7:e7:9b:0b:f5:1e:86:11:80:1f:9c:0a: 89:5b:20:d7:f8:9e:13:32:ba:32:26:3a:00:86:15:79:1d:80: c4:94:ed:cd:dc:78:36:3f:db:f5:bd:91:ec:98:ce:54:d3:36: 86:66:ac:25:d2:f1:01:5f:ae:c3:84:38:1c:01:fe:0b:96:30: 91:64:a8:a3:bb:fc:2b:ba:7d:c1:65:62:2a:20:a4:ce:30:c1: c2:a1:0f:48 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEGS+x6fMH3ioHt2WSfJt7wSJnLQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwMTJaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGI4MDNlNGZjMWI2MmMyNDZmZmFlNjA1NWY0NjdhYzQzODU0M2EzNWUxMzU1 Mjg0NjJkZjM2OGY2NTYwM2Y5MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOjJqc0BuYYSwkn1MJDTl1NJiSsQTQORsKGBycwmxe3ZddGeCkF90XTRPo19 zrFMoiy/4QjAr2kMYINU26IOQSBaQ+MAiu41Z+6ZZynu/zcM4FfPoJ6MMHft7BES lxapdsCYM9oL4pMyIb7fXWoV5ErICfZyHSqhU7FhQ7QY0qJMxyhuiM915/dhxnv7 UaRMyrsCdSFX5lGph8u5BsMOjkzY2jgw8eKdimspJ6X8+DYFz9KSUoEHria0698u 7NcjpZnN63R4Ww39dbfJbiRtLfjyBEnizePv1anN2x7AvUHJWEKzg7U8BVHfPHSQ bmzNdZgGVjr4Jl3/oI3JVvRD43UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT50R3w j9duLtOPuxupVMRpMerZYTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2NkZTg1OGQtNjJiMC00NjA3LThjODAtNjkwN2U3ZTkyZDU5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI MA0GCSqGSIb3DQEBCwUAA4IBAQAZ1HwrRlNM+mdRr51CNmwjd07JpivbVyvhpyFn gyefyR3ZgljKhmaWcir0eYImYI4LDjaC+KSHPvztsqN2q9maPit1xwXIQvNz3hj6 5az//X1l8LF6t5LrcgTN4TY0vNMMWW02aZQOgWt0SkXDFKyHEnyZOlrAgdULXQPu xHuTdA0D4LB7WFymqLauIV5lGqssmNp8hBrI4Zt+i062EjplX9bM4JHCXM3355sL 9R6GEYAfnAqJWyDX+J4TMroyJjoAhhV5HYDElO3N3Hg2P9v1vZHsmM5U0zaGZqwl 0vEBX67DhDgcAf4LljCRZKiju/wrun3BZWIqIKTOMMHCoQ9I -----END CERTIFICATE-----Generated at Sat Dec 6 17:35:07 2025 by rpki-client