This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa File: 7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa (raw, json) Hash identifier: RloOMYQPrcQc6h7ioMvL66oAbUC5RkzIjW/CVDxxH1A= Subject key identifier: 7C:71:6A:1D:85:65:63:9F:C5:EF:3F:F4:49:53:0F:F7:F3:D0:1E:40 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 75F1C3C9C226268F849C14262A345C186B0E6E1B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa Signing time: Wed 10 Dec 2025 05:40:43 +0000 ROA not before: Wed 10 Dec 2025 05:40:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d075:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:f1:c3:c9:c2:26:26:8f:84:9c:14:26:2a:34:5c:18:6b:0e:6e:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:40:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=a0220ae2292e1061c46fc08636fe177b15a1b9967db739d3ed530bbf36581211, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:62:bf:0a:15:ed:b7:96:1e:5a:ff:2c:4d:3c: 69:3b:f5:7d:a8:05:cb:2c:32:34:d3:b5:83:7c:0d: 55:bc:73:76:3e:56:92:87:c6:f4:4c:40:57:60:6b: 36:0b:91:d0:97:70:f9:9c:00:00:ab:7f:3b:7d:49: 21:f7:2e:e5:5d:e1:fc:f9:e9:e1:bb:7c:18:b0:51: e9:32:f6:7c:26:ea:38:c2:71:ae:e8:2c:8b:2d:9f: a8:b3:a4:d5:70:12:cc:cf:5f:e7:73:d5:3e:63:51: f7:d6:35:1f:f1:ab:a2:00:60:8f:23:ed:4a:38:2f: 49:58:da:a2:6b:2a:d6:bc:4a:e8:a6:6f:e2:cd:98: ed:df:45:6b:94:a3:4b:43:2b:36:9c:9b:60:a5:1f: 6c:63:98:db:b2:0f:03:79:8e:e6:4c:35:c1:18:97: 0e:f0:63:b4:fb:20:7b:97:a4:78:45:82:14:0c:1a: eb:32:9e:ac:c6:f4:0f:de:c3:7f:44:7b:5b:8a:95: f3:f0:ae:44:d9:8d:dd:ef:bf:a1:b3:df:9f:3f:0e: 64:75:11:ed:23:a8:e1:a3:6c:69:d0:61:0d:97:93: 8a:1e:e7:b1:56:bc:ae:06:cf:56:af:f4:3c:1d:96: 7b:20:36:e6:2e:33:3b:8e:71:c6:ad:bc:7e:5b:ab: 9c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:71:6A:1D:85:65:63:9F:C5:EF:3F:F4:49:53:0F:F7:F3:D0:1E:40 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d96d3ad-0ee7-4630-9a49-a0dcc2b71da5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d075:9000::/40 Signature Algorithm: sha256WithRSAEncryption b5:f5:f1:e1:e6:65:ae:c5:0e:91:6f:2b:08:cf:c7:82:e1:d4: cf:9d:e9:e7:a5:5a:39:dc:d7:31:ea:ee:0d:00:1d:3d:e2:bb: 67:53:24:9e:35:57:0c:0d:09:14:99:1c:e2:a0:de:f5:fb:8d: ad:c9:b0:3d:59:d6:27:49:08:5f:f8:e0:ad:90:0e:36:26:a1: 24:8d:4f:37:25:c2:59:c4:79:75:94:d8:6f:c3:f9:e5:55:d6: f3:a4:48:8a:a7:85:35:c9:7e:7a:09:f9:65:7a:82:39:5e:78: 8a:99:17:0d:80:6a:f5:b8:cf:60:c0:78:20:ff:b3:73:7f:87: ce:2e:8e:3d:b2:74:ad:32:a6:61:d2:86:b1:18:82:ea:e8:dd: 27:02:01:99:91:bf:00:da:79:4d:e3:fa:ad:ad:b6:48:e4:83: b2:36:37:f8:24:89:3b:55:7e:82:52:a3:f6:9a:c9:12:7b:f7: 67:d6:3f:72:e0:d5:d2:61:9f:74:e7:0d:ee:db:07:72:d2:e6: e2:c0:47:28:ad:c9:4f:d8:7f:77:c5:de:79:5b:3e:45:ae:ba: 16:f0:93:73:a6:a0:9d:b1:e4:21:20:29:ab:80:84:ed:ef:3d: 07:a7:33:4a:c7:4f:6e:07:1d:2d:9b:40:d7:69:4a:38:4e:42: 48:b7:0d:01 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUdfHDycImJo+EnBQmKjRcGGsObhswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTQwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGEwMjIwYWUyMjkyZTEwNjFjNDZmYzA4NjM2ZmUxNzdiMTVhMWI5OTY3ZGI3 MzlkM2VkNTMwYmJmMzY1ODEyMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKtivwoV7beWHlr/LE08aTv1fagFyywyNNO1g3wNVbxzdj5WkofG9ExAV2Br NguR0Jdw+ZwAAKt/O31JIfcu5V3h/Pnp4bt8GLBR6TL2fCbqOMJxrugsiy2fqLOk 1XASzM9f53PVPmNR99Y1H/GrogBgjyPtSjgvSVjaomsq1rxK6KZv4s2Y7d9Fa5Sj S0MrNpybYKUfbGOY27IPA3mO5kw1wRiXDvBjtPsge5ekeEWCFAwa6zKerMb0D97D f0R7W4qV8/CuRNmN3e+/obPfnz8OZHUR7SOo4aNsadBhDZeTih7nsVa8rgbPVq/0 PB2WeyA25i4zO45xxq28flurnMMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR8cWod hWVjn8XvP/RJUw/389AeQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv N2Q5NmQzYWQtMGVlNy00NjMwLTlhNDktYTBkY2MyYjcxZGE1LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HWQ MA0GCSqGSIb3DQEBCwUAA4IBAQC19fHh5mWuxQ6RbysIz8eC4dTPnennpVo53Ncx 6u4NAB094rtnUySeNVcMDQkUmRzioN71+42tybA9WdYnSQhf+OCtkA42JqEkjU83 JcJZxHl1lNhvw/nlVdbzpEiKp4U1yX56CflleoI5XniKmRcNgGr1uM9gwHgg/7Nz f4fOLo49snStMqZh0oaxGILq6N0nAgGZkb8A2nlN4/qtrbZI5IOyNjf4JIk7VX6C UqP2mskSe/dn1j9y4NXSYZ905w3u2wdy0ubiwEcorclP2H93xd55Wz5FrroW8JNz pqCdseQhICmrgITt7z0HpzNKx09uBx0tm0DXaUo4TkJItw0B -----END CERTIFICATE-----Generated at Mon Dec 15 15:30:30 2025 by rpki-client