This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa File: 8eb63ceb-3350-490c-9a1a-85b2563a8947.roa (raw, json) Hash identifier: sZaO2mwBLOLP71m5I4981uXtE2iDck5cGoFjIBgoRrQ= Subject key identifier: F4:C3:B1:58:C6:44:AB:72:6A:2A:49:43:C9:75:4E:32:97:62:E5:AA Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 6789C3C7B43266C275C8225B3F3FA0D89B14258F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa Signing time: Sat 15 Nov 2025 06:30:36 +0000 ROA not before: Sat 15 Nov 2025 06:30:36 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:89:c3:c7:b4:32:66:c2:75:c8:22:5b:3f:3f:a0:d8:9b:14:25:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:30:36 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=e57ce481ba5267e90925f6297c5582108d4256c537bf3b68faeade4dd3b54442, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:14:85:9a:72:35:9f:30:5b:26:36:c2:ad:1e: 35:4e:c4:e0:b9:88:9a:d6:fd:bf:6f:f7:51:bc:14: f2:df:27:7b:05:73:67:86:fc:85:58:a7:d9:be:dc: ef:78:3f:ad:4e:0f:96:44:87:ae:cb:6b:f4:0b:83: b9:b9:14:54:33:4d:eb:a2:38:b1:cf:ab:9f:5c:88: 9e:63:68:da:6f:b1:79:8f:00:31:74:c5:ab:5a:5d: df:fa:6b:41:23:c7:96:1a:a6:88:64:f6:90:27:45: 34:4f:8a:37:6f:66:55:1c:ff:5d:5e:3e:f6:55:d6: 2c:d3:b0:9c:ec:be:0f:6b:fe:f7:1f:32:85:27:6e: 85:5c:ca:ce:1b:c3:1e:57:37:f4:4d:f3:66:e8:28: a8:8f:1b:69:1f:e8:e1:82:80:e7:c5:c2:9c:62:02: f4:f0:ee:56:ed:fd:eb:1c:53:67:fb:17:5c:7c:00: da:c1:ad:2c:5b:fd:1c:21:cb:87:45:a8:aa:91:db: 76:9f:7f:bf:69:0d:1f:a5:fe:d3:ad:01:6b:d0:31: 1f:55:f8:6b:72:33:86:2f:a4:35:d4:5b:62:b7:c4: 17:fc:9e:64:de:a8:fb:13:b7:b5:15:76:0b:81:2a: e1:cc:18:2c:c4:9d:42:49:d6:e4:47:dc:49:02:6a: 2d:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:C3:B1:58:C6:44:AB:72:6A:2A:49:43:C9:75:4E:32:97:62:E5:AA X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8eb63ceb-3350-490c-9a1a-85b2563a8947.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:4000::/40 Signature Algorithm: sha256WithRSAEncryption 8d:4d:84:3d:dd:c8:4c:a1:be:24:7f:e8:c8:fb:98:12:e2:70: 8d:5f:42:c4:bb:e6:17:f2:eb:4d:4d:8b:85:d4:60:ad:a1:e9: d0:ac:0a:54:1e:62:4d:f9:d5:f5:47:fe:85:0a:59:7c:d3:6d: 2b:4d:64:35:95:56:33:97:bb:21:cd:38:e7:58:d8:a1:ca:8c: 7d:f3:0a:1f:ef:9b:62:8b:cb:79:fb:d2:2a:0a:0d:a0:95:6d: 35:1c:1f:50:ae:49:24:1c:66:50:b5:aa:dd:01:a7:0d:59:ca: 0b:f3:16:5a:4e:0c:a2:c5:32:1f:08:86:5d:c6:ee:68:72:f8: 5d:3f:b4:ba:51:10:3b:30:9e:94:4b:16:45:f0:66:b2:75:71: b2:1f:17:ba:84:9a:c8:e1:e3:43:95:05:30:47:25:c2:90:9a: 98:95:ed:b5:22:a5:82:34:d7:61:1d:e6:c7:76:12:c0:3a:d2: 5f:14:de:00:94:c7:a8:ac:be:e9:2d:64:02:eb:ad:d8:72:96: f3:ba:a7:fc:0a:a1:98:56:b5:4b:c9:b5:2f:35:29:80:6e:e4: 9d:cb:96:1b:38:bd:19:57:3d:28:84:e3:45:bd:76:86:6f:8f: 27:f1:93:1a:fe:1c:cf:9d:73:5b:74:5a:a9:13:d9:ec:0e:e0: 07:0e:f2:0d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUZ4nDx7QyZsJ1yCJbPz+g2JsUJY8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjMwMzZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQGU1N2NlNDgxYmE1MjY3ZTkwOTI1ZjYyOTdjNTU4MjEwOGQ0MjU2YzUzN2Jm M2I2OGZhZWFkZTRkZDNiNTQ0NDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKUUhZpyNZ8wWyY2wq0eNU7E4LmImtb9v2/3UbwU8t8newVzZ4b8hVin2b7c 73g/rU4PlkSHrstr9AuDubkUVDNN66I4sc+rn1yInmNo2m+xeY8AMXTFq1pd3/pr QSPHlhqmiGT2kCdFNE+KN29mVRz/XV4+9lXWLNOwnOy+D2v+9x8yhSduhVzKzhvD Hlc39E3zZugoqI8baR/o4YKA58XCnGIC9PDuVu396xxTZ/sXXHwA2sGtLFv9HCHL h0WoqpHbdp9/v2kNH6X+060Ba9AxH1X4a3Izhi+kNdRbYrfEF/yeZN6o+xO3tRV2 C4Eq4cwYLMSdQknW5EfcSQJqLe0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0w7FY xkSrcmoqSUPJdU4yl2LlqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OGViNjNjZWItMzM1MC00OTBjLTlhMWEtODViMjU2M2E4OTQ3LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFA MA0GCSqGSIb3DQEBCwUAA4IBAQCNTYQ93chMob4kf+jI+5gS4nCNX0LEu+YX8utN TYuF1GCtoenQrApUHmJN+dX1R/6FCll8020rTWQ1lVYzl7shzTjnWNihyox98wof 75tii8t5+9IqCg2glW01HB9QrkkkHGZQtardAacNWcoL8xZaTgyixTIfCIZdxu5o cvhdP7S6URA7MJ6USxZF8GaydXGyHxe6hJrI4eNDlQUwRyXCkJqYle21IqWCNNdh HebHdhLAOtJfFN4AlMeorL7pLWQC663Ycpbzuqf8CqGYVrVLybUvNSmAbuSdy5Yb OL0ZVz0ohONFvXaGb48n8ZMa/hzPnXNbdFqpE9nsDuAHDvIN -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:34 2025 by rpki-client