This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b578938-3dca-4d72-8385-f8a93e508377.roa File: 8b578938-3dca-4d72-8385-f8a93e508377.roa (raw, json) Hash identifier: BfXqrXWHAcRUL1TkvyTJrVpLD7h/kcnXPRLkefbakJo= Subject key identifier: 5D:29:55:32:24:1E:83:A1:B8:50:14:98:E0:78:B4:4E:00:B8:49:AE Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1B217C7BA1CD9CFAFC459231BF32DBC7CEC1FCF6 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b578938-3dca-4d72-8385-f8a93e508377.roa Signing time: Sat 15 Nov 2025 06:10:09 +0000 ROA not before: Sat 15 Nov 2025 06:10:09 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d019:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:21:7c:7b:a1:cd:9c:fa:fc:45:92:31:bf:32:db:c7:ce:c1:fc:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:10:09 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=96e99e771418de6415abc1582c12eb5b1669f145e2aa38a74da305674e5697f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:7b:bc:ee:60:a7:5c:57:2e:de:8f:ae:75:03: b8:04:f6:82:5e:e2:ae:56:d0:80:2c:76:14:57:7d: 99:b1:f7:7c:39:49:67:7f:c7:89:ce:12:a9:7d:2f: d5:f4:97:91:62:de:cc:09:99:08:b8:84:1b:dd:39: a6:fd:29:bc:1e:3f:ca:a2:3d:ee:6d:20:38:06:7f: 47:a5:88:56:3e:2e:d9:82:7a:6f:85:1c:8d:73:76: 78:6f:6d:49:67:90:c8:41:6c:7f:2c:10:f0:93:37: ff:4c:e0:f2:64:45:78:98:c7:63:2f:68:96:18:3f: 40:ea:cf:89:39:21:17:69:63:47:31:f5:8c:71:62: 86:1e:ec:db:ff:f7:82:d5:35:92:f7:fc:68:3d:36: 48:af:8b:72:c0:d6:19:26:97:30:ad:52:45:d9:f5: cd:4d:17:cd:46:9f:6c:03:50:a0:f9:73:bc:cb:12: 9e:ad:4a:23:de:f6:d5:1d:78:da:77:50:99:0a:22: 1e:98:c2:1d:b7:fa:15:7b:88:3b:23:71:81:d6:f6: 9f:1a:c1:88:a0:c0:73:f9:25:fa:c2:cb:a2:42:8b: 75:5f:19:18:bd:a6:dc:91:60:63:b6:6b:3b:56:42: 8b:47:21:7a:d5:9b:10:37:e9:e7:bc:d0:38:e0:a8: f0:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:29:55:32:24:1E:83:A1:B8:50:14:98:E0:78:B4:4E:00:B8:49:AE X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b578938-3dca-4d72-8385-f8a93e508377.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d019:400::/38 Signature Algorithm: sha256WithRSAEncryption 2c:c1:88:a5:e6:6b:df:32:fa:cf:0e:ab:08:90:9c:f4:fe:ff: 85:35:55:52:2b:e4:8d:35:01:d4:c0:4d:a2:00:d5:f5:a0:92: 98:05:ac:f4:d8:df:15:63:33:23:bf:d4:15:8a:6f:54:da:d8: fb:29:76:19:1b:9f:fd:36:ac:4d:a5:d9:1e:ba:d0:6d:27:0d: 0c:b1:4c:92:2b:6b:28:16:a3:6d:80:9c:54:4e:1e:2b:1e:74: 6f:48:7a:34:d7:57:d7:e9:27:6e:26:f0:48:9a:90:ac:68:b6: 61:62:18:56:79:0a:2c:07:b1:75:19:d1:f9:55:1c:b7:25:c2: 72:3e:a4:23:c6:68:74:d1:20:fc:92:b5:42:43:0a:c7:fb:63: 1b:f6:d9:d8:3e:dd:53:d8:bf:08:14:00:7f:67:61:25:05:72: 1f:24:8e:d6:5f:55:40:ce:7f:d6:ca:f1:11:5d:5e:21:40:cd: 1b:a1:a3:c0:c2:f6:e5:56:46:27:d8:cf:2a:bb:44:a7:88:e7: 03:c1:6b:8d:57:41:d4:f5:c1:54:4f:e7:20:5a:da:2d:59:d2: c8:50:d5:98:07:67:2c:6a:b2:d1:0b:73:c4:4a:3a:e8:b7:1a: 1e:05:d8:71:3b:15:bb:a8:f2:d5:6c:14:e0:37:7e:fb:80:25: fe:fc:b4:dc -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUGyF8e6HNnPr8RZIxvzLbx87B/PYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjEwMDlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDk2ZTk5ZTc3MTQxOGRlNjQxNWFiYzE1ODJjMTJlYjViMTY2OWYxNDVlMmFh MzhhNzRkYTMwNTY3NGU1Njk3ZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO17vO5gp1xXLt6PrnUDuAT2gl7irlbQgCx2FFd9mbH3fDlJZ3/Hic4SqX0v 1fSXkWLezAmZCLiEG905pv0pvB4/yqI97m0gOAZ/R6WIVj4u2YJ6b4UcjXN2eG9t SWeQyEFsfywQ8JM3/0zg8mRFeJjHYy9olhg/QOrPiTkhF2ljRzH1jHFihh7s2//3 gtU1kvf8aD02SK+LcsDWGSaXMK1SRdn1zU0XzUafbANQoPlzvMsSnq1KI9721R14 2ndQmQoiHpjCHbf6FXuIOyNxgdb2nxrBiKDAc/kl+sLLokKLdV8ZGL2m3JFgY7Zr O1ZCi0chetWbEDfp57zQOOCo8JcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdKVUy JB6DobhQFJjgeLROALhJrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGI1Nzg5MzgtM2RjYS00ZDcyLTgzODUtZjhhOTNlNTA4Mzc3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkE MA0GCSqGSIb3DQEBCwUAA4IBAQAswYil5mvfMvrPDqsIkJz0/v+FNVVSK+SNNQHU wE2iANX1oJKYBaz02N8VYzMjv9QVim9U2tj7KXYZG5/9NqxNpdkeutBtJw0MsUyS K2soFqNtgJxUTh4rHnRvSHo011fX6SduJvBImpCsaLZhYhhWeQosB7F1GdH5VRy3 JcJyPqQjxmh00SD8krVCQwrH+2Mb9tnYPt1T2L8IFAB/Z2ElBXIfJI7WX1VAzn/W yvERXV4hQM0boaPAwvblVkYn2M8qu0SniOcDwWuNV0HU9cFUT+cgWtotWdLIUNWY B2csarLRC3PESjrotxoeBdhxOxW7qPLVbBTgN377gCX+/LTc -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:12 2025 by rpki-client