This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json) Hash identifier: TdMLHVIdh/tKWya5gQZKN3KqRDcehLNxRKJ0s/3FgCk= Subject key identifier: 55:BE:23:3F:E4:7C:1D:2A:70:14:EB:0D:23:10:36:2F:E4:2E:9E:5D Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 763B74B051F8D2558B671A4C5E981A0E59DB84E2 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa Signing time: Wed 10 Dec 2025 05:31:00 +0000 ROA not before: Wed 10 Dec 2025 05:31:00 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d032:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:3b:74:b0:51:f8:d2:55:8b:67:1a:4c:5e:98:1a:0e:59:db:84:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 05:31:00 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=989995da5787ab407a51db1df5870846e3f24014eb78d0accb95709941d64666, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:84:a3:2a:1e:4e:bd:37:7d:70:d9:89:f5:f8: 18:a9:87:0f:cf:4e:11:84:f7:3f:dd:00:50:99:13: 05:94:ae:06:8d:2c:ca:74:1c:ca:68:20:c0:aa:f4: 09:34:c8:1b:59:c6:35:80:6d:4f:03:3e:5d:ed:f3: e5:8a:51:dd:24:66:22:8b:7e:11:6a:c7:4c:0e:f4: 35:72:12:3e:52:95:8a:b0:d1:90:2c:87:bc:c7:9d: 8a:34:e7:4f:24:93:d1:d3:46:04:a5:4b:7d:62:ab: 1c:7d:80:f3:a5:cb:65:f8:0f:d8:16:3a:0a:ef:66: b0:b0:92:2b:b6:1e:b2:65:10:dd:ce:cf:0e:7b:50: e9:a5:34:b3:49:26:0e:e8:f1:56:b4:68:ae:e0:cb: 9f:41:fb:70:6d:6a:40:da:90:cc:4b:48:79:fd:6c: 21:47:dc:8a:e9:26:5b:17:e5:ca:7f:53:af:3a:38: 6c:25:bb:b5:ed:8a:bb:06:a0:66:12:e9:75:f3:3f: 94:07:f0:d9:7e:7b:b4:61:47:40:11:a3:e6:e3:84: ac:54:4e:80:3a:30:5f:f8:ae:50:f9:2f:19:71:be: c7:25:a7:6d:b6:50:00:e5:dc:a2:53:a4:c8:c5:1e: ae:e8:75:5b:b6:90:01:9f:0d:54:66:c5:1f:74:05: a8:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:BE:23:3F:E4:7C:1D:2A:70:14:EB:0D:23:10:36:2F:E4:2E:9E:5D X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d032:6000::/40 Signature Algorithm: sha256WithRSAEncryption 75:1d:f2:ed:42:ee:6e:67:ae:f2:da:8a:1a:8f:04:7c:ac:be: 9c:6a:c1:cc:29:0a:72:bb:99:36:ec:15:29:dd:b8:fa:a4:32: 01:21:c2:ed:6e:ef:44:76:e9:cc:eb:36:a7:3a:56:d1:18:cc: 2f:db:9a:03:6d:71:5a:ce:0b:88:f5:67:f7:a8:ae:3e:31:4f: 16:42:6e:1e:c0:3a:d2:f0:76:4a:4d:c3:0a:4e:9b:7b:44:6e: 66:c8:d8:80:0d:f2:b2:07:1f:9c:6c:8f:fc:51:13:de:5b:e4: a2:fe:81:a9:ba:c1:87:e7:ef:7b:8e:b7:94:bf:02:8b:88:12: b2:db:f3:3e:c5:7e:2e:1a:7a:86:3f:70:45:43:74:12:bf:2b: 78:7c:cb:8a:15:fa:88:8c:52:47:60:ae:36:86:1d:b3:f0:00: 92:1e:e9:4a:8a:15:fd:c1:e3:0b:ef:3d:ce:71:9d:f8:f8:eb: ea:17:fd:3f:35:e8:9a:cb:e8:f4:03:e4:9d:82:17:50:66:c7: bb:79:63:0e:d2:b7:16:70:01:51:fe:f3:63:76:0e:6f:da:3a: e3:34:65:86:7e:8f:6a:23:67:63:50:77:f5:74:e3:ef:cd:0c: 8a:28:fc:49:fd:12:ce:c7:0f:7c:b3:f7:09:41:ce:cd:ed:f4: 7e:3c:9a:f7 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUdjt0sFH40lWLZxpMXpgaDlnbhOIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNTMxMDBaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDk4OTk5NWRhNTc4N2FiNDA3YTUxZGIxZGY1ODcwODQ2ZTNmMjQwMTRlYjc4 ZDBhY2NiOTU3MDk5NDFkNjQ2NjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMuEoyoeTr03fXDZifX4GKmHD89OEYT3P90AUJkTBZSuBo0synQcymggwKr0 CTTIG1nGNYBtTwM+Xe3z5YpR3SRmIot+EWrHTA70NXISPlKVirDRkCyHvMedijTn TyST0dNGBKVLfWKrHH2A86XLZfgP2BY6Cu9msLCSK7YesmUQ3c7PDntQ6aU0s0km DujxVrRoruDLn0H7cG1qQNqQzEtIef1sIUfciukmWxflyn9Trzo4bCW7te2Kuwag ZhLpdfM/lAfw2X57tGFHQBGj5uOErFROgDowX/iuUPkvGXG+xyWnbbZQAOXcolOk yMUeruh1W7aQAZ8NVGbFH3QFqF8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVviM/ 5HwdKnAU6w0jEDYv5C6eXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg MA0GCSqGSIb3DQEBCwUAA4IBAQB1HfLtQu5uZ67y2ooajwR8rL6casHMKQpyu5k2 7BUp3bj6pDIBIcLtbu9EdunM6zanOlbRGMwv25oDbXFazguI9Wf3qK4+MU8WQm4e wDrS8HZKTcMKTpt7RG5myNiADfKyBx+cbI/8URPeW+Si/oGpusGH5+97jreUvwKL iBKy2/M+xX4uGnqGP3BFQ3QSvyt4fMuKFfqIjFJHYK42hh2z8ACSHulKihX9weML 7z3OcZ34+OvqF/0/Neiay+j0A+SdghdQZse7eWMO0rcWcAFR/vNjdg5v2jrjNGWG fo9qI2djUHf1dOPvzQyKKPxJ/RLOxw98s/cJQc7N7fR+PJr3 -----END CERTIFICATE-----Generated at Tue Dec 16 00:30:09 2025 by rpki-client