This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa File: 99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa (raw, json) Hash identifier: G2PSeSooMAPZ+9bMz7xflj8rL5T5k5yXH3H6OOCwDTM= Subject key identifier: 4D:A8:F4:FC:09:D8:4B:A2:9C:03:25:36:3F:AB:B1:5E:74:2E:74:49 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 728DF5E3637D8A5F739CA7680857586D7EDD2AE9 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa Signing time: Thu 11 Dec 2025 00:00:09 +0000 ROA not before: Thu 11 Dec 2025 00:00:09 +0000 ROA not after: Wed 11 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d014:1000::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:8d:f5:e3:63:7d:8a:5f:73:9c:a7:68:08:57:58:6d:7e:dd:2a:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 11 00:00:09 2025 GMT Not After : Mar 11 23:59:59 2026 GMT Subject: serialNumber=5bd42806e5a06634e13518f5f3b8bcae3473364c69582cf67680ee31e60352c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:2f:15:11:76:97:3b:f6:7e:59:98:b0:8b:b8: c5:5b:84:47:aa:4e:80:8b:44:bc:8b:3c:64:08:b0: a8:00:95:2e:08:75:1e:4c:25:d4:e4:90:68:20:06: b2:4b:e2:31:f5:80:f4:dc:21:a1:1f:0e:16:1b:a0: 5f:d6:a1:dd:6b:ea:22:e0:24:cb:43:2f:11:ae:a9: 91:b8:d0:7d:c4:15:23:08:d3:c1:64:b2:12:4a:d1: 1e:91:1b:13:71:ef:92:72:4e:eb:1a:75:f7:9f:c7: b3:2c:81:42:8b:5d:f8:16:6d:e2:88:bb:b7:e1:02: c5:bf:86:cb:4d:38:32:d5:b1:bb:52:2d:a5:79:31: e7:fa:50:cf:c6:d0:80:b1:2b:95:b4:8a:43:d0:53: 17:f3:3a:9d:8c:81:79:04:6f:07:c9:f7:c0:a8:64: e4:7c:3f:0a:29:c3:3a:cd:41:7f:6c:64:67:95:e9: aa:41:bc:5e:a6:43:ca:9e:a6:52:37:5b:66:2f:f2: ca:7b:fe:4c:5e:c7:dc:87:d6:b0:c7:1c:9b:af:5e: 45:8b:ba:bb:f9:bb:18:9c:84:63:85:3d:75:9a:fb: ce:38:54:a3:10:c3:4c:a2:2e:9c:9a:8a:bd:13:2b: 12:42:86:e4:d6:0d:59:99:41:87:2c:3a:e9:8d:0c: 5d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:A8:F4:FC:09:D8:4B:A2:9C:03:25:36:3F:AB:B1:5E:74:2E:74:49 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d014:1000::/38 Signature Algorithm: sha256WithRSAEncryption 71:dd:60:17:21:40:9f:bd:57:98:4b:43:f5:c2:4e:8e:c4:d9: f3:a6:69:c1:2a:cb:d3:ab:0c:d8:17:b1:a6:d8:60:40:44:a0: 58:5a:48:d0:3c:8e:12:f3:01:06:22:6e:ed:1c:4a:8e:b8:37: f6:c5:d6:6d:80:68:07:03:de:ba:0d:92:21:a9:c3:51:3f:b5: fd:a4:a3:7b:cd:37:92:bc:29:76:95:36:ad:11:a8:87:15:fe: 7c:53:95:73:33:a1:e4:e6:26:f4:68:9b:3a:67:f6:bc:6c:ba: f6:8d:0b:29:06:6f:05:8b:fb:81:ec:75:a6:3c:ef:8b:95:ca: f2:b1:f4:5f:b5:c8:3c:b7:15:81:45:04:da:8a:10:50:f8:31: 42:ca:ea:dd:9d:01:12:f5:0c:d4:6b:99:66:e6:45:d8:d5:ec: 37:7e:85:07:6e:67:49:8d:22:49:aa:93:62:a6:fd:6e:ca:32: 44:8f:09:35:b0:d2:73:20:f1:c4:c9:e3:d8:fb:04:70:06:53: 6e:af:84:08:b6:21:24:62:c1:d5:4f:68:a6:31:9d:59:8f:15: e2:de:9f:8d:10:02:85:f7:6e:f4:7d:2f:13:c3:10:e2:78:e1: 96:e9:84:6f:dc:7b:fd:b9:b8:c1:e7:30:b6:d6:58:bf:f1:ea: b5:c8:5c:3a -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUco3142N9il9znKdoCFdYbX7dKukwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTEwMDAwMDlaFw0yNjAzMTEyMzU5NTlaMHoxSTBHBgNV BAUTQDViZDQyODA2ZTVhMDY2MzRlMTM1MThmNWYzYjhiY2FlMzQ3MzM2NGM2OTU4 MmNmNjc2ODBlZTMxZTYwMzUyYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJwvFRF2lzv2flmYsIu4xVuER6pOgItEvIs8ZAiwqACVLgh1Hkwl1OSQaCAG skviMfWA9NwhoR8OFhugX9ah3WvqIuAky0MvEa6pkbjQfcQVIwjTwWSyEkrRHpEb E3HvknJO6xp195/HsyyBQotd+BZt4oi7t+ECxb+Gy004MtWxu1ItpXkx5/pQz8bQ gLErlbSKQ9BTF/M6nYyBeQRvB8n3wKhk5Hw/CinDOs1Bf2xkZ5XpqkG8XqZDyp6m UjdbZi/yynv+TF7H3IfWsMccm69eRYu6u/m7GJyEY4U9dZr7zjhUoxDDTKIunJqK vRMrEkKG5NYNWZlBhyw66Y0MXYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNqPT8 CdhLopwDJTY/q7FedC50STAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OTliYzUyZjMtYjRmNS00NGViLTlhNTMtYzc0ZGEzZTk3MTNlLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQQ MA0GCSqGSIb3DQEBCwUAA4IBAQBx3WAXIUCfvVeYS0P1wk6OxNnzpmnBKsvTqwzY F7Gm2GBARKBYWkjQPI4S8wEGIm7tHEqOuDf2xdZtgGgHA966DZIhqcNRP7X9pKN7 zTeSvCl2lTatEaiHFf58U5VzM6Hk5ib0aJs6Z/a8bLr2jQspBm8Fi/uB7HWmPO+L lcrysfRftcg8txWBRQTaihBQ+DFCyurdnQES9QzUa5lm5kXY1ew3foUHbmdJjSJJ qpNipv1uyjJEjwk1sNJzIPHEyePY+wRwBlNur4QItiEkYsHVT2imMZ1ZjxXi3p+N EAKF9270fS8TwxDieOGW6YRv3Hv9ubjB5zC21li/8eq1yFw6 -----END CERTIFICATE-----Generated at Mon Dec 15 15:29:37 2025 by rpki-client