This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa File: 8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa (raw, json) Hash identifier: pn3unHO04RCBwS7VHJYpUG3VCRxgm+TYNlt1gv64Q/c= Subject key identifier: CE:E4:A9:EA:9B:97:05:99:3E:65:8F:2B:A9:CC:90:77:F4:31:BB:3B Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 68D7FBDE9C021818BFBE0296264A7091C0D0B13B Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa Signing time: Wed 10 Dec 2025 06:01:20 +0000 ROA not before: Wed 10 Dec 2025 06:01:20 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d036:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:d7:fb:de:9c:02:18:18:bf:be:02:96:26:4a:70:91:c0:d0:b1:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:01:20 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=f88d17fcc718fe9b3a01026b95a6d318e9fd6cfcd9919c25e036f1044f924f01, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:58:1a:2e:0c:5b:f9:64:79:09:fd:07:aa:9d: 25:aa:18:2b:50:f1:ea:c7:70:a5:25:0c:4d:ac:57: 73:32:61:a9:91:21:4b:13:61:7b:a0:35:56:f1:1b: c0:03:a2:ef:60:a1:bf:65:7f:0d:99:b1:22:e7:92: c1:04:f3:55:93:f4:8e:c3:d1:ba:f0:e8:f0:2b:3f: 46:85:13:bd:54:25:d2:5d:d3:cd:c5:69:18:3f:5c: f2:b9:79:d7:dd:86:a0:bc:87:30:d6:34:17:5b:af: b3:58:60:57:1b:e0:21:39:c2:e5:3d:f4:34:58:cc: 7d:0e:cf:93:c7:e8:4e:11:cf:5f:06:40:52:4d:85: e5:85:23:ee:40:89:9a:17:c7:3d:27:fa:4a:87:2d: 43:d5:3c:4f:15:c2:37:ac:8e:57:82:73:46:ea:5c: 36:78:52:7e:67:f0:8f:28:9a:11:9e:5e:a3:3e:f4: 00:1b:d3:03:5d:d9:e3:b4:5c:6d:4c:80:e9:c8:91: b4:e1:3e:e0:0a:d5:1f:06:79:f0:5d:21:0d:83:a0: f6:39:d7:14:7e:87:a5:b3:e3:f0:a2:01:64:ab:f0: 45:3d:37:92:76:e8:c8:da:5c:6f:5b:81:38:ce:ce: 6a:4c:d0:2d:a7:f5:02:f6:79:b2:9f:ee:88:a3:cb: 8a:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:E4:A9:EA:9B:97:05:99:3E:65:8F:2B:A9:CC:90:77:F4:31:BB:3B X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8dc7d5ba-b1e9-4c1c-a190-214731b71b49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d036:e000::/40 Signature Algorithm: sha256WithRSAEncryption 64:6c:f1:e4:d9:be:b8:33:a3:17:f4:c5:37:8a:25:0a:3d:aa: de:a6:c0:0f:ad:5e:90:a3:c1:a5:4c:fb:82:b3:e7:40:07:0d: 98:f4:88:1f:f4:83:09:70:3e:7b:c0:0e:26:c7:ed:40:82:96: 7d:14:7a:0b:b1:5a:04:9c:80:d4:14:cb:c5:8e:a7:dd:9e:0f: e8:1a:5a:20:d6:ab:fa:ad:c6:c0:ea:4b:c9:39:2a:fd:8b:45: f4:67:d9:33:ca:0c:22:5a:90:1e:e0:62:23:b0:d6:36:c9:40: 90:c6:41:0a:42:8d:23:0a:64:4a:c1:5a:4f:b5:0b:7a:7f:7e: 58:3e:c3:14:16:57:c9:7b:97:ba:54:71:97:fd:a4:d0:7c:ed: 15:63:d5:dc:64:5b:65:c5:8f:df:a2:db:6b:bd:f3:e7:15:18: 95:55:aa:50:b9:87:6e:70:3e:ee:f4:d7:85:41:35:98:7b:aa: c2:e2:96:ea:29:e2:62:62:e1:28:da:85:bf:21:14:a0:00:df: 82:9e:3b:e3:08:9b:d1:66:1b:fd:35:62:7b:e1:f6:92:da:84: 0e:5f:23:e9:15:00:6d:39:be:34:cb:61:6c:64:ea:18:87:b7: d1:5f:dc:1e:47:f4:0f:68:95:e6:be:0d:49:8c:b0:0b:56:2d: 84:e9:4e:19 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUaNf73pwCGBi/vgKWJkpwkcDQsTswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAxMjBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGY4OGQxN2ZjYzcxOGZlOWIzYTAxMDI2Yjk1YTZkMzE4ZTlmZDZjZmNkOTkx OWMyNWUwMzZmMTA0NGY5MjRmMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPJYGi4MW/lkeQn9B6qdJaoYK1Dx6sdwpSUMTaxXczJhqZEhSxNhe6A1VvEb wAOi72Chv2V/DZmxIueSwQTzVZP0jsPRuvDo8Cs/RoUTvVQl0l3TzcVpGD9c8rl5 192GoLyHMNY0F1uvs1hgVxvgITnC5T30NFjMfQ7Pk8foThHPXwZAUk2F5YUj7kCJ mhfHPSf6SoctQ9U8TxXCN6yOV4JzRupcNnhSfmfwjyiaEZ5eoz70ABvTA13Z47Rc bUyA6ciRtOE+4ArVHwZ58F0hDYOg9jnXFH6HpbPj8KIBZKvwRT03knboyNpcb1uB OM7OakzQLaf1AvZ5sp/uiKPLioMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTO5Knq m5cFmT5ljyupzJB39DG7OzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGRjN2Q1YmEtYjFlOS00YzFjLWExOTAtMjE0NzMxYjcxYjQ5LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dbg MA0GCSqGSIb3DQEBCwUAA4IBAQBkbPHk2b64M6MX9MU3iiUKParepsAPrV6Qo8Gl TPuCs+dABw2Y9Igf9IMJcD57wA4mx+1AgpZ9FHoLsVoEnIDUFMvFjqfdng/oGlog 1qv6rcbA6kvJOSr9i0X0Z9kzygwiWpAe4GIjsNY2yUCQxkEKQo0jCmRKwVpPtQt6 f35YPsMUFlfJe5e6VHGX/aTQfO0VY9XcZFtlxY/fottrvfPnFRiVVapQuYducD7u 9NeFQTWYe6rC4pbqKeJiYuEo2oW/IRSgAN+CnjvjCJvRZhv9NWJ74faS2oQOXyPp FQBtOb40y2FsZOoYh7fRX9weR/QPaJXmvg1JjLALVi2E6U4Z -----END CERTIFICATE-----Generated at Mon Dec 15 15:30:22 2025 by rpki-client