This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa File: 99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa (raw, json) Hash identifier: TMLBV5W+15vMSBym9H6m9wjH3iCwAqPH8qPtsXNJWOQ= Subject key identifier: 30:B6:B1:08:83:5A:56:74:DA:53:40:47:AF:A2:92:2A:6F:79:AC:89 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1DD34B0031B582EEC9AD6EC3EF0E3FCA411E12AA Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa Signing time: Sun 16 Nov 2025 00:00:06 +0000 ROA not before: Sun 16 Nov 2025 00:00:06 +0000 ROA not after: Sun 21 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d014:1000::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:d3:4b:00:31:b5:82:ee:c9:ad:6e:c3:ef:0e:3f:ca:41:1e:12:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 16 00:00:06 2025 GMT Not After : Dec 21 23:59:59 2025 GMT Subject: serialNumber=6097d43bc3e6a29bb47276004d86125eca1e08c65e02c929fa7c8bf9b991130c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a7:5b:84:58:93:a5:8b:d6:30:fb:17:37:fd: 45:f4:42:2a:83:b5:be:6c:54:f0:8f:63:e8:58:5b: 32:4d:51:2e:d4:b1:50:04:7b:1c:d5:68:b6:ba:91: 0d:14:b1:03:21:e8:be:e6:54:82:3b:eb:92:bc:22: 34:5b:92:38:fb:f8:34:42:f6:85:57:f6:4e:82:6d: 28:23:06:ab:6c:f7:08:f4:59:c7:97:c2:9e:fa:56: 53:6e:ab:a5:19:e0:5b:05:0c:3f:0c:73:a7:2e:f8: 50:a3:20:d0:ee:9b:0e:eb:de:56:bc:41:c0:07:3f: 38:a2:45:50:e7:a8:ee:e0:85:04:0e:27:67:c7:06: a4:9c:24:1b:e3:bf:bb:5b:11:36:ad:de:0f:8a:a4: d5:36:f4:9e:e9:de:81:5e:a4:c3:ba:2b:ce:5f:86: 87:9d:cf:9f:34:b6:a0:68:b8:09:25:4b:c2:0c:9c: 58:dd:a2:92:a1:3e:6d:19:95:9d:32:2e:dd:74:ab: 29:9f:9e:d2:94:c2:f5:60:9d:86:fa:1c:60:70:0a: f3:01:8e:f7:36:37:34:a3:06:c3:f6:a9:64:86:8d: 20:8a:bb:2f:10:32:d8:6e:61:4b:f5:05:56:d9:ca: 4b:13:ae:b2:23:00:2b:54:1e:82:3d:3c:7c:d9:c2: b7:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:B6:B1:08:83:5A:56:74:DA:53:40:47:AF:A2:92:2A:6F:79:AC:89 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d014:1000::/38 Signature Algorithm: sha256WithRSAEncryption 94:c9:a6:97:1b:b0:85:29:70:23:dc:bf:29:f9:55:fa:5a:c0: cb:79:fc:bc:7a:9c:d2:19:04:73:54:c0:3a:d0:b8:9b:86:d5: a8:06:44:18:32:ba:67:ec:fb:f5:55:a8:a1:ca:2a:1f:86:12: 6a:aa:b5:e1:59:70:74:9e:c4:a2:d0:40:dd:45:82:86:4b:0d: 96:32:5f:32:76:d8:c4:e9:25:bc:59:f4:51:5a:49:0f:dc:29: 31:07:08:65:6d:c6:89:b8:3d:99:23:f3:e4:ec:dd:66:1a:d7: cd:87:5e:55:fd:bd:6d:cd:d2:3d:8b:15:dd:0e:3f:78:ab:8a: 4c:0f:33:24:de:37:a1:35:5c:f9:13:d2:ab:a4:ad:d7:35:8f: aa:13:2d:88:b9:2c:e4:1e:e3:f8:13:16:64:af:89:25:03:cb: 0e:d1:54:d4:28:cf:27:42:ce:a4:78:e3:a0:0b:d6:c4:ea:ed: 96:55:e0:02:79:b0:f5:ae:e0:fd:bb:70:64:ca:a2:3b:23:23: d3:84:01:a5:b6:11:5a:67:26:48:cc:30:b7:bc:7c:31:aa:b1: 99:5c:9d:76:fc:26:c8:f5:dd:2f:1f:12:81:e5:0f:a8:bb:2f: 46:dd:1b:c9:96:0d:b5:9a:cb:74:4c:93:1c:0c:37:c8:13:b9: f2:bf:e2:41 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUHdNLADG1gu7JrW7D7w4/ykEeEqowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTYwMDAwMDZaFw0yNTEyMjEyMzU5NTlaMHoxSTBHBgNV BAUTQDYwOTdkNDNiYzNlNmEyOWJiNDcyNzYwMDRkODYxMjVlY2ExZTA4YzY1ZTAy YzkyOWZhN2M4YmY5Yjk5MTEzMGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKunW4RYk6WL1jD7Fzf9RfRCKoO1vmxU8I9j6FhbMk1RLtSxUAR7HNVotrqR DRSxAyHovuZUgjvrkrwiNFuSOPv4NEL2hVf2ToJtKCMGq2z3CPRZx5fCnvpWU26r pRngWwUMPwxzpy74UKMg0O6bDuveVrxBwAc/OKJFUOeo7uCFBA4nZ8cGpJwkG+O/ u1sRNq3eD4qk1Tb0nunegV6kw7orzl+Gh53PnzS2oGi4CSVLwgycWN2ikqE+bRmV nTIu3XSrKZ+e0pTC9WCdhvocYHAK8wGO9zY3NKMGw/apZIaNIIq7LxAy2G5hS/UF VtnKSxOusiMAK1Qegj08fNnCty8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwtrEI g1pWdNpTQEevopIqb3msiTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTliYzUyZjMtYjRmNS00NGViLTlhNTMtYzc0ZGEzZTk3MTNlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQQ MA0GCSqGSIb3DQEBCwUAA4IBAQCUyaaXG7CFKXAj3L8p+VX6WsDLefy8epzSGQRz VMA60LibhtWoBkQYMrpn7Pv1VaihyiofhhJqqrXhWXB0nsSi0EDdRYKGSw2WMl8y dtjE6SW8WfRRWkkP3CkxBwhlbcaJuD2ZI/Pk7N1mGtfNh15V/b1tzdI9ixXdDj94 q4pMDzMk3jehNVz5E9KrpK3XNY+qEy2IuSzkHuP4ExZkr4klA8sO0VTUKM8nQs6k eOOgC9bE6u2WVeACebD1ruD9u3BkyqI7IyPThAGlthFaZyZIzDC3vHwxqrGZXJ12 /CbI9d0vHxKB5Q+ouy9G3RvJlg21mst0TJMcDDfIE7nyv+JB -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:45 2025 by rpki-client