This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa File: 8e4adf38-a007-4c0e-8621-1e65a160ad12.roa (raw, json) Hash identifier: vfjbYLCa7te/VlUC9TpGptwU+ECDXGvPw4LVExK3S0I= Subject key identifier: 4A:78:98:4D:C9:31:4B:6E:A9:00:88:96:D4:A9:6B:E5:B8:67:39:46 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 54E7D98B7C37F3040447CE96ABB5D21E09EC6A21 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa Signing time: Sat 15 Nov 2025 05:50:12 +0000 ROA not before: Sat 15 Nov 2025 05:50:12 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07f:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:e7:d9:8b:7c:37:f3:04:04:47:ce:96:ab:b5:d2:1e:09:ec:6a:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 05:50:12 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=d76b79d9f268c53c7b034388583b182835bf1e554ef99493d880a336c941ed6f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:87:d4:36:5f:10:22:ef:fa:fb:c0:1a:f7:47: b8:7d:52:ad:43:42:b1:18:03:dd:08:14:f3:a9:62: e9:66:01:37:aa:94:c7:f7:39:b7:e2:cf:6d:7f:c4: ed:a3:90:59:0a:87:bb:90:ce:25:d7:a3:22:a1:c7: 82:2e:c1:1b:94:81:61:3f:7b:d4:d8:41:6f:98:d0: d0:cd:48:16:84:90:68:2c:7a:fe:9c:69:1c:92:f1: c2:6a:8e:42:b2:b1:25:73:f0:4a:67:41:e5:73:91: 7c:2e:97:31:ef:12:6f:94:e8:87:66:41:93:ec:fe: 49:3a:1b:25:76:b5:b2:09:b2:34:12:91:90:f4:e0: 65:ec:13:64:47:3a:67:db:bf:de:d0:27:3c:5f:5c: d9:d7:6b:fe:50:43:9c:d2:bb:19:99:71:5e:fc:4a: 1a:20:e9:61:db:ec:c5:f8:13:76:7d:85:d3:7f:cd: 5f:9e:d0:d8:6a:fb:55:97:31:8b:00:26:fe:ee:7f: 4d:2d:fc:e0:3d:e6:b7:09:79:6a:fe:ee:c8:ac:2d: e6:e6:c3:4f:ce:e6:77:ec:a0:b1:00:d9:b2:c3:a0: 6a:b5:38:d3:1c:d5:e9:86:79:bf:f1:89:21:b4:fb: 33:39:42:50:5e:e3:02:7a:6f:fa:9f:79:c9:4f:34: 67:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:78:98:4D:C9:31:4B:6E:A9:00:88:96:D4:A9:6B:E5:B8:67:39:46 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07f:2000::/40 Signature Algorithm: sha256WithRSAEncryption 49:0a:69:e5:2d:8a:38:da:98:50:b2:51:58:e5:ce:d0:44:b9: 9e:3c:83:a4:1e:50:de:d2:a6:9d:6b:b7:c7:c5:8f:71:9b:94: 39:00:91:aa:c2:03:8b:2e:1a:d6:b2:37:94:37:87:85:90:dc: e6:31:78:14:1b:de:c5:57:d5:a3:3b:67:4e:10:39:4d:d4:1c: b3:37:b4:98:84:33:94:fe:b5:b9:41:02:65:bf:69:b1:b1:23: c4:a4:47:be:d1:95:aa:26:8a:9e:76:47:11:dd:fd:7e:ad:0b: 4c:a3:70:55:78:09:ea:c6:54:32:cf:ed:b9:55:dc:8b:61:54: 3e:c4:7d:ed:69:e2:ba:85:49:57:d4:fb:86:ff:e9:2e:5e:a1: 06:55:fc:18:48:fe:c4:eb:4d:68:31:b7:d1:f6:09:31:7b:8b: 97:0d:45:11:c7:23:07:9e:ae:a6:df:33:81:0f:da:ce:3d:22: 74:ff:72:ee:57:e6:ab:33:34:36:fa:42:71:aa:b0:53:57:7f: 93:7e:ea:fa:24:45:58:3f:fe:e2:2c:ad:fe:46:25:8c:c6:6d: 79:9d:47:c6:85:80:4d:0f:4b:b3:6c:de:d3:7a:70:9c:d8:1c: 7b:39:60:d7:9f:77:76:2e:67:e7:2c:5e:4e:66:3e:b6:b3:b1: a5:44:dc:c4 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUVOfZi3w38wQER86Wq7XSHgnsaiEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNTUwMTJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGQ3NmI3OWQ5ZjI2OGM1M2M3YjAzNDM4ODU4M2IxODI4MzViZjFlNTU0ZWY5 OTQ5M2Q4ODBhMzM2Yzk0MWVkNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqH1DZfECLv+vvAGvdHuH1SrUNCsRgD3QgU86li6WYBN6qUx/c5t+LPbX/E 7aOQWQqHu5DOJdejIqHHgi7BG5SBYT971NhBb5jQ0M1IFoSQaCx6/pxpHJLxwmqO QrKxJXPwSmdB5XORfC6XMe8Sb5Toh2ZBk+z+STobJXa1sgmyNBKRkPTgZewTZEc6 Z9u/3tAnPF9c2ddr/lBDnNK7GZlxXvxKGiDpYdvsxfgTdn2F03/NX57Q2Gr7VZcx iwAm/u5/TS384D3mtwl5av7uyKwt5ubDT87md+ygsQDZssOgarU40xzV6YZ5v/GJ IbT7MzlCUF7jAnpv+p95yU80ZycCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRKeJhN yTFLbqkAiJbUqWvluGc5RjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGU0YWRmMzgtYTAwNy00YzBlLTg2MjEtMWU2NWExNjBhZDEyLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8g MA0GCSqGSIb3DQEBCwUAA4IBAQBJCmnlLYo42phQslFY5c7QRLmePIOkHlDe0qad a7fHxY9xm5Q5AJGqwgOLLhrWsjeUN4eFkNzmMXgUG97FV9WjO2dOEDlN1ByzN7SY hDOU/rW5QQJlv2mxsSPEpEe+0ZWqJoqedkcR3f1+rQtMo3BVeAnqxlQyz+25VdyL YVQ+xH3taeK6hUlX1PuG/+kuXqEGVfwYSP7E601oMbfR9gkxe4uXDUURxyMHnq6m 3zOBD9rOPSJ0/3LuV+arMzQ2+kJxqrBTV3+Tfur6JEVYP/7iLK3+RiWMxm15nUfG hYBND0uzbN7TenCc2Bx7OWDXn3d2LmfnLF5OZj62s7GlRNzE -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:24 2025 by rpki-client