This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa File: 9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa (raw, json) Hash identifier: X7aY+dRo5+NYOMVWNg0Hd1DiAfditJDufVg8x/H4STk= Subject key identifier: EC:B1:AF:EB:CD:B1:A5:BF:AF:E0:FC:E8:6B:5C:C7:BB:A0:07:C2:5E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 10357F04A17F4EDDFAFA8680D3AE0E03ABE0D526 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa Signing time: Wed 12 Nov 2025 03:00:05 +0000 ROA not before: Wed 12 Nov 2025 03:00:05 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d06c:c000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:35:7f:04:a1:7f:4e:dd:fa:fa:86:80:d3:ae:0e:03:ab:e0:d5:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 12 03:00:05 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=08a34815805a9ecc0af0731051a342e91592239bae4c0010e511799817fee47c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:63:1b:a2:9f:53:1c:50:0b:1f:74:0b:87:42: d0:f8:ce:47:3f:16:ed:a8:ff:5b:74:47:0e:09:b0: 95:d5:0f:8f:3e:70:e0:6a:f0:59:47:dc:38:c9:9a: f7:eb:95:96:12:0d:9c:4a:9d:c8:cd:a0:a4:35:4f: 16:9c:81:aa:54:31:f3:34:06:fd:e4:d7:b4:05:5e: 4e:42:63:83:8e:bf:0e:66:c2:89:d0:39:8e:f8:26: 0d:b3:67:7e:23:c7:ae:2d:52:d4:cb:ff:bc:b9:2b: b9:08:a7:4a:ca:4e:4d:83:06:ac:be:ff:4c:6b:82: b4:78:f1:0c:1a:28:6f:df:bb:c5:59:1c:63:fa:cb: db:00:4c:a5:f9:b7:08:e3:a3:1b:f5:a6:e1:c8:23: ab:ba:8e:f2:dc:bc:69:ae:3f:5c:61:fe:0c:01:76: 25:bb:ee:58:6c:92:aa:d4:1d:44:a6:95:66:06:b5: 9d:45:40:f6:c5:fd:ea:fc:86:70:b7:fe:d5:28:6f: 2c:93:55:80:91:d7:e0:9d:4b:0d:ff:48:d8:ee:b2: b3:a9:51:9b:f3:a4:d3:b5:34:4b:cf:1d:cd:1d:22: e9:1f:e0:7b:c9:a8:f6:53:2f:75:14:b8:c4:35:a2: 00:42:6e:c6:78:65:60:95:22:61:ac:25:8d:12:96: fa:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:B1:AF:EB:CD:B1:A5:BF:AF:E0:FC:E8:6B:5C:C7:BB:A0:07:C2:5E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d06c:c000::/48 Signature Algorithm: sha256WithRSAEncryption 9a:3f:bd:e4:1b:8a:8e:7b:b0:d6:6b:c0:ef:02:07:22:7d:ce: ec:de:5b:72:88:1b:fb:29:09:85:da:03:97:b7:1e:30:33:ad: 85:a6:57:21:ac:22:0a:1e:54:74:ac:eb:c6:57:59:12:26:61: c3:fd:71:51:92:82:3a:ed:e5:cc:ab:34:c2:0b:4e:25:56:89: 39:38:97:f5:64:aa:38:f3:d0:cf:79:3a:ba:26:0d:50:a3:d1: e4:6c:df:4d:0a:36:65:9b:7c:85:0f:70:58:9d:fc:0b:6a:4e: 27:d9:13:74:37:02:98:81:73:bc:2f:d6:11:88:7b:fd:7d:d9: 56:9c:4d:8b:a5:96:10:e8:7d:f2:31:f8:44:9d:97:98:bb:c6: 09:1e:d3:4f:28:e4:b3:6a:a1:54:00:1d:21:07:01:79:28:43: 84:cc:4a:a0:06:d5:c0:c6:11:4b:51:95:1e:ae:39:33:9c:0d: 29:8d:b2:b2:a1:a2:52:df:cf:36:8b:3c:56:2e:54:3b:7d:64: 96:01:40:28:53:d2:49:ec:a0:9e:05:e3:57:94:f7:86:c8:7c: a2:12:39:5b:f0:c0:6a:44:63:6a:79:23:e5:09:d8:62:ba:f4: 81:0a:af:f0:27:91:01:33:86:dd:ef:29:53:15:e2:e1:4a:94: fc:91:9e:a7 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUEDV/BKF/Tt36+oaA064OA6vg1SYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMTIwMzAwMDVaFw0yNTEyMTcyMzU5NTlaMHoxSTBHBgNV BAUTQDA4YTM0ODE1ODA1YTllY2MwYWYwNzMxMDUxYTM0MmU5MTU5MjIzOWJhZTRj MDAxMGU1MTE3OTk4MTdmZWU0N2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKhjG6KfUxxQCx90C4dC0PjORz8W7aj/W3RHDgmwldUPjz5w4GrwWUfcOMma 9+uVlhINnEqdyM2gpDVPFpyBqlQx8zQG/eTXtAVeTkJjg46/DmbCidA5jvgmDbNn fiPHri1S1Mv/vLkruQinSspOTYMGrL7/TGuCtHjxDBoob9+7xVkcY/rL2wBMpfm3 COOjG/Wm4cgjq7qO8ty8aa4/XGH+DAF2JbvuWGySqtQdRKaVZga1nUVA9sX96vyG cLf+1ShvLJNVgJHX4J1LDf9I2O6ys6lRm/Ok07U0S88dzR0i6R/ge8mo9lMvdRS4 xDWiAEJuxnhlYJUiYawljRKW+m8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTssa/r zbGlv6/g/OhrXMe7oAfCXjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv OWRmZThjNjUtZmQ1Yi00NTk3LWJlNGEtMGUwOTRjNTljNDBkLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GzA ADANBgkqhkiG9w0BAQsFAAOCAQEAmj+95BuKjnuw1mvA7wIHIn3O7N5bcogb+ykJ hdoDl7ceMDOthaZXIawiCh5UdKzrxldZEiZhw/1xUZKCOu3lzKs0wgtOJVaJOTiX 9WSqOPPQz3k6uiYNUKPR5GzfTQo2ZZt8hQ9wWJ38C2pOJ9kTdDcCmIFzvC/WEYh7 /X3ZVpxNi6WWEOh98jH4RJ2XmLvGCR7TTyjks2qhVAAdIQcBeShDhMxKoAbVwMYR S1GVHq45M5wNKY2ysqGiUt/PNos8Vi5UO31klgFAKFPSSeygngXjV5T3hsh8ohI5 W/DAakRjankj5QnYYrr0gQqv8CeRATOG3e8pUxXi4UqU/JGepw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:51 2025 by rpki-client