This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa File: 7ce413ad-560d-4eb8-915b-8c6e01d97910.roa (raw, json) Hash identifier: s193HYHtTdagO8LogUSEO3x+0nhvEWUP9y8RtsqKCp8= Subject key identifier: EB:FF:D3:1A:2F:28:02:40:34:B3:17:96:EE:F5:BD:3C:D8:5F:DE:F8 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 3EEA3E9103FFD4E836B37295A120C8E0069E7076 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa Signing time: Wed 10 Dec 2025 05:30:50 +0000 ROA not before: Wed 10 Dec 2025 05:30:50 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:5000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:ea:3e:91:03:ff:d4:e8:36:b3:72:95:a1:20:c8:e0:06:9e:70:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:30:50 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=cd93b74f82c09ed8479605789d39aaaeaef2bb8e00f2bba0e1bd73bb17e49f94, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:8f:3a:ed:ec:33:52:5b:20:45:21:3d:7d:98: 56:d5:68:a8:b4:d6:67:2f:a6:43:3d:12:d1:9c:0f: 60:df:7a:73:e8:c1:1c:d2:c0:15:a2:9a:b0:e4:d2: 6f:2b:bd:af:df:a8:3c:e9:12:d2:41:46:ec:05:d2: 14:bc:cc:c7:0f:dd:cb:f1:6c:2c:bf:bd:7d:25:05: d1:fe:7b:ef:59:80:45:ab:fb:ab:9a:ec:9a:8f:be: 98:70:81:bd:ff:41:8d:d9:d2:aa:a6:d6:57:16:22: 49:fb:60:97:3d:90:e3:54:3d:27:cd:2d:30:43:fd: 30:b8:9f:20:d6:b1:fd:9b:ba:f2:e5:fb:42:b1:02: d8:0e:1a:72:2e:09:49:42:af:4e:e0:f6:a0:5a:b9: 3c:14:ff:92:44:ab:97:82:98:72:4a:50:21:6c:6e: 92:14:43:df:30:dd:e2:d7:48:dc:4e:0c:7d:68:5a: 1a:da:23:e8:04:39:90:7a:ec:19:f2:b1:26:9d:4d: ce:b9:ef:8c:5b:6c:44:42:d3:d1:0d:71:ce:36:d2: 59:d2:f1:16:c5:f8:ad:2d:6c:05:a6:a4:6d:c8:82: 87:36:82:0f:89:8b:f5:b1:53:f2:f4:cd:19:40:08: 68:d6:ac:86:6b:4e:74:b7:b4:ce:b6:36:b8:66:e2: 9c:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:FF:D3:1A:2F:28:02:40:34:B3:17:96:EE:F5:BD:3C:D8:5F:DE:F8 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7ce413ad-560d-4eb8-915b-8c6e01d97910.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:5000::/40 Signature Algorithm: sha256WithRSAEncryption 30:76:46:e6:ad:af:27:31:93:32:c1:5e:19:2a:ae:fc:d8:19: 21:e7:51:5c:b1:69:aa:61:8f:81:a5:97:71:53:3b:5f:29:7f: 4a:65:5e:b7:39:47:87:72:09:f8:64:70:71:c6:be:c6:a1:d1: d3:85:c2:3a:c9:9a:2d:e7:80:14:29:2a:55:3b:aa:69:a9:1e: ce:11:89:78:89:de:1e:9f:2c:3c:f2:a3:7f:98:1e:b0:81:36: 81:c4:ae:f1:0f:f4:86:e2:1f:bf:8f:2b:df:be:a8:ae:e4:94: 4f:ae:ce:7b:8c:a8:87:9f:8e:62:fd:aa:ca:4f:41:70:91:49: d6:bd:b4:22:e2:cb:47:81:13:4f:a5:78:2a:9e:30:35:43:59: 45:20:f5:4e:f5:9b:81:4d:aa:09:8c:9c:78:8f:8d:3c:21:e8: b9:b0:8e:92:2d:dd:35:75:77:66:7a:6d:c0:07:ff:f2:a9:0f: f0:8d:0e:63:7c:31:0f:5b:b5:44:35:d7:a2:aa:04:5a:26:70: a9:0b:ea:ba:c6:42:b2:4a:0f:6f:ea:da:83:01:9a:54:b3:fb: 37:51:84:e2:17:fa:ff:bc:a9:02:70:e7:5f:d7:30:5f:c2:f9: 93:df:08:c5:64:bc:bd:ab:79:9b:7b:3e:e7:5e:57:21:2a:85: 69:db:ab:7a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUPuo+kQP/1Og2s3KVoSDI4AaecHYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMwNTBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGNkOTNiNzRmODJjMDllZDg0Nzk2MDU3ODlkMzlhYWFlYWVmMmJiOGUwMGYy YmJhMGUxYmQ3M2JiMTdlNDlmOTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALmPOu3sM1JbIEUhPX2YVtVoqLTWZy+mQz0S0ZwPYN96c+jBHNLAFaKasOTS byu9r9+oPOkS0kFG7AXSFLzMxw/dy/FsLL+9fSUF0f5771mARav7q5rsmo++mHCB vf9BjdnSqqbWVxYiSftglz2Q41Q9J80tMEP9MLifINax/Zu68uX7QrEC2A4aci4J SUKvTuD2oFq5PBT/kkSrl4KYckpQIWxukhRD3zDd4tdI3E4MfWhaGtoj6AQ5kHrs GfKxJp1NzrnvjFtsRELT0Q1xzjbSWdLxFsX4rS1sBaakbciChzaCD4mL9bFT8vTN GUAIaNashmtOdLe0zrY2uGbinDsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTr/9Ma LygCQDSzF5bu9b082F/e+DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2NlNDEzYWQtNTYwZC00ZWI4LTkxNWItOGM2ZTAxZDk3OTEwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABQ MA0GCSqGSIb3DQEBCwUAA4IBAQAwdkbmra8nMZMywV4ZKq782Bkh51FcsWmqYY+B pZdxUztfKX9KZV63OUeHcgn4ZHBxxr7GodHThcI6yZot54AUKSpVO6ppqR7OEYl4 id4enyw88qN/mB6wgTaBxK7xD/SG4h+/jyvfvqiu5JRPrs57jKiHn45i/arKT0Fw kUnWvbQi4stHgRNPpXgqnjA1Q1lFIPVO9ZuBTaoJjJx4j408Iei5sI6SLd01dXdm em3AB//yqQ/wjQ5jfDEPW7VENdeiqgRaJnCpC+q6xkKySg9v6tqDAZpUs/s3UYTi F/r/vKkCcOdf1zBfwvmT3wjFZLy9q3mbez7nXlchKoVp26t6 -----END CERTIFICATE-----Generated at Mon Dec 15 15:32:35 2025 by rpki-client