This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa File: a0c32c3b-d8db-4386-9538-641f27723456.roa (raw, json) Hash identifier: /Dz7S6s5v1InURFb0j81hTmXf2hCXcAo1OZax5qqskY= Subject key identifier: A0:64:0E:A3:E4:43:38:03:0E:8D:3B:87:CB:63:4D:1F:FF:79:81:A1 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 566054DFC6C61F9FE69E5DA4E21696432A40EDEE Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa Signing time: Sat 29 Nov 2025 03:00:28 +0000 ROA not before: Sat 29 Nov 2025 03:00:28 +0000 ROA not after: Fri 27 Feb 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2a05:d059:5000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:60:54:df:c6:c6:1f:9f:e6:9e:5d:a4:e2:16:96:43:2a:40:ed:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 29 03:00:28 2025 GMT Not After : Feb 27 23:59:59 2026 GMT Subject: serialNumber=db0979cfa59f6de950357bda88cbab42912e55735c0d51eaca44f0fd54197ce5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:24:24:6e:c2:62:33:9c:ee:15:09:05:49:b5: f5:06:61:17:50:b7:85:b2:f0:8c:1f:f8:47:fc:79: b7:ae:ee:b9:28:45:eb:5e:be:bb:18:0e:bd:f0:af: ab:2e:7e:1a:62:ea:a5:ae:ce:22:7e:3a:df:54:6b: 5e:3d:b9:34:6c:ab:19:b0:fd:24:7e:23:6c:4f:43: 6b:1b:9d:f0:81:a2:78:f5:01:5f:a5:51:f2:dc:ac: bd:69:4f:24:17:07:19:27:62:67:37:b5:8a:d3:a7: 81:62:b2:54:56:34:ae:ee:10:e7:71:9d:db:37:ec: 51:1c:ce:00:a1:4b:b6:6f:92:6e:c5:b5:2b:35:8f: 72:d3:f8:cf:48:39:5e:5c:65:29:39:ee:36:3a:c4: 5b:72:72:05:dd:c9:9b:d4:91:65:21:5c:e9:22:a8: 99:27:ea:a9:e6:d1:45:78:2b:bd:b5:8a:1b:fb:9b: f8:e4:90:02:63:4f:17:2f:3d:ef:6c:9e:ba:17:f5: f3:2b:51:86:c7:5e:69:13:60:d5:e2:09:ff:48:07: 1c:f1:d3:c4:ba:29:c0:9d:a8:ff:d2:09:2a:4c:74: db:c1:06:19:d8:6e:35:d6:94:17:41:2c:ca:e7:ed: 2b:43:4e:3b:0f:2e:7b:53:92:bd:3b:b6:56:18:59: 6c:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:64:0E:A3:E4:43:38:03:0E:8D:3B:87:CB:63:4D:1F:FF:79:81:A1 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d059:5000::/40 Signature Algorithm: sha256WithRSAEncryption 0e:58:cf:76:6b:9a:cf:db:0d:18:de:5f:51:f3:82:c7:a7:fd: d1:f9:7b:e2:0e:9d:fd:0b:51:a9:ae:79:dc:9b:2a:a8:64:2f: 44:14:cf:fe:9d:a2:f8:e9:03:79:89:b5:57:84:69:63:ce:fc: c6:78:73:5e:c2:3e:a1:2b:f2:20:ef:42:5a:19:42:e1:f2:5b: 20:6b:9b:61:46:8f:11:91:94:87:46:a5:88:65:0d:a2:3b:b6: 71:82:25:01:09:d3:91:d1:2b:b7:1e:24:46:4b:c7:6b:4a:3e: ec:2a:25:22:17:de:c0:b2:63:df:0a:70:49:56:b0:4d:0c:46: c7:9c:e4:cb:c9:41:64:ee:c4:73:65:0a:aa:fd:8f:c5:db:9e: 06:33:7c:ad:ab:43:15:50:e4:42:ba:4b:6f:8e:87:fb:2b:37: 5c:6a:74:67:d0:55:21:1f:6a:77:33:65:38:e7:f9:da:d8:0f: cb:0c:73:f2:a3:fc:e9:93:c7:ed:35:10:dd:9c:01:c1:e7:f3: 13:e7:88:d2:d0:70:54:85:11:c0:ef:c9:07:20:c6:db:7a:68: 05:d6:fb:da:05:66:ee:97:7d:ee:5c:86:23:2a:d3:b3:a4:55: 17:08:7a:6c:de:51:f2:0f:92:60:9f:66:a9:02:84:82:71:1e: 69:d9:2d:64 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUVmBU38bGH5/mnl2k4haWQypA7e4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTExMjkwMzAwMjhaFw0yNjAyMjcyMzU5NTlaMHoxSTBHBgNV BAUTQGRiMDk3OWNmYTU5ZjZkZTk1MDM1N2JkYTg4Y2JhYjQyOTEyZTU1NzM1YzBk NTFlYWNhNDRmMGZkNTQxOTdjZTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANkkJG7CYjOc7hUJBUm19QZhF1C3hbLwjB/4R/x5t67uuShF616+uxgOvfCv qy5+GmLqpa7OIn4631RrXj25NGyrGbD9JH4jbE9Daxud8IGiePUBX6VR8tysvWlP JBcHGSdiZze1itOngWKyVFY0ru4Q53Gd2zfsURzOAKFLtm+SbsW1KzWPctP4z0g5 XlxlKTnuNjrEW3JyBd3Jm9SRZSFc6SKomSfqqebRRXgrvbWKG/ub+OSQAmNPFy89 72yeuhf18ytRhsdeaRNg1eIJ/0gHHPHTxLopwJ2o/9IJKkx028EGGdhuNdaUF0Es yuftK0NOOw8ue1OSvTu2VhhZbIcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgZA6j 5EM4Aw6NO4fLY00f/3mBoTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTBjMzJjM2ItZDhkYi00Mzg2LTk1MzgtNjQxZjI3NzIzNDU2LnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlQ MA0GCSqGSIb3DQEBCwUAA4IBAQAOWM92a5rP2w0Y3l9R84LHp/3R+XviDp39C1Gp rnncmyqoZC9EFM/+naL46QN5ibVXhGljzvzGeHNewj6hK/Ig70JaGULh8lsga5th Ro8RkZSHRqWIZQ2iO7ZxgiUBCdOR0Su3HiRGS8drSj7sKiUiF97AsmPfCnBJVrBN DEbHnOTLyUFk7sRzZQqq/Y/F254GM3ytq0MVUORCuktvjof7KzdcanRn0FUhH2p3 M2U45/na2A/LDHPyo/zpk8ftNRDdnAHB5/MT54jS0HBUhRHA78kHIMbbemgF1vva BWbul33uXIYjKtOzpFUXCHps3lHyD5Jgn2apAoSCcR5p2S1k -----END CERTIFICATE-----Generated at Sat Dec 6 11:47:26 2025 by rpki-client