This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa File: 868cbba8-4804-4fbd-b9b8-7e9402c44956.roa (raw, json) Hash identifier: ak9PgzDcpC+3afE27a3N3THohuyjwu9kJEwL+Z333ns= Subject key identifier: BA:17:0B:CE:5B:7D:04:19:97:AC:1B:0A:79:77:5F:87:AA:85:90:10 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 79C8738BB84BB0F99506464DEFA44A64A37BEC0C Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa Signing time: Sat 15 Nov 2025 06:00:34 +0000 ROA not before: Sat 15 Nov 2025 06:00:34 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d06f:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:c8:73:8b:b8:4b:b0:f9:95:06:46:4d:ef:a4:4a:64:a3:7b:ec:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:00:34 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=8f4a09d6231c8af96c83a5ffbab870239c1e47b452010a54f84f528f671a4d06, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:60:d5:1b:d8:58:1b:9a:f2:cc:e2:10:6e:66: 71:4a:f0:bf:16:22:c6:7f:a9:17:77:34:7c:b9:8a: 78:8c:d3:6e:98:2e:ad:8c:df:c3:c4:08:76:0d:03: 04:a9:c1:7e:81:aa:42:dc:51:48:bd:6b:51:03:c5: 06:82:da:0c:bd:06:d7:06:6a:9f:f1:72:a1:0c:c1: 79:82:0d:26:37:44:9e:99:da:b6:ed:93:fc:04:cc: e3:4e:b8:bb:e3:4e:52:52:7c:c3:3e:28:3c:d4:89: bc:e8:7e:b7:b0:52:65:90:3b:6d:10:02:ed:d7:cd: 12:dd:d9:da:18:7a:ee:30:fe:10:8d:a5:65:66:c2: f6:0b:13:f7:71:c6:e2:85:21:89:52:61:f3:7e:6b: 2a:d3:6a:4b:8c:a2:8a:d1:96:25:df:53:fc:40:62: 1b:1a:ce:31:4a:32:fb:ba:65:d5:b0:dd:24:d0:c8: 72:04:b5:77:b4:9b:3d:8b:09:d6:7f:a7:bc:c1:a6: 3e:c7:7d:a9:f5:95:ad:ed:60:6c:49:98:24:b0:fb: e4:0c:43:c0:c0:bc:09:f9:34:9c:16:eb:60:05:61: 30:bc:11:52:4f:bf:45:ee:22:d8:9f:fa:af:5f:3b: 26:73:42:4d:38:85:61:7e:5a:2d:b3:8c:32:00:73: 27:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:17:0B:CE:5B:7D:04:19:97:AC:1B:0A:79:77:5F:87:AA:85:90:10 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868cbba8-4804-4fbd-b9b8-7e9402c44956.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06f:9000::/40 Signature Algorithm: sha256WithRSAEncryption 57:20:b6:90:89:03:85:ed:4a:32:fe:81:d4:d4:6e:e3:a4:ba: f7:dc:3a:d3:65:5a:ad:a4:7f:48:b1:a2:9f:ce:f8:45:67:e4: 11:3e:6f:5b:f6:66:f4:0b:f4:79:b5:0c:e2:21:5c:c2:df:3c: e3:3e:8a:30:d8:cf:03:c5:07:cb:24:ed:7b:6f:37:e7:31:fd: 98:fe:70:57:32:4c:be:5a:f2:07:a2:7d:d3:ab:f3:fa:04:de: ba:e8:b5:20:68:b8:38:09:e0:d5:eb:72:83:ee:de:fa:b9:ec: 67:16:a3:2c:2a:69:09:9f:1c:2b:8c:62:64:c3:8f:40:71:3e: 2c:4d:d6:e1:67:10:99:a8:6a:b1:57:cb:c2:7f:5b:7a:19:35: c9:33:3c:96:7b:4e:d6:62:a5:28:cb:7a:80:bd:58:0e:99:42: aa:c5:b2:ad:50:2a:4f:ea:c8:9d:5d:ec:e0:90:a4:4f:ba:4a: 42:3a:9c:90:c6:53:7f:b0:ba:36:9f:3b:0b:d6:f8:df:d7:1a: 74:64:07:98:7a:08:07:cc:b6:8f:63:1d:8d:13:5f:20:fb:19: 86:cd:32:73:14:ba:98:29:21:b9:22:7a:ce:9b:d5:62:b8:f5: a1:5b:87:cf:85:bf:7a:f5:9c:8e:52:ae:12:66:52:73:b8:67: 76:6e:17:25 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUechzi7hLsPmVBkZN76RKZKN77AwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjAwMzRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDhmNGEwOWQ2MjMxYzhhZjk2YzgzYTVmZmJhYjg3MDIzOWMxZTQ3YjQ1MjAx MGE1NGY4NGY1MjhmNjcxYTRkMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK9g1RvYWBua8sziEG5mcUrwvxYixn+pF3c0fLmKeIzTbpgurYzfw8QIdg0D BKnBfoGqQtxRSL1rUQPFBoLaDL0G1wZqn/FyoQzBeYINJjdEnpnatu2T/ATM4064 u+NOUlJ8wz4oPNSJvOh+t7BSZZA7bRAC7dfNEt3Z2hh67jD+EI2lZWbC9gsT93HG 4oUhiVJh835rKtNqS4yiitGWJd9T/EBiGxrOMUoy+7pl1bDdJNDIcgS1d7SbPYsJ 1n+nvMGmPsd9qfWVre1gbEmYJLD75AxDwMC8Cfk0nBbrYAVhMLwRUk+/Re4i2J/6 r187JnNCTTiFYX5aLbOMMgBzJ7kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6FwvO W30EGZesGwp5d1+HqoWQEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv ODY4Y2JiYTgtNDgwNC00ZmJkLWI5YjgtN2U5NDAyYzQ0OTU2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+Q MA0GCSqGSIb3DQEBCwUAA4IBAQBXILaQiQOF7Uoy/oHU1G7jpLr33DrTZVqtpH9I saKfzvhFZ+QRPm9b9mb0C/R5tQziIVzC3zzjPoow2M8DxQfLJO17bzfnMf2Y/nBX Mky+WvIHon3Tq/P6BN666LUgaLg4CeDV63KD7t76uexnFqMsKmkJnxwrjGJkw49A cT4sTdbhZxCZqGqxV8vCf1t6GTXJMzyWe07WYqUoy3qAvVgOmUKqxbKtUCpP6sid XezgkKRPukpCOpyQxlN/sLo2nzsL1vjf1xp0ZAeYeggHzLaPYx2NE18g+xmGzTJz FLqYKSG5InrOm9ViuPWhW4fPhb969ZyOUq4SZlJzuGd2bhcl -----END CERTIFICATE-----Generated at Sat Dec 6 21:33:02 2025 by rpki-client