This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa File: 8aeef071-ad76-436d-a059-ad727b09eb3b.roa (raw, json) Hash identifier: i0xl5KeMJsLDDlO6lmubkyJ+6XexjRV+y9EDrLHrpj8= Subject key identifier: 03:08:BE:2C:FF:7D:5A:FC:2F:E8:6C:E0:77:5A:3D:AF:05:2F:D9:51 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 2EF63E9B38CA8163E84BC7B9B336BBA17B1FEF83 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa Signing time: Sat 15 Nov 2025 06:21:10 +0000 ROA not before: Sat 15 Nov 2025 06:21:10 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d038:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:f6:3e:9b:38:ca:81:63:e8:4b:c7:b9:b3:36:bb:a1:7b:1f:ef:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:21:10 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=e2417c5dfe28ec3cb52b275511a798d50f72898e1dcb74247a14d4b828a10da0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:34:16:56:6d:8c:93:ba:0b:a3:50:9e:85:d4: 27:f3:95:07:93:4c:d4:cf:e2:fe:35:10:70:87:96: a0:1e:2c:40:3d:5b:98:e8:13:80:ae:7c:34:5a:65: de:8b:67:51:e7:61:cf:6d:51:94:2c:db:d6:99:eb: f8:5d:65:f7:67:76:4c:a0:0d:ef:36:39:3f:bf:bb: 34:09:34:90:18:83:b9:db:44:7c:6e:bc:5b:c2:6a: 0f:50:1e:88:14:ac:12:9f:60:4b:9c:f3:ef:d6:07: 6b:78:60:c2:27:37:4f:2a:c4:71:f3:99:5a:67:da: f9:ae:e4:93:58:ba:06:74:1b:eb:3d:4e:17:86:14: 87:af:12:0c:ed:20:74:f2:76:8c:e1:01:78:00:de: 8b:5d:c4:78:fd:ca:33:3a:62:6a:79:11:3f:eb:8b: 9d:48:8a:2f:30:0d:23:23:a8:1a:5c:b7:1c:44:a0: 9d:17:bc:59:ed:f4:a9:c4:a2:9b:4a:b9:3f:63:2e: 4c:9f:eb:5f:19:01:cd:48:b2:16:56:f2:92:4a:1e: 7f:a1:78:79:c5:43:e3:77:12:b6:a0:26:60:0d:7c: 95:0e:5f:f2:a7:b8:87:42:87:f8:f1:80:c7:89:e8: 98:cb:77:27:ec:ee:92:59:75:b3:b1:8e:d9:19:f8: c1:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:08:BE:2C:FF:7D:5A:FC:2F:E8:6C:E0:77:5A:3D:AF:05:2F:D9:51 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8aeef071-ad76-436d-a059-ad727b09eb3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d038:2000::/40 Signature Algorithm: sha256WithRSAEncryption 64:2f:1a:b2:08:b3:48:99:30:b7:bc:42:13:e9:3e:06:09:12: 08:ec:30:d5:d0:29:cc:01:70:5d:b5:59:66:14:c5:bc:c6:83: a4:27:46:91:3c:98:56:9f:96:c1:82:12:24:4d:5a:ad:0f:cf: b3:e5:a0:28:f3:b2:c1:dc:23:60:a2:cc:94:ce:60:d6:98:9a: c7:fc:8d:dd:30:8b:90:ed:73:92:d1:b3:15:65:ca:f3:8f:b8: 44:4e:fe:b9:21:fc:5d:48:a6:fe:89:47:df:1f:60:42:b6:11: 6b:89:d0:ad:13:5f:04:10:25:fb:e6:14:fe:b0:aa:b5:7b:c4: ea:e9:24:41:13:70:69:1d:bc:90:30:95:25:4d:af:a9:07:ac: 14:9d:f8:da:b3:f1:ff:a8:ca:3d:3c:14:b3:70:d6:88:ee:db: 90:5d:7a:0e:8c:86:39:57:f0:53:c7:c3:cc:3e:fd:b6:00:0a: 59:6d:80:41:ff:ed:04:75:16:1c:b9:f2:27:66:ff:21:0b:c6: b3:d7:1b:b9:de:15:63:e1:07:2d:51:b1:d2:6a:b1:86:b7:0d: d4:0a:6e:6b:6c:30:26:41:a7:fb:f1:88:25:2d:94:f5:cb:9d: 26:8d:26:ba:bf:c3:06:7b:91:55:82:f1:3e:32:04:c3:4f:93: 40:ce:fe:ad -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIULvY+mzjKgWPoS8e5sza7oXsf74MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIxMTBaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGUyNDE3YzVkZmUyOGVjM2NiNTJiMjc1NTExYTc5OGQ1MGY3Mjg5OGUxZGNi NzQyNDdhMTRkNGI4MjhhMTBkYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJY0FlZtjJO6C6NQnoXUJ/OVB5NM1M/i/jUQcIeWoB4sQD1bmOgTgK58NFpl 3otnUedhz21RlCzb1pnr+F1l92d2TKAN7zY5P7+7NAk0kBiDudtEfG68W8JqD1Ae iBSsEp9gS5zz79YHa3hgwic3TyrEcfOZWmfa+a7kk1i6BnQb6z1OF4YUh68SDO0g dPJ2jOEBeADei13EeP3KMzpiankRP+uLnUiKLzANIyOoGly3HESgnRe8We30qcSi m0q5P2MuTJ/rXxkBzUiyFlbykkoef6F4ecVD43cStqAmYA18lQ5f8qe4h0KH+PGA x4nomMt3J+zukll1s7GO2Rn4wSUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDCL4s /31a/C/obOB3Wj2vBS/ZUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGFlZWYwNzEtYWQ3Ni00MzZkLWEwNTktYWQ3MjdiMDllYjNiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dgg MA0GCSqGSIb3DQEBCwUAA4IBAQBkLxqyCLNImTC3vEIT6T4GCRII7DDV0CnMAXBd tVlmFMW8xoOkJ0aRPJhWn5bBghIkTVqtD8+z5aAo87LB3CNgosyUzmDWmJrH/I3d MIuQ7XOS0bMVZcrzj7hETv65IfxdSKb+iUffH2BCthFridCtE18EECX75hT+sKq1 e8Tq6SRBE3BpHbyQMJUlTa+pB6wUnfjas/H/qMo9PBSzcNaI7tuQXXoOjIY5V/BT x8PMPv22AApZbYBB/+0EdRYcufInZv8hC8az1xu53hVj4QctUbHSarGGtw3UCm5r bDAmQaf78YglLZT1y50mjSa6v8MGe5FVgvE+MgTDT5NAzv6t -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:09 2025 by rpki-client