This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa File: 9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa (raw, json) Hash identifier: rsxNvKxe/RD0bD+WEb7HAqX/CzMKnPk/J5BoU+o+h68= Subject key identifier: 33:07:A8:07:E1:6A:9F:2E:20:C3:79:82:F4:8C:28:0B:F6:7E:AC:77 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 552200BC6A12353539FBE678D19B0F230796D1D2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa Signing time: Sat 06 Dec 2025 04:00:46 +0000 ROA not before: Sat 06 Dec 2025 04:00:46 +0000 ROA not after: Fri 06 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d07b:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:22:00:bc:6a:12:35:35:39:fb:e6:78:d1:9b:0f:23:07:96:d1:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 6 04:00:46 2025 GMT Not After : Mar 6 23:59:59 2026 GMT Subject: serialNumber=446802966abf201346adef6962939a94d25780da60f16873b19d1c100b397503, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:08:63:f7:5d:e7:d4:7a:d6:0d:44:00:1d:5a: 4e:43:30:bf:7d:5a:a7:ee:1b:8f:05:6c:f7:87:5e: 86:f4:17:bb:80:7d:12:a8:58:ee:5f:33:d5:4e:b4: 6e:db:53:e8:fa:08:7c:9b:09:da:90:1c:62:9b:b5: 99:0a:01:25:74:b8:dd:97:f0:45:bd:95:31:59:ee: 14:06:c5:6a:12:95:20:34:65:f2:53:12:8a:d0:d1: 3d:04:47:0c:8d:e6:3e:51:0e:cf:21:a6:e4:2e:80: 38:e9:3a:4a:97:a7:df:ce:89:f1:08:6b:79:2f:0c: c9:f9:0a:61:8f:7c:fe:a0:87:fe:1a:78:c2:91:74: 0f:f3:f1:e7:cf:2d:e5:bb:3e:4c:5b:bf:89:4a:76: ba:2f:18:75:ad:ed:0e:ea:5f:4f:09:eb:eb:28:ce: ab:6c:da:00:01:c2:b6:4a:1e:3c:c4:5f:d1:ec:03: 71:4a:12:a2:f8:68:cd:2a:6c:5f:df:f9:a5:dd:aa: 17:f3:06:86:a9:20:88:1e:0e:68:34:f7:3a:2d:82: 82:41:76:e2:dd:b5:40:a0:6d:fb:f4:2e:69:96:3b: 01:a8:36:70:0a:b9:d2:4d:84:15:36:0f:53:26:92: 00:64:84:3b:dd:f5:12:38:eb:36:85:a5:d4:8c:1a: 84:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:07:A8:07:E1:6A:9F:2E:20:C3:79:82:F4:8C:28:0B:F6:7E:AC:77 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5a5a5a-fd59-4048-875c-f0e74ec0a0f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d07b:e000::/40 Signature Algorithm: sha256WithRSAEncryption 1e:a2:bc:3d:99:f7:25:b6:18:bc:e9:90:5f:f6:d7:7f:b6:ac: d3:23:43:01:05:a7:ce:09:f4:c9:68:e9:f9:f9:81:81:40:ec: db:ff:e9:f4:16:ba:6a:56:ef:79:db:de:7f:fd:d9:c0:00:20: 37:2b:21:5c:ed:7d:c9:17:72:08:d6:13:8d:35:fd:86:f7:d4: 94:db:87:39:61:d4:a7:bf:c8:e1:5f:f8:a9:b2:41:32:dc:ad: d5:6b:f0:81:89:cb:29:57:90:0b:9d:7b:e3:57:45:7d:1a:2e: 6d:d0:2d:f0:25:df:27:4c:ac:c0:e6:92:65:b2:7e:33:14:cd: 12:be:04:b6:b6:b6:51:d4:28:90:56:5c:41:bd:b2:bc:ba:05: d7:08:38:68:6a:43:91:ed:05:7e:f1:09:17:35:0b:b3:a3:28: 19:0a:20:71:be:da:06:32:89:b4:96:c2:7b:4e:af:ad:78:cb: 53:72:d2:d7:f6:4d:56:89:9d:1b:e4:ad:16:62:26:83:1f:1d: 01:d6:1b:30:1d:16:4f:5a:0a:97:f1:b3:e4:e3:59:90:d0:29: 22:c7:c8:9d:2c:6f:fc:53:df:12:e2:e9:29:fc:3a:1c:02:e8: 7d:77:f8:00:3d:08:ce:b5:a9:9a:79:36:49:bd:ac:40:e5:23: 06:e6:4c:8d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUVSIAvGoSNTU5++Z40ZsPIweW0dIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMDYwNDAwNDZaFw0yNjAzMDYyMzU5NTlaMHoxSTBHBgNV BAUTQDQ0NjgwMjk2NmFiZjIwMTM0NmFkZWY2OTYyOTM5YTk0ZDI1NzgwZGE2MGYx Njg3M2IxOWQxYzEwMGIzOTc1MDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKcIY/dd59R61g1EAB1aTkMwv31ap+4bjwVs94dehvQXu4B9EqhY7l8z1U60 bttT6PoIfJsJ2pAcYpu1mQoBJXS43ZfwRb2VMVnuFAbFahKVIDRl8lMSitDRPQRH DI3mPlEOzyGm5C6AOOk6Spen386J8QhreS8MyfkKYY98/qCH/hp4wpF0D/Px588t 5bs+TFu/iUp2ui8Yda3tDupfTwnr6yjOq2zaAAHCtkoePMRf0ewDcUoSovhozSps X9/5pd2qF/MGhqkgiB4OaDT3Oi2CgkF24t21QKBt+/QuaZY7Aag2cAq50k2EFTYP UyaSAGSEO931EjjrNoWl1IwahPUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzB6gH 4WqfLiDDeYL0jCgL9n6sdzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OWE1YTVhNWEtZmQ1OS00MDQ4LTg3NWMtZjBlNzRlYzBhMGYxLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hvg MA0GCSqGSIb3DQEBCwUAA4IBAQAeorw9mfclthi86ZBf9td/tqzTI0MBBafOCfTJ aOn5+YGBQOzb/+n0FrpqVu95295//dnAACA3KyFc7X3JF3II1hONNf2G99SU24c5 YdSnv8jhX/ipskEy3K3Va/CBicspV5ALnXvjV0V9Gi5t0C3wJd8nTKzA5pJlsn4z FM0SvgS2trZR1CiQVlxBvbK8ugXXCDhoakOR7QV+8QkXNQuzoygZCiBxvtoGMom0 lsJ7Tq+teMtTctLX9k1WiZ0b5K0WYiaDHx0B1hswHRZPWgqX8bPk41mQ0Ckix8id LG/8U98S4ukp/DocAuh9d/gAPQjOtamaeTZJvaxA5SMG5kyN -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:56 2025 by rpki-client