This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa File: 915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa (raw, json) Hash identifier: klEHI6IbnMaIZgaHBdnYL/ID3ZKvWNECT6LwGshAOjY= Subject key identifier: 60:5F:32:F2:AC:66:A7:10:96:C0:0F:D3:82:C6:4F:B2:1E:6D:2A:4A Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 106938B1BA0F2D8A66CD28B46203E33247AC5DE3 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa Signing time: Sat 15 Nov 2025 06:21:08 +0000 ROA not before: Sat 15 Nov 2025 06:21:08 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d010:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:69:38:b1:ba:0f:2d:8a:66:cd:28:b4:62:03:e3:32:47:ac:5d:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 15 06:21:08 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=999e6c2182b2341c24109b61d630f850f5e00190c2c22c19355d62fa9761f228, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:95:4f:6e:e8:a1:d8:00:a1:2f:b7:76:db:7e: f3:27:b8:ec:37:64:00:50:cd:ef:38:f9:c8:5a:3a: a0:b4:00:e6:6d:d9:65:4b:b9:c2:ed:5e:67:f1:46: 63:c9:2f:99:37:e1:09:f0:1b:1a:2f:47:fe:e5:66: f4:40:e6:68:bd:09:ce:0a:4c:ba:1c:07:10:b7:93: e8:5b:24:70:72:1f:f7:b3:72:eb:ca:3d:a4:94:7a: 16:45:eb:98:b9:df:89:6a:a8:4e:b0:76:fd:11:60: ee:7e:ea:de:e8:fa:7f:70:cb:81:1b:9c:cb:2d:7e: 61:e5:09:94:9f:7f:51:02:81:cd:c7:54:90:7b:a7: 41:10:0b:ec:da:57:1e:d9:ca:55:8b:d1:6b:b1:99: d3:6e:6e:0e:6a:15:1b:59:61:83:3e:b4:5a:09:75: f6:3d:79:c4:cf:2c:67:b2:41:4d:a4:ec:10:e3:54: cd:78:43:06:b7:a2:dc:29:76:13:1c:99:8d:d6:f0: 1e:d2:ac:cb:73:4f:1e:9c:54:45:f0:b2:d4:80:51: 93:f2:d1:a5:3d:5c:09:1b:f7:4a:05:76:9e:0a:a8: 1c:55:c4:4e:e1:56:f3:d6:33:cc:93:54:64:83:ab: b4:12:75:85:b2:4f:6f:73:3e:4b:95:83:10:5e:d8: 0a:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:5F:32:F2:AC:66:A7:10:96:C0:0F:D3:82:C6:4F:B2:1E:6D:2A:4A X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/915ccef6-b06f-4e11-be9a-8b9a229ff52b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d010:8000::/36 Signature Algorithm: sha256WithRSAEncryption 1e:fd:7e:ba:85:a1:ef:e1:50:58:ab:d0:2e:57:41:4e:ac:2c: e3:d9:f5:1d:01:94:c0:be:df:2e:4a:71:7f:22:b0:2a:f8:c4: 9d:7e:18:c4:2f:5e:8b:cd:8d:3f:f5:00:9e:15:0f:f3:a5:f6: d5:25:ec:69:ba:0c:4c:f7:ae:53:d2:a9:97:04:be:2c:c6:de: cc:8d:41:d1:28:a8:a8:a3:c6:8f:0f:a6:f2:ce:cc:55:e1:bc: 1f:22:61:49:c0:72:28:32:b5:41:65:26:6f:02:9b:03:5c:aa: e2:54:35:37:fd:1b:5f:16:8f:2f:ad:fd:67:80:f2:c2:e8:18: 45:bd:1a:73:88:23:a5:d1:fb:9a:8b:b5:7d:25:2b:24:3a:b9: 20:4d:43:50:35:0b:b1:87:07:43:4a:0b:cf:64:03:5c:61:f8: 0c:90:c8:e1:73:fb:a2:2a:aa:20:9f:aa:90:4c:f1:d3:65:f7: 85:a2:fd:4d:f3:93:44:76:2d:31:bb:83:4b:e6:1d:b3:90:90: f4:d5:e8:ec:97:ff:3d:d3:b5:eb:ab:b1:dc:e5:24:8c:0b:bf: c7:b5:3c:cd:41:19:ae:84:e4:d5:28:a8:e9:44:48:04:39:55: 6f:36:b6:52:af:c4:0f:ae:7b:28:b5:08:79:4b:4e:d1:b9:f4: b0:02:19:7b -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUEGk4sboPLYpmzSi0YgPjMkesXeMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTUwNjIxMDhaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV BAUTQDk5OWU2YzIxODJiMjM0MWMyNDEwOWI2MWQ2MzBmODUwZjVlMDAxOTBjMmMy MmMxOTM1NWQ2MmZhOTc2MWYyMjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJqVT27oodgAoS+3dtt+8ye47DdkAFDN7zj5yFo6oLQA5m3ZZUu5wu1eZ/FG Y8kvmTfhCfAbGi9H/uVm9EDmaL0JzgpMuhwHELeT6FskcHIf97Ny68o9pJR6FkXr mLnfiWqoTrB2/RFg7n7q3uj6f3DLgRucyy1+YeUJlJ9/UQKBzcdUkHunQRAL7NpX HtnKVYvRa7GZ025uDmoVG1lhgz60Wgl19j15xM8sZ7JBTaTsEONUzXhDBrei3Cl2 ExyZjdbwHtKsy3NPHpxURfCy1IBRk/LRpT1cCRv3SgV2ngqoHFXETuFW89YzzJNU ZIOrtBJ1hbJPb3M+S5WDEF7YCqUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgXzLy rGanEJbAD9OCxk+yHm0qSjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTE1Y2NlZjYtYjA2Zi00ZTExLWJlOWEtOGI5YTIyOWZmNTJiLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BCA MA0GCSqGSIb3DQEBCwUAA4IBAQAe/X66haHv4VBYq9AuV0FOrCzj2fUdAZTAvt8u SnF/IrAq+MSdfhjEL16LzY0/9QCeFQ/zpfbVJexpugxM965T0qmXBL4sxt7MjUHR KKioo8aPD6byzsxV4bwfImFJwHIoMrVBZSZvApsDXKriVDU3/RtfFo8vrf1ngPLC 6BhFvRpziCOl0fuai7V9JSskOrkgTUNQNQuxhwdDSgvPZANcYfgMkMjhc/uiKqog n6qQTPHTZfeFov1N85NEdi0xu4NL5h2zkJD01ejsl/8907Xrq7Hc5SSMC7/HtTzN QRmuhOTVKKjpREgEOVVvNrZSr8QPrnsotQh5S07RufSwAhl7 -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:39 2025 by rpki-client